diff --git a/clouder_template_red_october/README.rst b/clouder_template_red_october/README.rst
new file mode 100644
index 0000000..7245a98
--- /dev/null
+++ b/clouder_template_red_october/README.rst
@@ -0,0 +1,72 @@
+.. image:: https://img.shields.io/badge/licence-LGPL--3-blue.svg
+   :target: http://www.gnu.org/licenses/lgpl-3.0-standalone.html
+   :alt: License: LGPL-3
+
+==============================
+Clouder Template - Red October
+==============================
+
+This module provides a Clouder Template for Red Octover.
+
+Red October is a cryptographically-secure implementation of the two-person rule
+to protect sensitive data. From a technical perspective, Red October is a
+software-based encryption and decryption server. The server can be used to
+encrypt a payload in such a way that no one individual can decrypt it. The
+encryption of the payload is cryptographically tied to the credentials of the
+authorized users.
+
+Authorized persons can delegate their credentials to the server for a period of
+time. The server can decrypt any previously-encrypted payloads as long as the
+appropriate number of people have delegated their credentials to the server.
+
+This architecture allows Red October to act as a convenient decryption service.
+Other systems, including CloudFlare’s build system, can use it for decryption
+and users can delegate their credentials to the server via a simple web interface.
+All communication with Red October is encrypted with TLS,
+ensuring that passwords are not sent in the clear.
+
+`Read More on CloudFlare's Blog
+<https://blog.cloudflare.com/red-october-cloudflares-open-source-implementation-of-the-two-man-rule/>`_.
+
+`Browse Red October on Github
+<https://github.com/cloudflare/redoctober>`_.
+
+Configuration
+=============
+
+Clouder configuration instructions are available at https://clouder.readthedocs.io/
+
+Usage
+=====
+
+To use this module, you need to:
+
+#. Create a CFSSL Service in the Clouder Control Panel
+
+Known issues / Roadmap
+======================
+
+* Add more Signature Profile options - https://github.com/cloudflare/redoctober/blob/86ecfbe5750ebf05565e4c80104d0a7919792fee/doc/cmd/redoctober.txt#L113
+
+Bug Tracker
+===========
+
+Bugs are tracked on `GitHub Issues
+<https://github.com/clouder-community/clouder/issues>`_. In case of trouble, please
+check there if your issue has already been reported. If you spotted it first,
+help us smashing it by providing a detailed and welcomed feedback.
+
+Credits
+=======
+
+Contributors
+------------
+
+* Dave Lasley <dave@laslabs.com>
+
+Maintainer
+----------
+
+This module is maintained by Clouder Community.
+
+To contribute to this module, please visit https://github.com/clouder-community/clouder
diff --git a/clouder_template_red_october/__init__.py b/clouder_template_red_october/__init__.py
new file mode 100644
index 0000000..08d9d6b
--- /dev/null
+++ b/clouder_template_red_october/__init__.py
@@ -0,0 +1,3 @@
+# -*- coding: utf-8 -*-
+# Copyright 2016 LasLabs Inc.
+# License LGPL-3.0 or later (http://www.gnu.org/licenses/lgpl.html).
diff --git a/clouder_template_red_october/__manifest__.py b/clouder_template_red_october/__manifest__.py
new file mode 100644
index 0000000..4668990
--- /dev/null
+++ b/clouder_template_red_october/__manifest__.py
@@ -0,0 +1,28 @@
+# -*- coding: utf-8 -*-
+# Copyright 2016 LasLabs Inc.
+# License LGPL-3.0 or later (http://www.gnu.org/licenses/lgpl.html).
