OpenSSLでオレオレ証明書を作るワンライナー

 
カテゴリー Linux   タグ

ワンライナーで証明書を発行する

オレオレ証明書がとりあえず必要だけど、対話的に入力せずにワンライナーでつくりたい。

1
2
3
4
5
6
7
8
HOSTNAME=www.example.com

$openssl req -new -newkey rsa:4096 -days 3650 -nodes -x509 -subj "/C=JP/ST=Tokyo/L=Chiyoda/O=Dis/CN=${HOSTNAME}" -keyout ${HOSTNAME}.key -out ${HOSTNAME}.cert
Generating a RSA private key
...++++
...............................................................................................................................................................................................................................................................................................................................................................................................................................................++++
writing new private key to 'www.example.com.key'
-----

コメント・シェア

Gitで追跡を維持してファイル名を変更する

 
カテゴリー Git   タグ

フォルダ構成を変えると追跡できなくなる

ファイルを追跡したまま移動するには・・・?

1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
PS > git status
On branch master
Your branch is up to date with 'origin/master'.

Changes not staged for commit:
  (use "git add/rm <file>..." to update what will be committed)
  (use "git restore <file>..." to discard changes in working directory)
        deleted:    Dockerfile
        deleted:    app.py
        deleted:    docker-compose.yml
        deleted:    requirements.txt

Untracked files:
  (use "git add <file>..." to include in what will be committed)
        webapp/

追跡を維持したまま移動するにはgit mvを使う?

git mvを使えばrenamedと認識されるが、ワイルドカードは使えないしめんどくさい。

1
2
3
4
5
6
7
8
9
10
11
12
13
14
PS > git mv app.py webapp
PS > git mv docker-compose.yml webapp
PS > git mv Dockerfile webapp
PS > git mv requirements.txt webapp
PS > git status
On branch master
Your branch is up to date with 'origin/master'.

Changes to be committed:
  (use "git restore --staged <file>..." to unstage)
        renamed:    Dockerfile -> webapp/Dockerfile
        renamed:    app.py -> webapp/app.py
        renamed:    docker-compose.yml -> webapp/docker-compose.yml
        renamed:    requirements.txt -> webapp/requirements.txt

いやいや、ファイル名やフォルダ構成を変えるだけでgit mvは必要ない

gitはファイルの内容で判断するので、-Aオプションを実行するこでrenamedになる。
-Aを付けることで、全ての変更がaddされる。

1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
PS > git add . -A
warning: CRLF will be replaced by LF in webapp/Dockerfile.
The file will have its original line endings in your working directory
warning: CRLF will be replaced by LF in webapp/app.py.
The file will have its original line endings in your working directory
warning: CRLF will be replaced by LF in webapp/docker-compose.yml.
The file will have its original line endings in your working directory
warning: CRLF will be replaced by LF in webapp/requirements.txt.
The file will have its original line endings in your working directory
PS > git status
On branch master
Your branch is up to date with 'origin/master'.

Changes to be committed:
  (use "git restore --staged <file>..." to unstage)
        renamed:    Dockerfile -> webapp/Dockerfile
        renamed:    app.py -> webapp/app.py
        renamed:    docker-compose.yml -> webapp/docker-compose.yml
        renamed:    requirements.txt -> webapp/requirements.txt

コメント・シェア

Dockerでプライベートレジストリにイメージ登録する

 
カテゴリー Container   タグ

Dockerのプライベートレジストリをつかう

  • ローカルのデータファオルダdata/にリポジトリ作成
  • 証明書は./certsに保存
1
2
3
4
5
6
7
8
9
10
11
12
13
14
version: '3'

services:
    registry:
        image: registry:latest
        #restart: always
        ports:
            - 5000:5000
        volumes:
            - ./data:/var/lib/registry:rw
            - ./certs:/certs
        environment:
            REGISTRY_HTTP_TLS_CERTIFICATE: /certs/myregistry.cert
            REGISTRY_HTTP_TLS_KEY: /certs/myregistry.key

起動する

1
2
3
4
5
6
7
8
9
PS > docker-compose up
Docker Compose is now in the Docker CLI, try `docker compose up`

