vmatekole

#!/bin/bash
# Cloud-config for CoreOS IPXE deployment on Vultr
##################################################
# This cloud-config bootstraps CoreOS on /dev/vda and provisions:
# - private ip-address on eth1
# - basic firewall (docker compatible)
# - SSHd security hardening
##################################################
# Usage:
# 1. Fill in region, SSH Key and etcd token.

vmatekole

#!/bin/bash
# Generate self-cert certificates for Docker socket. I have tried many tutorials including http://tech.paulcz.net/2016/01/secure-docker-with-tls/
# None worked... So I took the official steps from Docker docs - https://docs.docker.com/engine/security/https/ and placed them 
# in a script. Please ensure that you replace the IP addresses/DNS names denoted in X with IP's and hostnames you wish to allow
# to connect with your daemon, normally 127.0.0.1 is always required and the hostname of your server. If you have a coreos cluster
# placing IP's and hostnames of each node maybe preferable over creating unique certs for each node.
# This script does not cover the steps for copying your certs to the relevant locations, as per the following document - https://docs.docker.com/engine/security/https/
# 1. In our production setup we copy server.key, server-cert.pem and ca-cert.pem to /etc/docker/ssl
# 2. Client certs(ca.pem,cert.pem,key.pem) are copied to user dir in our case user core - /home/core/.docker/