+
+{
+    'name': 'Clouder Template - Red October',
+    'version': '10.0.10.0.0',
+    'category': 'Clouder',
+    'depends': [
+        'clouder',
+        'clouder_template_proxy',
+    ],
+    'author': 'LasLabs Inc.',
+    'license': 'LGPL-3',
+    'website': 'https://github.com/clouder-community/clouder',
+    'data': [
+        'data/image_template.xml',
+        'data/image.xml',
+        'data/image_port.xml',
+        'data/image_volume.xml',
+        'data/application_tag.xml',
+        'data/application_type.xml',
+        'data/application_template.xml',
+        'data/application.xml',
+    ],
+    'installable': True,
+    'application': False,
+}
diff --git a/clouder_template_red_october/data/application.xml b/clouder_template_red_october/data/application.xml
new file mode 100644
index 0000000..adc051b
--- /dev/null
+++ b/clouder_template_red_october/data/application.xml
@@ -0,0 +1,42 @@
+<?xml version="1.0" encoding="utf-8"?>
+<!-- Copyright 2016 LasLabs Inc.
+     License LGPL-3.0 or later (http://www.gnu.org/licenses/lgpl.html). -->
+
+<odoo>
+
+    <record id="application_redoctober_data" model="clouder.application">
+        <field name="name">CFSSL Data</field>
+        <field name="code">data</field>
+        <field name="type_id" ref="application_type_redoctober" />
+        <field name="tag_ids" eval="[(4, ref('clouder.tag_data'))]" />
+        <field name="default_image_id" ref="image_redoctober_data" />
+        <field name="sequence">1</field>
+        <field name="required" eval="True"/>
+    </record>
+
+    <record id="application_redoctober_exec" model="clouder.application">
+        <field name="name">CFSSL Exec</field>
+        <field name="code">exec</field>
+        <field name="type_id" ref="application_type_redoctober" />
+        <field name="tag_ids" eval="[(4, ref('clouder.tag_exec'))]" />
+        <field name="default_image_id" ref="image_redoctober_exec" />
+        <field name="sequence">2</field>
+        <field name="required" eval="True"/>
+        <field name="update_strategy">auto</field>
+    </record>
+
+    <record id="application_redoctober" model="clouder.application">
+        <field name="name">CFSSL</field>
+        <field name="code">redoctober</field>
+        <field name="type_id" ref="application_type_redoctober" />
+        <field name="tag_ids" eval="[(4, ref('tag_cert_authority'))]" />
+        <field name="child_ids"
+               eval="[(4, ref('application_redoctober_data')),
+                      (4, ref('application_redoctober_exec')),
+                     ]"
+               />
+        <field name="sequence">1</field>
+        <field name="required" eval="True"/>
+    </record>
+
+</odoo>
diff --git a/clouder_template_red_october/data/application_tag.xml b/clouder_template_red_october/data/application_tag.xml
new file mode 100644
index 0000000..62e887a
--- /dev/null
+++ b/clouder_template_red_october/data/application_tag.xml
@@ -0,0 +1,11 @@
+<?xml version="1.0" encoding="utf-8"?>
+<!-- Copyright 2016 LasLabs Inc.
+     License LGPL-3.0 or later (http://www.gnu.org/licenses/lgpl.html). -->
+
+<odoo>
+
+    <record id="tag_cert_authority" model="clouder.application.tag">
+        <field name="name">cert_authority</field>
+    </record>
+
+</odoo>
diff --git a/clouder_template_red_october/data/application_template.xml b/clouder_template_red_october/data/application_template.xml
new file mode 100644
index 0000000..1f684eb
--- /dev/null
+++ b/clouder_template_red_october/data/application_template.xml
@@ -0,0 +1,13 @@
+<?xml version="1.0" encoding="utf-8"?>
+<!-- Copyright 2016 LasLabs Inc.
+     License LGPL-3.0 or later (http://www.gnu.org/licenses/lgpl.html). -->
+
+<odoo>
+    
+    <record id="application_template_redoctober"
+            model="clouder.application.template"
+            >
+        <field name="name">CFSSL</field>
+    </record>
+    
+</odoo>
diff --git a/clouder_template_red_october/data/application_type.xml b/clouder_template_red_october/data/application_type.xml
new file mode 100644
index 0000000..8a60f66
--- /dev/null
+++ b/clouder_template_red_october/data/application_type.xml
@@ -0,0 +1,17 @@
+<?xml version="1.0" encoding="utf-8"?>
+<!-- Copyright 2016 LasLabs Inc.
