Linux – Dicking with Docker

Allowing DNS lookups with Hashicorp Consul + ACLs enabled

By Simon Weald | 9th September 2021 by Simon Weald

I’ve recently been experimenting with Hashicorp’s Consul in my home infrastructure because I want to use it to provide service discovery and automatic DNS provisioning when I create Proxmox instances with Terraform. Consul is a bit of a hefty beast to get to grips with and getting DNS lookups working when you have ACLs enabled can be a little tricky – it’s taken me a day or two of going round in circles to figure…

Securing SSH with the Vault SSH backend and GitHub authentication

By Simon Weald | 30th May 202015th June 2020 by Simon Weald

This blog is going to be about using Hashicorp’s Vault to issue short-lived certificates to use with SSH. Most guides have you using a username & password to authenticate with Vault, but I’ve chosen to delegate that to GitHub instead. I’m assuming you already have a Vault server running – I won’t be covering that in the course of this blog. You’ll also need a sufficiently-privileged Vault token, and jq installed on the machine you…