Starting docker-registry_registry_1 ... done
registry_1  | time="2021-06-04T13:33:11.1124135Z" level=warning msg="No HTTP secret provided - generated random secret. This may cause problems with uploads if multiple registries are behind a load-balancer. To provide a shared secret, fill in http.secret in the configuration file or set the REGISTRY_HTTP_SECRET environment variable." go.version=go1.11.2 instance.id=aa8cf638-64be-49d6-b66a-5f6fd1167cd4 service=registry version=v2.7.1
registry_1  | time="2021-06-04T13:33:11.112522Z" level=info msg="redis not configured" go.version=go1.11.2 instance.id=aa8cf638-64be-49d6-b66a-5f6fd1167cd4 service=registry version=v2.7.1
registry_1  | time="2021-06-04T13:33:11.1126419Z" level=info msg="Starting upload purge in 29m0s" go.version=go1.11.2 instance.id=aa8cf638-64be-49d6-b66a-5f6fd1167cd4 service=registry version=v2.7.1
registry_1  | time="2021-06-04T13:33:11.1199872Z" level=info msg="using inmemory blob descriptor cache" go.version=go1.11.2 instance.id=aa8cf638-64be-49d6-b66a-5f6fd1167cd4 service=registry version=v2.7.1
registry_1  | time="2021-06-04T13:33:11.1256163Z" level=info msg="listening on [::]:5000, tls" go.version=go1.11.2 instance.id=aa8cf638-64be-49d6-b66a-5f6fd1167cd4 service=registry version=v2.7.1

プライベートリポジトリにイメージを登録する

dockerイメージにタグ付けする

[REGISTRYHOST/][USERNAME/]NAME[:TAG]がタグになる。
今回のレジストリではUSERNAMEはないので[REGISTRYHOST/]NAME[:TAG]となり、localhost:5000/ubuntu:latestである。

1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
PS > docker pull ubuntu:latest
latest: Pulling from library/ubuntu
345e3491a907: Pull complete
57671312ef6f: Pull complete
5e9250ddb7d0: Pull complete
Digest: sha256:adf73ca014822ad8237623d388cedf4d5346aa72c270c5acc01431cc93e18e2d
Status: Downloaded newer image for ubuntu:latest
docker.io/library/ubuntu:latest

PS > docker image ls ubuntu
REPOSITORY   TAG       IMAGE ID       CREATED       SIZE
ubuntu       latest    7e0aa2d69a15   5 weeks ago   72.7MB

PS > docker tag ubuntu:latest localhost:5000/ubuntu:latest

PS > docker image ls localhost:5000/ubuntu
REPOSITORY              TAG       IMAGE ID       CREATED       SIZE
localhost:5000/ubuntu   latest    7e0aa2d69a15   5 weeks ago   72.7MB

Dockerイメージをpushする

対象イメージをpushすると設定したREGISTRYHOSTにpushされる。

1
2
3
4
5
6
PS > docker push localhost:5000/ubuntu:latest
The push refers to repository [localhost:5000/ubuntu]
2f140462f3bc: Pushed
63c99163f472: Pushed
ccdbb80308cc: Pushed
latest: digest: sha256:86ac87f73641c920fb42cc9612d4fb57b5626b56ea2a19b894d0673fd5b4f2e9 size: 943

Dockerイメージをpullする

1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
PS > docker image ls
ubuntu                                          latest     7e0aa2d69a15   6 weeks ago     72.7MB
localhost:5000/ubuntu                           latest     7e0aa2d69a15   6 weeks ago     72.7MB

PS > docker rmi -f 7e0aa2d69a15
Untagged: ubuntu:latest
Untagged: ubuntu@sha256:adf73ca014822ad8237623d388cedf4d5346aa72c270c5acc01431cc93e18e2d
Untagged: localhost:5000/ubuntu:latest
Untagged: localhost:5000/ubuntu@sha256:86ac87f73641c920fb42cc9612d4fb57b5626b56ea2a19b894d0673fd5b4f2e9
Deleted: sha256:7e0aa2d69a153215c790488ed1fcec162015e973e49962d438e18249d16fa9bd
Deleted: sha256:3dd8c8d4fd5b59d543c8f75a67cdfaab30aef5a6d99aea3fe74d8cc69d4e7bf2
Deleted: sha256:8d8dceacec7085abcab1f93ac1128765bc6cf0caac334c821e01546bd96eb741
Deleted: sha256:ccdbb80308cc5ef43b605ac28fac29c6a597f89f5a169bbedbb8dec29c987439

PS > docker pull localhost:5000/ubuntu:latest
latest: Pulling from ubuntu
345e3491a907: Pull complete
57671312ef6f: Pull complete
5e9250ddb7d0: Pull complete
Digest: sha256:86ac87f73641c920fb42cc9612d4fb57b5626b56ea2a19b894d0673fd5b4f2e9
Status: Downloaded newer image for localhost:5000/ubuntu:latest
localhost:5000/ubuntu:latest

PS > docker image ls
REPOSITORY                                      TAG        IMAGE ID       CREATED         SIZE
localhost:5000/ubuntu                           latest     7e0aa2d69a15   6 weeks ago     72.7MB

コメント・シェア

  • page 1 of 1


nullpo

めも


募集中


Japan