+     License LGPL-3.0 or later (http://www.gnu.org/licenses/lgpl.html). -->
+
+<odoo>
+
+    <record id="application_type_redoctober"
+            model="clouder.application.type"
+            >
+        <field name="name">redoctober</field>
+        <field name="system_user">root</field>
+        <field name="tag_ids"
+               eval="[(6, 0, [ref('tag_cert_authority')])]"
+               />
+    </record>
+    
+</odoo>
diff --git a/clouder_template_red_october/data/certificate_policy_use.xml b/clouder_template_red_october/data/certificate_policy_use.xml
new file mode 100644
index 0000000..46a1a13
--- /dev/null
+++ b/clouder_template_red_october/data/certificate_policy_use.xml
@@ -0,0 +1,162 @@
+<?xml version="1.0" encoding="utf-8"?>
+<!-- Copyright 2016 LasLabs Inc.
+     Created from options listed at https://github.com/cloudflare/redoctober/blob/86ecfbe5750ebf05565e4c80104d0a7919792fee/doc/cmd/redoctober.txt#L89
+     License LGPL-3.0 or later (http://www.gnu.org/licenses/lgpl.html). -->
+
+<odoo>
+
+    <record id="certificate_policy_use_cert_sign"
+            model="clouder.certificate.policy.use"
+            >
+        <field name="name">Certificate Signing</field>
+        <field name="code">cert sign</field>
+    </record>
+    
+    <record id="certificate_policy_use_signing"
+            model="clouder.certificate.policy.use"
+            >
+        <field name="name">Signing</field>
+        <field name="code">signing</field>
+    </record>
+    
+    <record id="certificate_policy_use_smime"
+            model="clouder.certificate.policy.use"
+            >
+        <field name="name">S/MIME</field>
+        <field name="code">s/mime</field>
+    </record>
+    
+    <record id="certificate_policy_use_server_auth"
+            model="clouder.certificate.policy.use"
+            >
+        <field name="name">Server Authentication</field>
+        <field name="code">server auth</field>
+    </record>
+    
+    <record id="certificate_policy_use_client_auth"
+            model="clouder.certificate.policy.use"
+            >
+        <field name="name">Client Authentication</field>
+        <field name="code">client auth</field>
+    </record>
+    
+    <record id="certificate_policy_use_digital_signature"
+            model="clouder.certificate.policy.use"
+            >
+        <field name="name">Digital Signatures</field>
+        <field name="code">digital signature</field>
+    </record>
+    
+    <record id="certificate_policy_use_email_protection"
+            model="clouder.certificate.policy.use"
+            >
+        <field name="name">Email Protection</field>
+        <field name="code">email protection</field>
+    </record>
+    
+    <record id="certificate_policy_use_key_encipherment"
+            model="clouder.certificate.policy.use"
+            >
+        <field name="name">Key Encipherment</field>
+        <field name="code">key encipherment</field>
+    </record>
+    
+    <record id="certificate_policy_use_content_commitment"
+            model="clouder.certificate.policy.use"
+            >
+        <field name="name">Content Commitment</field>
+        <field name="code">content commitment</field>
+    </record>
+    
+    <record id="certificate_policy_use_key_agreement"
+            model="clouder.certificate.policy.use"
+            >
+        <field name="name">Key Agreement</field>
+        <field name="code">key agreement</field>
+    </record>
+    
+    <record id="certificate_policy_use_crl_sign"
+            model="clouder.certificate.policy.use"
+            >
+        <field name="name">CRL Signing</field>
+        <field name="code">crl sign</field>
+    </record>
+    
+    <record id="certificate_policy_use_encipher_only"
+            model="clouder.certificate.policy.use"
+            >
+        <field name="name">Encipher Only</field>
+        <field name="code">encipher only</field>
+    </record>
+    
+    <record id="certificate_policy_use_decipher_only"
+            model="clouder.certificate.policy.use"
+            >
+        <field name="name">Decipher Only</field>
+        <field name="code">decipher only</field>
+    </record>
+    
+    <record id="certificate_policy_use_any"
