mirror of https://github.com/docker/docs.git
Merge pull request #460 from sthulb/tls-create-later
move cert creation to create command
This commit is contained in:
Evan Hazlett
commit
25b45ffc7d
64
commands.go
64
commands.go
|
|
@ -59,6 +59,69 @@ func (h hostListItemByName) Less(i, j int) bool {
|
|||
return strings.ToLower(h[i].Name) < strings.ToLower(h[j].Name)
|
||||
}
|
||||
|
||||
func beforeCreate(c *cli.Context) error {
|
||||
caCertPath := c.GlobalString("tls-ca-cert")
|
||||
caKeyPath := c.GlobalString("tls-ca-key")
|
||||
clientCertPath := c.GlobalString("tls-client-cert")
|
||||
clientKeyPath := c.GlobalString("tls-client-key")
|
||||
|
||||
org := utils.GetUsername()
|
||||
bits := 2048
|
||||
|
||||
if _, err := os.Stat(utils.GetMachineDir()); err != nil {
|
||||
if os.IsNotExist(err) {
|
||||
if err := os.MkdirAll(utils.GetMachineDir(), 0700); err != nil {
|
||||
log.Fatalf("Error creating machine config dir: %s", err)
|
||||
}
|
||||
} else {
|
||||
log.Fatal(err)
|
||||
}
|
||||
}
|
||||
|
||||
if _, err := os.Stat(caCertPath); os.IsNotExist(err) {
|
||||
log.Infof("Creating CA: %s", caCertPath)
|
||||
|
||||
// check if the key path exists; if so, error
|
||||
if _, err := os.Stat(caKeyPath); err == nil {
|
||||
log.Fatalf("The CA key already exists. Please remove it or specify a different key/cert.")
|
||||
}
|
||||
|
||||
if err := utils.GenerateCACertificate(caCertPath, caKeyPath, org, bits); err != nil {
|
||||
log.Infof("Error generating CA certificate: %s", err)
|
||||
}
|
||||
}
|
||||
|
||||
if _, err := os.Stat(clientCertPath); os.IsNotExist(err) {
|
||||
log.Infof("Creating client certificate: %s", clientCertPath)
|
||||
|
||||
if _, err := os.Stat(utils.GetMachineClientCertDir()); err != nil {
|
||||
if os.IsNotExist(err) {
|
||||
if err := os.Mkdir(utils.GetMachineClientCertDir(), 0700); err != nil {
|
||||
log.Fatalf("Error creating machine client cert dir: %s", err)
|
||||
}
|
||||
} else {
|
||||
log.Fatal(err)
|
||||
}
|
||||
}
|
||||
|
||||
// check if the key path exists; if so, error
|
||||
if _, err := os.Stat(clientKeyPath); err == nil {
|
||||
log.Fatalf("The client key already exists. Please remove it or specify a different key/cert.")
