os/cmd/control/tlsconf.go

package control

import (
	"fmt"
	"os"
	"path/filepath"

	"github.com/codegangsta/cli"
	machineUtil "github.com/docker/machine/utils"
)

func tlsConfCommands() []cli.Command {
	return []cli.Command{
		{
			Name:   "create",
			Usage:  "use it to create a new set of tls configuration certs and keys or upload existing ones",
			Action: tlsConfCreate,
			Flags: []cli.Flag{
				cli.StringFlag{
					Name:  "cakey",
					Usage: "path to existing certificate authority key (only use with --generate)",
				},
				cli.StringFlag{
					Name:  "ca",
					Usage: "path to existing certificate authority (only use with --genreate)",
				},
				cli.BoolFlag{
					Name:  "generate, g",
					Usage: "generate the client key and client cert from existing ca and cakey",
				},
				cli.StringFlag{
					Name:  "outDir, o",
					Usage: "the output directory to save the generated certs or keys",
				},
			},
		},
	}
}

func tlsConfCreate(c *cli.Context) {
	name := "rancher"
	bits := 2048

	caCertPath := "ca.pem"
	caKeyPath := "ca-key.pem"
	outDir := "/etc/docker/tls/"
	generateCaCerts := true

	inputCaKey := ""
	inputCaCert := ""

	if val := c.String("outDir"); val != "" {
		outDir = val
	}

	if c.Bool("generate") {
		generateCaCerts = false
	}

	if val := c.String("cakey"); val != "" {
		inputCaKey = val
	}

	if val := c.String("ca"); val != "" {
		inputCaCert = val
	}

	caCertPath = filepath.Join(outDir, caCertPath)
	caKeyPath = filepath.Join(outDir, caKeyPath)

	serverCertPath := "server-cert.pem"
	serverKeyPath := "server-key.pem"

	if generateCaCerts {
		if err := machineUtil.GenerateCACertificate(caCertPath, caKeyPath, name, bits); err != nil {
			fmt.Println(err.Error())
			return
		}
	} else {
		if inputCaKey == "" || inputCaCert == "" {
			fmt.Println("Please specify caKey and CaCert along with -g")
			return
		}

		if _, err := os.Stat(inputCaKey); err != nil {

			fmt.Printf("ERROR: %s does not exist\n", inputCaKey)
			return
		} else {
			caKeyPath = inputCaKey
		}

		if _, err := os.Stat(inputCaCert); err != nil {
			fmt.Printf("ERROR: %s does not exist\n", inputCaCert)
			return
		} else {
			caCertPath = inputCaCert
		}
		serverCertPath = "client-cert.pem"
		serverKeyPath = "client-key.pem"
	}

	serverCertPath = filepath.Join(outDir, serverCertPath)
	serverKeyPath = filepath.Join(outDir, serverKeyPath)

	if err := machineUtil.GenerateCert([]string{""}, serverCertPath, serverKeyPath, caCertPath, caKeyPath, name, bits); err != nil {
		fmt.Println(err.Error())
		return
	}
}
gofmt 2015-02-23 19:00:33 +00:00			`package control`
Refactor tlsconf 2015-02-19 20:48:10 +00:00
			`import (`
			`"fmt"`
			`"os"`
			`"path/filepath"`

move tlsconf to rancherctl 2015-02-21 21:31:10 +00:00			`"github.com/codegangsta/cli"`
Refactor tlsconf 2015-02-19 20:48:10 +00:00			`machineUtil "github.com/docker/machine/utils"`
			`)`