+            model="clouder.certificate.policy.use"
+            >
+        <field name="name">Any</field>
+        <field name="code">any</field>
+    </record>
+    
+    <record id="certificate_policy_use_code_signing"
+            model="clouder.certificate.policy.use"
+            >
+        <field name="name">Code Signing</field>
+        <field name="code">code signing</field>
+    </record>
+    
+    <record id="certificate_policy_use_ipsec_end_system"
+            model="clouder.certificate.policy.use"
+            >
+        <field name="name">IPSEC End System</field>
+        <field name="code">ipsec end system</field>
+    </record>
+    
+    <record id="certificate_policy_use_ipsec_tunnel"
+            model="clouder.certificate.policy.use"
+            >
+        <field name="name">IPSEC Tunnel</field>
+        <field name="code">ipsec tunnel</field>
+    </record>
+    
+    <record id="certificate_policy_use_ipsec_user"
+            model="clouder.certificate.policy.use"
+            >
+        <field name="name">IPSEC User</field>
+        <field name="code">ipsec user</field>
+    </record>
+    
+    <record id="certificate_policy_use_timestamping"
+            model="clouder.certificate.policy.use"
+            >
+        <field name="name">Timestamping</field>
+        <field name="code">timestamping</field>
+    </record>
+    
+    <record id="certificate_policy_use_ocscp_signing"
+            model="clouder.certificate.policy.use"
+            >
+        <field name="name">OCSP Signing</field>
+        <field name="code">ocsp signing</field>
+    </record>
+    
+    <record id="certificate_policy_use_microsoft_sgc"
+            model="clouder.certificate.policy.use"
+            >
+        <field name="name">Microsoft SGC</field>
+        <field name="code">microsoft sgc</field>
+    </record>
+    
+    <record id="certificate_policy_use_netscape_sgc"
+            model="clouder.certificate.policy.use"
+            >
+        <field name="name">Netscape SGC</field>
+        <field name="code">netscape sgc</field>
+    </record>
+    
+</odoo>
diff --git a/clouder_template_red_october/data/image.xml b/clouder_template_red_october/data/image.xml
new file mode 100644
index 0000000..622b767
--- /dev/null
+++ b/clouder_template_red_october/data/image.xml
@@ -0,0 +1,24 @@
+<?xml version="1.0" encoding="utf-8"?>
+<!-- Copyright 2016 LasLabs Inc.
+     License LGPL-3.0 or later (http://www.gnu.org/licenses/lgpl.html). -->
+
+<odoo>
+
+    <record id="image_redoctober_data" model="clouder.image">
+        <field name="name">image_redoctober_data</field>
+        <field name="template_ids"
+               eval="[(4, [ref('image_template_redoctober_data')])]"
+               />
+        <field name="parent_from">lasley/redoctober-data</field>
+    </record>
+    
+    <record id="image_redoctober_exec" model="clouder.image">
+        <field name="name">image_redoctober_exec</field>
+        <field name="template_ids"
+               eval="[(4, [ref('image_template_redoctober_exec')])]"
+               />
+        <field name="parent_from">lasley/redoctober-exec</field>
+        <field name="volumes_from">data</field>
+    </record>
+
+</odoo>
diff --git a/clouder_template_red_october/data/image_port.xml b/clouder_template_red_october/data/image_port.xml
new file mode 100644
index 0000000..1562dc6
--- /dev/null
+++ b/clouder_template_red_october/data/image_port.xml
@@ -0,0 +1,15 @@
+<?xml version="1.0" encoding="utf-8"?>
+<!-- Copyright 2016 LasLabs Inc.
+     License LGPL-3.0 or later (http://www.gnu.org/licenses/lgpl.html). -->
+
+<odoo>
+    
+    <record id="image_port_redoctober_http"
+            model="clouder.image.port"
+            >
+        <field name="template_id" ref="image_template_redoctober_exec" />
+        <field name="name">redoctober-http</field>
+        <field name="local_port">8888</field>
+    </record>
+
+</odoo>
diff --git a/clouder_template_red_october/data/image_template.xml b/clouder_template_red_october/data/image_template.xml
new file mode 100644
index 0000000..6e55bd3
--- /dev/null
+++ b/clouder_template_red_october/data/image_template.xml
@@ -0,0 +1,19 @@
+<?xml version="1.0" encoding="utf-8"?>
+<!-- Copyright 2016 LasLabs Inc.
