Setting up a semi-automated TLS proxy
At home I use Fedora's Project Atomic to run containers for services I use in my home. I only have one IPv4 address, so it has to be shared between all the services. This solution makes my life simple because I just add a new hostname into DNS with a CNAME pointing to my single IPv4, wait a few minutes, and then bring up the service with a SystemD
Special setup for Docker
Since many people have moved off of Docker to other container solutions, this might not apply to the current situation. However, I use a binary called
systemd-docker to launch all my docker containers to make some
.service file setup more pleasant. Instead of adding "
-e ENVVAR=value" in the
ExecStart line of the
.service file, I can add a line that simply says
ENVIRONMENT=ENVVAR=value by itself.
This part is not that important and may be removed from the below files because it's sensitive to how your Distribution sets up cgroups.