42-inception

install docker on virtual machine

You need to install Docker on your virtual machine to create and run Docker containers. Here are the steps to install Docker and create a Dockerfile for NGINX with TLSv1.2 or TLSv1.3 only:

Update the package list:
```
sudo apt update
```

Install required packages:

sudo apt install apt-transport-https ca-certificates curl gnupg lsb-release

Add Docker’s official GPG key:

curl -fsSL https://download.docker.com/linux/debian/gpg | sudo gpg --dearmor -o /usr/share/keyrings/docker-archive-keyring.gpg

Set up the stable repository:

echo "deb [arch=$(dpkg --print-architecture) signed-by=/usr/share/keyrings/docker-archive-keyring.gpg] https://download.docker.com/linux/debian $(lsb_release -cs) stable" | sudo tee /etc/apt/sources.list.d/docker.list > /dev/null

Install Docker Engine:

sudo apt update
sudo apt install docker-ce docker-ce-cli containerd.io

Verify Docker installation:
```
sudo docker run hello-world
```

Create a Dockerfile for NGINX with TLSv1.2 or TLSv1.3

Create a directory for your Dockerfile:
```
mkdir nginx-tls
cd nginx-tls
```

Create a Dockerfile:

# filepath: nginx-tls/Dockerfile
FROM nginx:alpine

# Install OpenSSL
RUN apk add --no-cache openssl

# Copy custom NGINX configuration
COPY nginx.conf /etc/nginx/nginx.conf

# Expose port 443 for HTTPS
EXPOSE 443

CMD ["nginx", "-g", "daemon off;"]

Create an NGINX configuration file:

# filepath: nginx-tls/nginx.conf
events {}

http {
    server {
        listen 443 ssl;

        ssl_protocols TLSv1.2 TLSv1.3;
        ssl_certificate /etc/nginx/ssl/nginx.crt;
        ssl_certificate_key /etc/nginx/ssl/nginx.key;

        location / {
            root /usr/share/nginx/html;
            index index.html;
        }
    }
}

Generate self-signed SSL certificates:

mkdir -p nginx/ssl
openssl req -x509 -nodes -days 365 -newkey rsa:2048 -keyout nginx/ssl/nginx.key -out nginx/ssl/nginx.crt -subj "/CN=localhost"

Build the Docker image:
```
sudo docker build -t nginx .
```

Run the Docker container:

sudo docker run -d -p 443:443 --name nginx-tls-container nginx-tls

This will set up an NGINX container with TLSv1.2 and TLSv1.3 only.

Similar code found with 1 license type

why the GPG key is added?

Adding Docker’s official GPG key ensures that the Docker packages you download are authentic and have not been tampered with. This step is crucial for security reasons, as it verifies the integrity and origin of the packages.

Here’s a brief explanation of the steps involved:

GPG Key: The GPG key is used to sign Docker packages. By adding Docker’s official GPG key to your system, you allow your package manager to verify the authenticity of the Docker packages.
Repository Setup: When you add the Docker repository to your system, the package manager will use the GPG key to check the signatures of the packages. This ensures that the packages are from Docker and have not been altered.

Without adding the GPG key, your package manager would not be able to verify the authenticity of the Docker packages, and you might encounter security warnings or errors during installation.

sudo issues with Docker?

If you need to use sudo to run Docker commands inside your virtual machine, it means your user does not have the necessary permissions to access the Docker daemon. This is typically because your user is not part of the docker group.

To allow your user to run Docker commands without sudo, you need to add your user to the docker group. Here are the steps:

Add User to Docker Group:
```
sudo usermod -aG docker $USER
```
Log Out and Log Back In: For the changes to take effect, log out of your current session and log back in. Alternatively, you can reboot your virtual machine:
```
sudo reboot
```
Verify Docker Group Membership: After logging back in, verify that your user is part of the docker group:
```
groups
```

You should now be able to run Docker commands without needing sudo.