+     License LGPL-3.0 or later (http://www.gnu.org/licenses/lgpl.html). -->
+
+<odoo>
+    
+    <record id="image_template_redoctober_data"
+            model="clouder.image.template"
+            >
+        <field name="name">image_template_redoctober_data</field>
+    </record>
+    
+    <record id="image_template_redoctober_exec"
+            model="clouder.image.template"
+            >
+        <field name="name">image_template_redoctober_exec</field>
+    </record>
+    
+</odoo>
diff --git a/clouder_template_red_october/data/image_volume.xml b/clouder_template_red_october/data/image_volume.xml
new file mode 100644
index 0000000..67c4d10
--- /dev/null
+++ b/clouder_template_red_october/data/image_volume.xml
@@ -0,0 +1,16 @@
+<?xml version="1.0" encoding="utf-8"?>
+<!-- Copyright 2016 LasLabs Inc.
+     License LGPL-3.0 or later (http://www.gnu.org/licenses/lgpl.html). -->
+
+<odoo>
+
+    <record id="image_volume_redoctober_cert_store"
+            model="clouder.image.volume"
+            >
+        <field name="template_id" ref="image_template_redoctober_data" />
+        <field name="name">cert_store</field>
+        <field name="localpath">/var/pki</field>
+        <field name="user">root</field>
+    </record>
+
+</odoo>
diff --git a/clouder_template_red_october/images/data/Dockerfile b/clouder_template_red_october/images/data/Dockerfile
new file mode 100644
index 0000000..d9d246c
--- /dev/null
+++ b/clouder_template_red_october/images/data/Dockerfile
@@ -0,0 +1,4 @@
+FROM clouder/base:3.4
+MAINTAINER Dave Lasley <dave@laslabs.com>
+
+CMD tail -f /dev/null
diff --git a/clouder_template_red_october/images/data/pki/ca/csr_ca.json b/clouder_template_red_october/images/data/pki/ca/csr_ca.json
new file mode 100644
index 0000000..d9d246c
--- /dev/null
+++ b/clouder_template_red_october/images/data/pki/ca/csr_ca.json
@@ -0,0 +1,4 @@
+FROM clouder/base:3.4
+MAINTAINER Dave Lasley <dave@laslabs.com>
+
+CMD tail -f /dev/null
diff --git a/clouder_template_red_october/images/exec/Dockerfile b/clouder_template_red_october/images/exec/Dockerfile
new file mode 100644
index 0000000..eb4f5c2
--- /dev/null
+++ b/clouder_template_red_october/images/exec/Dockerfile
@@ -0,0 +1,37 @@
+FROM clouder/base:3.4
+MAINTAINER Dave Lasley <dave@laslabs.com>
+
+
+RUN groupadd -r redoctober --gid=999 && useradd -r -g redoctober --uid=999 redoctober
+
+# Install Build Dependencies
+
+ENV buildDeps "build-base \
+               gcc \
+               git \
+               go \
+               libtool \
+               openssl \
+               runit"
+
+RUN apk add --no-cache $buildDeps
+
+# Install Red October
+
+RUN git clone --depth=1 https://github.com/cloudflare/redoctober.git /go/src/github.com/cloudflare/redoctober
+
+RUN go install github.com/cloudflare/redoctober
+
+EXPOSE 8080 8081
+ENV RO_CERTS=/var/lib/redoctober/data/server.crt \
+    RO_KEYS=/var/lib/redoctober/data/server.pem \
+    RO_DATA=/var/lib/redoctober/data \
+    RO_CERTPASSWD=password \
+    RO_COMMONNAME=localhost
+
+ENTRYPOINT ["/go/src/github.com/cloudflare/redoctober/scripts/docker-entrypoint.sh"]
+CMD ["redoctober", \
+    "-addr=:8080", \
+    "-vaultpath=/var/lib/redoctober/data/diskrecord.json", \
+    "-certs=/var/lib/redoctober/data/server.crt", \
+    "-keys=/var/lib/redoctober/data/server.pem"]