Niclas Mietz solidnerd

Keybase proof

I hereby claim:

I am solidnerd on github.
I am solidnerd (https://keybase.io/solidnerd) on keybase.
I have a public key whose fingerprint is 951D 73E2 24C8 DD59 5232 CA8C 1865 191C 862B E98B

To claim this, I am signing this object:

Enable Docker Remote API with TLS client verification

Docker's Remote API can be secured via TLS and client certificate verification.
First of all you need a few certificates and keys:

CA certificate
Server certificate
Server key
Client certificate
Client key

Create certificate files

Project Title

One Paragraph of project description goes here

Getting Started

These instructions will get you a copy of the project up and running on your local machine for development and testing purposes. See deployment for notes on how to deploy the project on a live system.

Prerequisites

OverEncrypt

This is a guide that I wrote to improve the default security of my website https://fortran.io , which has a certificate from LetsEncrypt. I'm choosing to improve HTTPS security and transparency without consideration for legacy browser support.

WARNING: if you mess up settings, lose your certificates, or decide to no longer maintain HTTPS certs, these steps can and will make your domain inaccessible.

I would recommend these steps only if you have a specific need for information security, privacy, and trust with your users, and/or maintain a separate secure.example.com domain which won't mess up your main site. If you've been thinking about hosting a site on Tor, then this might be a good option, too.

The best resources that I've found for explaining these steps are https://https.cio.gov , https://certificate-transparency.org , and https://twitter.com/konklone

	#!/bin/bash
	set -e
	set -o pipefail

	# kubectl convert is a plugin or binary that can be used
	# can be fetched from https://www.downloadkubernetes.com/
	#
	KUBECTL_CONVERT_BIN=$HOME/Downloads/kubectl-convert

	mkdir -p {pre,converted}

	# # # # # # # # # # # # # # # # # #
	# GitLab application config file #
	# # # # # # # # # # # # # # # # # #
	#
	########################### NOTE #####################################
	# This file should not receive new settings. All configuration options #
	# * are being moved to ApplicationSetting model! #
	# If a setting requires an application restart say so in that screen. #
	# If you change this file in a Merge Request, please also create #
	# a MR on https://gitlab.com/gitlab-org/omnibus-gitlab/merge_requests. #

	.terraform/
	*.pem
	*.tf
	*.tfstate
	*.yaml
	*.backup
	istio-*/
	cert-manager-*/
	*.swp
	env

	apiVersion: v1
	kind: ServiceAccount
	metadata:
	name: tiller
	namespace: kube-system
	---
	apiVersion: rbac.authorization.k8s.io/v1
	kind: ClusterRoleBinding
	metadata:
	name: tiller

	#!/bin/bash

	# An set of disks to ignore from partitioning and formatting
	BLACKLIST="/dev/sda\|/dev/sdb"
	# Base directory to hold the data* files
	DATA_BASE="/media"

	usage() {
	echo "Usage: $(basename $0) <new disk>"
	}

	#!/bin/bash
	# Copyright 2016 The Kubernetes Authors.
	#
	# Licensed under the Apache License, Version 2.0 (the "License");
	# you may not use this file except in compliance with the License.
	# You may obtain a copy of the License at
	#
	# http://www.apache.org/licenses/LICENSE-2.0
	#
	# Unless required by applicable law or agreed to in writing, software