For educational reasons I've decided to create my own CA. Here is what I learned.
Lets get some context first.
21d5
/ Dockerfile
Created
April 29, 2020 11:23
— forked from hermanbanken/Dockerfile
Compiling NGINX module as dynamic module for use in docker
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| FROM nginx:alpine AS builder | |
| # nginx:alpine contains NGINX_VERSION environment variable, like so: | |
| # ENV NGINX_VERSION 1.15.0 | |
| # Our NCHAN version | |
| ENV NCHAN_VERSION 1.1.15 | |
| # Download sources | |
| RUN wget "http://nginx.org/download/nginx-${NGINX_VERSION}.tar.gz" -O nginx.tar.gz && \ |
21d5
/ dynamic-nginx-module-ubuntu-18.04.sh
Created
April 29, 2020 06:29
— forked from excid3/dynamic-nginx-module-ubuntu-18.04.sh
How to compile a dynamic nginx module for Ubuntu 18.04
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| # Install dependencies that nginx was originally compiled with | |
| sudo apt install libperl-dev libgeoip-dev libgd-dev | |
| # Get the nginx source | |
| wget https://nginx.org/download/nginx-1.14.0.tar.gz | |
| tar zxf nginx-1.14.0.tar.gz | |
| # Get the module source | |
| wget https://github.com/fdintino/nginx-upload-module/archive/master.zip | |
| unzip master.zip |
21d5
/ dynamic-nginx-module-ubuntu-18.04.sh
Created
April 29, 2020 06:29
— forked from excid3/dynamic-nginx-module-ubuntu-18.04.sh
How to compile a dynamic nginx module for Ubuntu 18.04
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| # Install dependencies that nginx was originally compiled with | |
| sudo apt install libperl-dev libgeoip-dev libgd-dev | |
| # Get the nginx source | |
| wget https://nginx.org/download/nginx-1.14.0.tar.gz | |
| tar zxf nginx-1.14.0.tar.gz | |
| # Get the module source | |
| wget https://github.com/fdintino/nginx-upload-module/archive/master.zip | |
| unzip master.zip |
21d5
/ ca.md
Created
May 22, 2019 03:47
— forked from soarez/ca.md
How to setup your own CA with OpenSSL
21d5
/ README.md
Created
October 8, 2018 11:29
— forked from int128/README.md
GitLab SAML SSO with Keycloak
21d5
/ FreeRadius + FreeIPA
Created
June 19, 2018 02:58
— forked from tiran/FreeRadius + FreeIPA
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| # create keytab for radius user | |
| ipa-getkeytab -p 'radius/HOSTNAME' -k /etc/raddb/radius.keytab | |
| chown root:radiusd /etc/raddb/radius.keytab | |
| chmod 640 /etc/raddb/radius.keytab | |
| # make radius use the keytab for SASL GSSAPI | |
| mkdir -p /etc/systemd/system/radiusd.service.d | |
| cat > /etc/systemd/system/radiusd.service.d/krb5_keytab.conf << EOF | |
| [Service] | |
| Environment=KRB5_CLIENT_KTNAME=/etc/raddb/radius.keytab |