dynamiclistener

Author	SHA1	Message	Date
Brad Davidson	53f6b38760	Allow forcing cert reissuance (#28 ) Refreshing the cert should force renewal as opposed to returning early if the SANs aren't changing. This is currently breaking refresh of expired certs as per: https://github.com/rancher/k3s/issues/1621#issuecomment-669464318 Signed-off-by: Brad Davidson <brad.davidson@rancher.com>	2020-08-10 17:12:39 -07:00
Darren Shepherd	479ab335d6	Add LoadOrGenClient to handle client cert generation	2020-08-10 17:12:39 -07:00
Darren Shepherd	2bfb7bd0cb	Fix error masking issue Also don't do an extra lookup of TLS secret after update.	2020-08-10 17:12:39 -07:00
Darren Shepherd	bc68bf5499	Fix merging of the k8s secret to reduce the number of writes	2020-02-04 12:48:38 -07:00
Darren Shepherd	a75e84bc81	Add more helpers	2020-01-30 22:41:19 -07:00
Darren Shepherd	f1484a07b3	Add static storage and listener opts	2019-12-04 11:32:00 -07:00
Darren Shepherd	ccf76b35ea	Don't clobber secret key On the start of a new server we do not want to blindly save the cert because that will change the TLS key. Instead only write to k8s on start if there is no secret in k8s. On start of the controller it will sync up if the local file and k8s secret aren't the same	2019-11-15 23:45:10 +00:00
Darren Shepherd	988d8dd3f4	Add info logging when certs change	2019-11-15 23:43:29 +00:00
Darren Shepherd	02b97e01f1	Attempt to minimize additional cert gens	2019-11-13 14:46:32 +00:00
Darren Shepherd	6c7ccae2fc	Save secret to k8s on start	2019-11-10 03:51:22 +00:00
Darren Shepherd	36c5023d47	Wrong address used Fixes three issues 1. Use localaddr, not remoteadd for CN 2. Don't return error from net.Listener.Accept 3. Try three times to save secret	2019-11-09 06:09:10 +00:00
Darren Shepherd	9adf776973	Fix issues in k8s storage	2019-11-08 19:00:53 +00:00
Darren Shepherd	af04867843	Refactor to not include a server by default	2019-10-30 19:14:34 -07:00

13 Commits