Default dirs for TLS cert generation

/etc/docker/tls - for server /home/rancher/.docker - for client
2025-08-30 21:26:09 +00:00 · 2015-12-10 14:24:14 +05:00 · 2015-12-10 14:24:14 +05:00 · 3e44413aa9
commit 3e44413aa9
parent 6b7ddfaff2
1 changed files with 18 additions and 3 deletions
--- a/cmd/control/tlsconf.go
+++ b/cmd/control/tlsconf.go
@ -1,7 +1,6 @@
 package control

 import (
-	"fmt"
 	"io/ioutil"
 	"os"
 	"path/filepath"
@ -157,7 +156,12 @@ func Generate(generateServer bool, outDir string, hostnames []string) error {
 	}

 	if outDir == "" {
-		return fmt.Errorf("out directory (-d, --dir) not specified")
+		if generateServer {
+			outDir = "/etc/docker/tls"
+		} else {
+			outDir = "/home/rancher/.docker"
+		}
+		log.Infof("Out directory (-d, --dir) not specified, using default: %s", outDir)
 	}
 	caCertPath := filepath.Join(outDir, "ca.pem")
 	caKeyPath := filepath.Join(outDir, "ca-key.pem")
@ -179,6 +183,17 @@ func Generate(generateServer bool, outDir string, hostnames []string) error {
 	if err != nil {
 		return err
 	}
+	if err := writeCerts(generateServer, hostnames, cfg, certPath, keyPath, caCertPath, caKeyPath); err != nil {
+		return err
+	}

-	return writeCerts(generateServer, hostnames, cfg, certPath, keyPath, caCertPath, caKeyPath)
+	if !generateServer {
+		if err := filepath.Walk(outDir, func(path string, info os.FileInfo, err error) error {
+			return os.Chown(path, 1100, 1100) // rancher:rancher
+		}); err != nil {
+			return err
+		}
+	}
+
+	return nil
 }