move tlsconf to rancherctl 2015-02-21 21:31:10 +00:00			`func tlsConfCommands() []cli.Command {`
gofmt 2015-02-23 19:00:33 +00:00			`return []cli.Command{`
move tlsconf to rancherctl 2015-02-21 21:31:10 +00:00			`{`
gofmt 2015-02-23 19:00:33 +00:00			`Name: "create",`
			`Usage: "use it to create a new set of tls configuration certs and keys or upload existing ones",`
move tlsconf to rancherctl 2015-02-21 21:31:10 +00:00			`Action: tlsConfCreate,`
gofmt 2015-02-23 19:00:33 +00:00			`Flags: []cli.Flag{`
			`cli.StringFlag{`
			`Name: "cakey",`
move tlsconf to rancherctl 2015-02-21 21:31:10 +00:00			`Usage: "path to existing certificate authority key (only use with --generate)",`
			`},`
gofmt 2015-02-23 19:00:33 +00:00			`cli.StringFlag{`
			`Name: "ca",`
move tlsconf to rancherctl 2015-02-21 21:31:10 +00:00			`Usage: "path to existing certificate authority (only use with --genreate)",`
			`},`
gofmt 2015-02-23 19:00:33 +00:00			`cli.BoolFlag{`
			`Name: "generate, g",`
move tlsconf to rancherctl 2015-02-21 21:31:10 +00:00			`Usage: "generate the client key and client cert from existing ca and cakey",`
			`},`
gofmt 2015-02-23 19:00:33 +00:00			`cli.StringFlag{`
			`Name: "outDir, o",`
move tlsconf to rancherctl 2015-02-21 21:31:10 +00:00			`Usage: "the output directory to save the generated certs or keys",`
			`},`
			`},`
			`},`
			`}`
gofmt 2015-02-23 19:00:33 +00:00			`}`
move tlsconf to rancherctl 2015-02-21 21:31:10 +00:00
			`func tlsConfCreate(c *cli.Context) {`
Refactor tlsconf 2015-02-19 20:48:10 +00:00			`name := "rancher"`
			`bits := 2048`

			`caCertPath := "ca.pem"`
			`caKeyPath := "ca-key.pem"`
			`outDir := "/etc/docker/tls/"`
			`generateCaCerts := true`

			`inputCaKey := ""`
			`inputCaCert := ""`

move tlsconf to rancherctl 2015-02-21 21:31:10 +00:00			`if val := c.String("outDir"); val != "" {`
			`outDir = val`
			`}`
gofmt 2015-02-23 19:00:33 +00:00
move tlsconf to rancherctl 2015-02-21 21:31:10 +00:00			`if c.Bool("generate") {`
			`generateCaCerts = false`
Refactor tlsconf 2015-02-19 20:48:10 +00:00			`}`
gofmt 2015-02-23 19:00:33 +00:00
move tlsconf to rancherctl 2015-02-21 21:31:10 +00:00			`if val := c.String("cakey"); val != "" {`
			`inputCaKey = val`
			`}`

			`if val := c.String("ca"); val != "" {`
			`inputCaCert = val`
gofmt 2015-02-23 19:00:33 +00:00			`}`
Refactor tlsconf 2015-02-19 20:48:10 +00:00
			`caCertPath = filepath.Join(outDir, caCertPath)`
			`caKeyPath = filepath.Join(outDir, caKeyPath)`

move tlsconf to rancherctl 2015-02-21 21:31:10 +00:00			`serverCertPath := "server-cert.pem"`
			`serverKeyPath := "server-key.pem"`

Refactor tlsconf 2015-02-19 20:48:10 +00:00			`if generateCaCerts {`
			`if err := machineUtil.GenerateCACertificate(caCertPath, caKeyPath, name, bits); err != nil {`
			`fmt.Println(err.Error())`
			`return`
			`}`
			`} else {`
			`if inputCaKey == "" \|\| inputCaCert == "" {`
			`fmt.Println("Please specify caKey and CaCert along with -g")`
			`return`
			`}`

			`if _, err := os.Stat(inputCaKey); err != nil {`

			`fmt.Printf("ERROR: %s does not exist\n", inputCaKey)`
			`return`
			`} else {`
			`caKeyPath = inputCaKey`
			`}`

			`if _, err := os.Stat(inputCaCert); err != nil {`
			`fmt.Printf("ERROR: %s does not exist\n", inputCaCert)`
			`return`
			`} else {`
			`caCertPath = inputCaCert`
			`}`
move tlsconf to rancherctl 2015-02-21 21:31:10 +00:00			`serverCertPath = "client-cert.pem"`
			`serverKeyPath = "client-key.pem"`
Refactor tlsconf 2015-02-19 20:48:10 +00:00			`}`

move tlsconf to rancherctl 2015-02-21 21:31:10 +00:00			`serverCertPath = filepath.Join(outDir, serverCertPath)`
Refactor tlsconf 2015-02-19 20:48:10 +00:00			`serverKeyPath = filepath.Join(outDir, serverKeyPath)`

			`if err := machineUtil.GenerateCert([]string{""}, serverCertPath, serverKeyPath, caCertPath, caKeyPath, name, bits); err != nil {`
			`fmt.Println(err.Error())`
			`return`
			`}`
			`}`