rancher/os
1
0
Fork 1
mirror of https://github.com/rancher/os.git synced 2025-08-01 15:08:47 +00:00
Code Issues Releases Wiki Activity

fix ros tls generate

Browse Source 
`ros tls generate -s` used to leave empty strings in rancher.docker.{ca_cert,ca_key} config keys, so the documented setup workflow would not work.
This commit is contained in:
Ivan Mikushin 2015-12-08 18:07:12 +05:00
parent b6930f9bb6
commit b757709253
1 changed files with 24 additions and 16 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

40
cmd/control/tlsconf.go
View File

@ -21,12 +21,13 @@ const (
func tlsConfCommands() []cli.Command {
return []cli.Command{
{
Name: "generate",
Usage: "generates new set of TLS configuration certs",
Action: tlsConfCreate,
Name: "generate",
ShortName: "gen",
Usage: "generates new set of TLS configuration certs",
Action: tlsConfCreate,
Flags: []cli.Flag{
cli.StringSliceFlag{
Name: "hostname",
Name: "hostname, H",
Usage: "the hostname for which you want to generate the certificate",
Value: &cli.StringSlice{"localhost"},
},
@ -68,8 +69,6 @@ func writeCerts(generateServer bool, hostname []string, cfg *config.CloudConfig,
cfg, err = cfg.Merge(map[interface{}]interface{}{
"rancher": map[interface{}]interface{}{
"docker": map[interface{}]interface{}{
"ca_key": cfg.Rancher.Docker.CAKey,
"ca_cert": cfg.Rancher.Docker.CACert,
"server_cert": string(cert),
"server_key": string(key),
},
@ -79,7 +78,7 @@ func writeCerts(generateServer bool, hostname []string, cfg *config.CloudConfig,
return err
}
return cfg.Save()
return cfg.Save() // certPath, keyPath are already written to by machineUtil.GenerateCert()
}
if err := ioutil.WriteFile(certPath, []byte(cfg.Rancher.Docker.ServerCert), 0400); err != nil {
@ -90,20 +89,20 @@ func writeCerts(generateServer bool, hostname []string, cfg *config.CloudConfig,
}
func writeCaCerts(cfg *config.CloudConfig, caCertPath, caKeyPath string) error {
func writeCaCerts(cfg *config.CloudConfig, caCertPath, caKeyPath string) (*config.CloudConfig, error) {
if cfg.Rancher.Docker.CACert == "" {
if err := machineUtil.GenerateCACertificate(caCertPath, caKeyPath, NAME, BITS); err != nil {
return err
return nil, err
}
caCert, err := ioutil.ReadFile(caCertPath)
if err != nil {
return err
return nil, err
}
caKey, err := ioutil.ReadFile(caKeyPath)
if err != nil {
return err
return nil, err
}
cfg, err = cfg.Merge(map[interface{}]interface{}{
@ -115,17 +114,25 @@ func writeCaCerts(cfg *config.CloudConfig, caCertPath, caKeyPath string) error {
},
})
if err != nil {
return err
return nil, err
}
return cfg.Save()
if err = cfg.Save(); err != nil {
return nil, err
}
return cfg, nil // caCertPath, caKeyPath are already written to by machineUtil.GenerateCACertificate()
}
if err := ioutil.WriteFile(caCertPath, []byte(cfg.Rancher.Docker.CACert), 0400); err != nil {
return err
return nil, err
}
return ioutil.WriteFile(caKeyPath, []byte(cfg.Rancher.Docker.CAKey), 0400)
if err := ioutil.WriteFile(caKeyPath, []byte(cfg.Rancher.Docker.CAKey), 0400); err != nil {
return nil, err
}
return cfg, nil
}
func tlsConfCreate(c *cli.Context) {
@ -168,7 +175,8 @@ func Generate(generateServer bool, outDir string, hostnames []string) error {
}
}
if err := writeCaCerts(cfg, caCertPath, caKeyPath); err != nil {
cfg, err = writeCaCerts(cfg, caCertPath, caKeyPath)
if err != nil {
return err
}