Secure your Docker passwords with Hashicorp Vault and Ansible (Part 2: Automate Docker startup with Ansible)
In the first part I showed how to set up Hashicorp. Now the whole thing will be automated.
Secure your Docker passwords with Hashicorp Vault and Ansible (Part 1: Configure Hashicorp Vault)
Hashicorp Vault is an incredible tool when it comes to keeping passwords safe on the server. Using Authelia as an example, I will show how to keep Docker passwords secure on the server even without Docker swarm.
Inject Nextcloud secrets via environment variables
Few know that you can also configure Nextcloud via environment variables. With this possibility you can save the storage of passwords in the Nextcloud config.php.
Sandbox Systemd Units
What many do not know is that SystemD offers the possibility to restrict services and very easily displays the exposure level.
Send encrypted logs to Graylog (Part 1: Linux machines)
Graylog is a log aggregation tool that makes it easy to read and analyze logs due to its Elasticsearch or Opensearch implementation. Unfortunately it is not possible to exchange Graylog with old known tools like rsyslog. Rsyslog uses UDP as protocol, which is basically unencrypted (exception QUIC).