Docker's Remote API can be secured via TLS and client certificate verification.
First of all you need a few certificates and keys:
- CA certificate
- Server certificate
- Server key
- Client certificate
- Client key
Frederic R. fredericrous
🏑
fredericrous
/ 1-Enable Docker Remote API with TLS client verification.md
Created
May 5, 2020 11:12
— forked from kekru/1-Enable Docker Remote API with TLS client verification.md
Docker Remote API with client verification via daemon.json
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| /* | |
| Clean Docker job on every slaves | |
| Removes stopped containers. Delete unused images. | |
| Triggers every day at 7AM | |
| */ | |
| // The ArrayList of slaves is not serializable, so fetching them should be marked as @NonCPS so that | |
| // no attempt is made to serialize and save the local state of the function. See here for details: | |
| // https://github.com/jenkinsci/pipeline-plugin/blob/master/TUTORIAL.md#serializing-local-variables | |
| @NonCPS |
fredericrous
/ gist:f4d4756f8119b248126cd51082065345
Created
October 12, 2019 16:55
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| 2019/10/12 18:51:46 [INFO] Terraform version: 0.12.9 | |
| 2019/10/12 18:51:46 [INFO] Go runtime version: go1.13 | |
| 2019/10/12 18:51:46 [INFO] CLI args: []string{"/usr/local/bin/terraform", "apply", "-auto-approve", "--var", "pwd=/root/test", "."} | |
| 2019/10/12 18:51:46 [DEBUG] Attempting to open CLI config file: /Users/user1/.terraformrc | |
| 2019/10/12 18:51:46 [DEBUG] File doesn't exist, but doesn't need to. Ignoring. | |
| 2019/10/12 18:51:46 [INFO] CLI command args: []string{"apply", "-auto-approve", "--var", "pwd=/root/test", "."} | |
| 2019/10/12 18:51:46 [DEBUG] New state was assigned lineage "d136c22d-2820-455a-bd32-14369f40259f" | |
| 2019/10/12 18:51:46 [TRACE] Meta.Backend: using default local state only (no backend configuration, and no existing initialized backend) | |
| 2019/10/12 18:51:46 [TRACE] Meta.Backend: instantiated backend of type <nil> | |
| 2019/10/12 18:51:46 [DEBUG] checking for provider in "." |
fredericrous
/ terraform_docker.log
Created
September 30, 2019 21:11
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| > /O/t/homelab on master ⨯ terraform apply 22:58:56 | |
| 2019/09/30 22:59:00 [INFO] Terraform version: 0.12.9 | |
| 2019/09/30 22:59:00 [INFO] Go runtime version: go1.13 | |
| 2019/09/30 22:59:00 [INFO] CLI args: []string{"/usr/local/bin/terraform", "apply"} | |
| 2019/09/30 22:59:00 [DEBUG] Attempting to open CLI config file: /Users/i301937/.terraformrc | |
| 2019/09/30 22:59:00 [DEBUG] File doesn't exist, but doesn't need to. Ignoring. | |
| 2019/09/30 22:59:00 [INFO] CLI command args: []string{"apply"} | |
| 2019/09/30 22:59:00 [DEBUG] New state was assigned lineage "ba7a2fbd-c69f-3095-6c0f-81581d4f2de3" | |
| 2019/09/30 22:59:00 [TRACE] Meta.Backend: using default local state only (no backend configuration, and no existing initialized backend) | |
| 2019/09/30 22:59:00 [TRACE] Meta.Backend: instantiated backend of type <nil> |
fredericrous
/ gandiDynamicIP.py
Last active
April 1, 2018 22:42
Update gandi domain with dynamic IP from orange (livebox3). who needs dyndns =B. Usage: ./gandiDynamicIP.py
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| #!/usr/bin/env python | |
| # | |
| # Update ip of a domain like dyndns would but on gandi | |
| # | |
| # author: Zougi | |
| import urllib, urllib2, json | |
| from livebox3IP import externalIP | |
| def getIP(domain, apikey): |
fredericrous
/ pipeline.gdsl
Last active
September 11, 2019 09:39
— forked from ggarcia24/pipeline.gdsl
GDSL supporting pipeline declarative
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| //The global script scope | |
| def ctx = context(scope: scriptScope()) | |
| //What things can be on the script scope | |
| contributor(ctx) { | |
| method(name: 'pipeline', type: 'Object', params: [body: Closure]) | |
| property(name: 'params', type: 'org.jenkinsci.plugins.workflow.cps.ParamsVariable') | |
| property(name: 'env', type: 'org.jenkinsci.plugins.workflow.cps.EnvActionImpl.Binder') | |
| property(name: 'currentBuild', type: 'org.jenkinsci.plugins.workflow.cps.RunWrapperBinder') | |
| property(name: 'scm', type: 'org.jenkinsci.plugins.workflow.multibranch.SCMVar') |
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| #!/bin/sh | |
| ### BEGIN INIT INFO | |
| # Provides: jenkins-slave | |
| # Required-Start: | |
| # Required-Stop: | |
| # Default-Start: 2 3 4 5 | |
| # Default-Stop: 0 1 6 | |
| # Short-Description: jenkins-slave | |
| # Description: jenkins slave | |
| ### END INIT INFO |