Docker's Remote API can be secured via TLS and client certificate verification.
First of all you need a few certificates and keys:
- CA certificate
- Server certificate
- Server key
- Client certificate
- Client key
Sudo su | |
Install Node Exporter: | |
docker run -d --net="host" --pid="host" -v "/:/host:ro,rslave" quay.io/prometheus/node-exporter:latest --path.rootfs=/host | |
Create Prometheus Config: | |
nano prometheus.yml |
#!/usr/bin/env bash | |
OS=`uname -s` | |
if [ $OS != "Darwin" ]; then | |
echo "This script is OSX-only. Please do not run it on any other Unix." | |
exit 1 | |
fi | |
if [[ $EUID -eq 0 ]]; then |
#!/usr/bin/env bash | |
: ' Script that enables TLS for Docker service in Ubuntu 16.x | |
This script is intended to be run as root for current user | |
It; | |
- Generates the keys | |
- Creates the daemon.json Docker config file |
#!/usr/bin/env bash -euo pipefail | |
curl -X PUT "https://api.cloudflare.com/client/v4/zones/$CLOUDFLARE_ZONE/dns_records/$CLOUDFLARE_DNS_ID" \ | |
-H "Authorization: Bearer $CLOUDFLARE_TOKEN" \ | |
-H "Content-Type: application/json" \ | |
--data '{"type":"A","name":"'$CLOUDFLARE_DNS_NAME'","content":"'$CLOUDFLARE_DNS_CONTENT'","ttl":1,"proxied":true}' |
I hereby claim:
To claim this, I am signing this object:
Verifying my Blockstack ID is secured with the address 138s2TV7uAz8MPtFs8MWucMa4rmJ7zRaRt https://explorer.blockstack.org/address/138s2TV7uAz8MPtFs8MWucMa4rmJ7zRaRt |
<!doctype html> | |
<html> | |
<head> | |
<title>SSH Client</title> | |
<script type="text/javascript" src="//cdnjs.cloudflare.com/ajax/libs/socket.io/1.3.5/socket.io.min.js"></script> | |
<script type="text/javascript" src="//cdnjs.cloudflare.com/ajax/libs/jquery/2.1.4/jquery.min.js"></script> | |
<style> | |
body { | |
margin: 0; | |
padding: 0; |
<?php | |
class DefaultController extends Controller | |
{ | |
/** | |
* Dashboard page. | |
* @Permissions(perm="dashboard_view") | |
* @Route("/", name="ITEDashboardBundle_index") | |
* @Template() | |
* @return array |
A Pen by Daniel Stancu on CodePen.