Removed some faulty information

content/posts/docker-tcp.md

@@ -61,9 +61,10 @@ openssl genrsa -out server-key.pem 4096
 openssl req -subj "/CN=<HOST>" -sha256 -new -key server-key.pem -out server.csr
 ```
 
-In the above snippet, replace `<HOST>` with the hostname (output of the
-`hostname` command) of the machine who's API you want to expose. Now we've
-created `server-key.pem` and `server.csr`.
+In the above snippet, replace `<HOST>` with the hostname of the machine who's
+API you want to expose. With hostname, I mean the domain from which your server
+is accessible, e.g. `server.example.com`. Now we've created `server-key.pem`
+and `server.csr`.
 
 After this, we need to create a file named `extfile.cnf` with the
 following content:
@@ -73,7 +74,7 @@ subjectAltName = DNS:<HOST>,IP:<IP>,IP:127.0.0.1 >> extfile.cnf
 extendedKeyUsage = serverAuth
 ```
 
-Here, we once again replace `<HOST>` with the machine's hostname, and `<IP>`
+Here, we once again replace `<HOST>` with the machine's domain name, and `<IP>`
 with the machine's public IP.
 
 This file can now be used to generate the actual signed certificate:
@@ -125,12 +126,12 @@ directory.
 
 We're gonna be creating a system config file for the Docker service (this guide
 assumes the use of `systemd`). In
-`/etc/systemd/docker.service.d/startup_options.conf`, put the following:
+`/etc/systemd/system/docker.service.d/startup_options.conf`, put the following:
 
 ```shell
 [Service]
 ExecStart=
-ExecStart=/usr/bin/dockerd --tlsverify --tlscacert='<DIR>/ca.pem' --tlscert='<DIR>/server-cert.pem' --tlskey='<DIR>/server-key.pem' -H fd:// -H tcp://0.0.0.0:2376
+ExecStart=/usr/sbin/dockerd --tlsverify --tlscacert='<DIR>/ca.pem' --tlscert='<DIR>/server-cert.pem' --tlskey='<DIR>/server-key.pem' -H fd:// -H tcp://0.0.0.0:2376
 ```
 
 Don't forget the replace `<PATH>` with the path to your actual directory.