Docker's Remote API can be secured via TLS and client certificate verification.
First of all you need a few certificates and keys:
- CA certificate
- Server certificate
- Server key
- Client certificate
- Client key
.terraform/ | |
*.pem | |
*.tf | |
*.tfstate | |
*.yaml | |
*.backup | |
istio-*/ | |
cert-manager-*/ | |
*.swp | |
env |
#!/bin/bash | |
# An set of disks to ignore from partitioning and formatting | |
BLACKLIST="/dev/sda|/dev/sdb" | |
# Base directory to hold the data* files | |
DATA_BASE="/media" | |
usage() { | |
echo "Usage: $(basename $0) <new disk>" | |
} |
This is a guide that I wrote to improve the default security of my website https://fortran.io , which has a certificate from LetsEncrypt. I'm choosing to improve HTTPS security and transparency without consideration for legacy browser support.
I would recommend these steps only if you have a specific need for information security, privacy, and trust with your users, and/or maintain a separate secure.example.com domain which won't mess up your main site. If you've been thinking about hosting a site on Tor, then this might be a good option, too.
The best resources that I've found for explaining these steps are https://https.cio.gov , https://certificate-transparency.org , and https://twitter.com/konklone
screen ~/Library/Containers/com.docker.docker/Data/com.docker.driver.amd64-linux/tty
screen -AmdS docker ~/Library/Containers/com.docker.docker/Data/com.docker.driver.amd64-linux/tty
screen -r docker
# enter, then disconnect with Ctrl-a d
screen -S docker -p 0 -X stuff $(printf root\\r\\n)
screen -r docker
Version numbers should be the ones you want. Here I do it with the last ones available at the moment of writing.
The simplest way to install elixir is using your package manager. Sadly, at the time of writing only Fedora shows
the intention to keep its packages up to date. There you can simply sudo dnf install erlang elixir
and you are good to go.
Anyway, if you intend to work with several versions of erlang or elixir at the same time, or you are tied to
a specific version, you will need to compile it yourself. Then kerl
and exenv
are your best friends.