The plan is to create a pair of executables (ngrok and ngrokd) that are connected with a self-signed SSL cert. Since the client and server executables are paired, you won't be able to use any other ngrok to connect to this ngrokd, and vice versa.
Add two DNS records: one for the base domain and one for the wildcard domain. For example, if your base domain is domain.com, you'll need a record for that and for *.domain.com.
| <?xml version="1.0" encoding="utf-8"?> | |
| <unattend xmlns="urn:schemas-microsoft-com:unattend"> | |
| <settings pass="generalize"> | |
| <component name="Microsoft-Windows-Security-SPP" processorArchitecture="amd64" publicKeyToken="31bf3856ad364e35" language="neutral" versionScope="nonSxS" xmlns:wcm="http://schemas.microsoft.com/WMIConfig/2002/State" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"> | |
| <SkipRearm>1</SkipRearm> | |
| </component> | |
| <component name="Microsoft-Windows-PnpSysprep" processorArchitecture="amd64" publicKeyToken="31bf3856ad364e35" language="neutral" versionScope="nonSxS" xmlns:wcm="http://schemas.microsoft.com/WMIConfig/2002/State" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"> | |
| <PersistAllDeviceInstalls>false</PersistAllDeviceInstalls> | |
| <DoNotCleanUpNonPresentDevices>false</DoNotCleanUpNonPresentDevices> | |
| </component> |
| #!/bin/bash | |
| # | |
| # Generates client and server certificates used to enable HTTPS | |
| # remote authentication to a Docker daemon. | |
| # | |
| # See http://docs.docker.com/articles/https/ | |
| # | |
| # To start the Docker Daemon: | |
| # | |
| # sudo docker -d \ |
| // You don't want to serve HTTPS supporting for SSL3.0 any longer, see: | |
| // http://googleonlinesecurity.blogspot.de/2014/10/this-poodle-bites-exploiting-ssl-30.html | |
| import ( | |
| "crypto/tls" | |
| "net/http" | |
| ) | |
| // This code supports SSL3.0, TLS1.0, TLS1.1 and TLS1.2 | |
| // Chances are you currently do this but want to stop due to the POODLE | |
| err := http.ListenAndServeTLS(addr, "crtfile", "keyfile", handler) |
| #!/bin/bash | |
| if [ $# -lt 2 ]; then | |
| echo "Usage: $0 [domain to connect] [password]" | |
| exit 1 | |
| fi | |
| set -e | |
| red='\033[0;31m' |
This gist is an implementation of http://sirile.github.io/2015/05/18/using-haproxy-and-consul-for-dynamic-service-discovery-on-docker.html on top of Docker Machine and Docker Swarm.
| // | |
| // tested with kerberos 0.0.12 on linux against apache running mod_auth_kerb with Samba AD providing KDC | |
| // | |
| var Kerberos = require('kerberos').Kerberos; | |
| var kerberos = new Kerberos(); | |
| var http = require('http'); | |
| function httpget(opts, callback) { | |
| console.log('submitting to '+(opts.hostname||opts.host)+' with authorization header: '+(opts.headers||{}).authorization); | |
| var req = http.get(opts, function(res) { |
| #!/bin/bash | |
| set -e | |
| # Send a private message to someone on slack | |
| # from the command line. | |
| # Print a usage message and exit. | |
| usage(){ | |
| local name=$(basename "$0") |
| # Docker Machine for Consul | |
| docker-machine \ | |
| create \ | |
| -d virtualbox \ | |
| consul-machine | |
| # Start Consul | |
| docker $(docker-machine config consul-machine) run -d --restart=always \ | |
| -p "8500:8500" \ | |
| -h "consul" \ |