Secure repository

Buy Database Forum Highlights Big Data’s Global Impact
Post Reply
rosebaby3892
Posts: 422
Joined: Wed Dec 18, 2024 4:34 am

Secure repository

Post by rosebaby3892 »

Setup the secure repository proxy
We will start by creating a folder for the reverse proxy. This folder will hold the information needed to build a docker image specific for our need. It will hold the configuration for the proxy, which will be Nginx , and it will hold the certificates. This is the quickest and easiest way to build an image, but lacks some re-use potential. For now we will proceed with this simple telegram data setup, and we will use self-signed certificates.

In the demo folder, run the following commands.

mkdir reverse
cd reverse
mkdir certs

openssl req
-newkey rsa:4096 -nodes -sha256 -keyout certs/domain.key
-x509 -days 365 -out certs/domain.crtCopy
You will be asked to fill in some details like your organization name etc. These can be entered as you like. The only important question is the FQDN . This is the name by which the user will access the docker repository. This can be an official domain name you own, like docker.mycompany.com, a domain name setup on your local network, a well known ip number (not user friendly), or (like I am using for local development) you can choose a name like mydocker , and add a mapping from  mydocker to the correct ip number in your host file on every computer that is using the repository. (Requires root permissions on the clients).

You will see something like this:


writing new private key to 'certs/domain.key'
-----
You are about to be asked to enter information that will be incorporated
into your certificate request.
What you are about to enter is what is called a Distinguished Name or a DN.
There are quite a few fields but you can leave some blank
For some fields there will be a default value,
If you enter '.', the field will be left blank.
-----
Country Name (2 letter code) [AU]:NL
State or Province Name (full name) [Some-State]:North Brabant
Locality Name (eg, city) []:Helmond
Organization Name (eg, company) [Internet Widgits Pty Ltd]:Rubix
Organizational Unit Name (eg, section) []:
Common Name (eg server FQDN or YOUR name) []:mydocker
Email Address []:barry@b*********cker.nlCopy
You will now see two files in the certs folder: a domain.crt file containing your  public certificate, and a domain.key file containing the  private key . Make sure to keep the last one secret, and only use it on the reverse proxy.
Top
Post Reply

Return to “Buy Database”