|
||||
}
|
||||
|
||||
if err := utils.GenerateCert([]string{""}, clientCertPath, clientKeyPath, caCertPath, caKeyPath, org, bits); err != nil {
|
||||
log.Fatalf("Error generating client certificate: %s", err)
|
||||
}
|
||||
|
||||
// copy ca.pem to client cert dir for docker client
|
||||
if err := utils.CopyFile(caCertPath, filepath.Join(utils.GetMachineClientCertDir(), "ca.pem")); err != nil {
|
||||
log.Fatalf("Error copying ca.pem to client cert dir: %s", err)
|
||||
}
|
||||
}
|
||||
|
||||
return nil
|
||||
}
|
||||
|
||||
var Commands = []cli.Command{
|
||||
{
|
||||
Name: "active",
|
||||
|
|
@ -66,6 +129,7 @@ var Commands = []cli.Command{
|
|||
Action: cmdActive,
|
||||
},
|
||||
{
|
||||
Before: beforeCreate,
|
||||
Flags: append(
|
||||
drivers.GetCreateFlags(),
|
||||
cli.StringFlag{
|
||||
|
|
|
|||
64
main.go
64
main.go
|
|
@ -10,69 +10,6 @@ import (
|
|||
"github.com/docker/machine/utils"
|
||||
)
|
||||
|
||||
func before(c *cli.Context) error {
|
||||
caCertPath := c.GlobalString("tls-ca-cert")
|
||||
caKeyPath := c.GlobalString("tls-ca-key")
|
||||
clientCertPath := c.GlobalString("tls-client-cert")
|
||||
clientKeyPath := c.GlobalString("tls-client-key")
|
||||
|
||||
org := utils.GetUsername()
|
||||
bits := 2048
|
||||
|
||||
if _, err := os.Stat(utils.GetMachineDir()); err != nil {
|
||||
if os.IsNotExist(err) {
|
||||
if err := os.MkdirAll(utils.GetMachineDir(), 0700); err != nil {
|
||||
log.Fatalf("Error creating machine config dir: %s", err)
|
||||
}
|
||||
} else {
|
||||
log.Fatal(err)
|
||||
}
|
||||
}
|
||||
|
||||
if _, err := os.Stat(caCertPath); os.IsNotExist(err) {
|
||||
log.Infof("Creating CA: %s", caCertPath)
|
||||
|
||||
// check if the key path exists; if so, error
|
||||
if _, err := os.Stat(caKeyPath); err == nil {
|
||||
log.Fatalf("The CA key already exists. Please remove it or specify a different key/cert.")
|
||||
}
|
||||
|
||||
if err := utils.GenerateCACertificate(caCertPath, caKeyPath, org, bits); err != nil {
|
||||
log.Infof("Error generating CA certificate: %s", err)
|
||||
}
|
||||
}
|
||||
|
||||
if _, err := os.Stat(clientCertPath); os.IsNotExist(err) {
|
||||
log.Infof("Creating client certificate: %s", clientCertPath)
|
||||
|
||||
if _, err := os.Stat(utils.GetMachineClientCertDir()); err != nil {
|
||||
if os.IsNotExist(err) {
|
||||
if err := os.Mkdir(utils.GetMachineClientCertDir(), 0700); err != nil {
|
||||
log.Fatalf("Error creating machine client cert dir: %s", err)
|
||||
}
|
||||
} else {
|
||||
log.Fatal(err)
|
||||
}
|
||||
}
|
||||
|
||||
// check if the key path exists; if so, error
|
||||
if _, err := os.Stat(clientKeyPath); err == nil {
|
||||
log.Fatalf("The client key already exists. Please remove it or specify a different key/cert.")
|
||||
}
|
||||
|
||||
if err := utils.GenerateCert([]string{""}, clientCertPath, clientKeyPath, caCertPath, caKeyPath, org, bits); err != nil {
|
||||
log.Fatalf("Error generating client certificate: %s", err)
|
||||
}
|
||||
|
||||
// copy ca.pem to client cert dir for docker client
|
||||
if err := utils.CopyFile(caCertPath, filepath.Join(utils.GetMachineClientCertDir(), "ca.pem")); err != nil {
|
||||
log.Fatalf("Error copying ca.pem to client cert dir: %s", err)
|
||||
}
|
||||
}
|
||||
|
||||
return nil
|
||||
}
|
||||
|
||||
func main() {
|
||||
for _, f := range os.Args {
|
||||
if f == "-D" || f == "--debug" || f == "-debug" {
|
||||
|
|
@ -86,7 +23,6 @@ func main() {
|
|||
app.Commands = Commands
|
||||
app.CommandNotFound = cmdNotFound
|
||||
app.Usage = "Create and manage machines running Docker."
|
||||
app.Before = before
|
||||
app.Version = VERSION
|
||||
|
||||
app.Flags = []cli.Flag{
|
||||
|
|
|
|||
Loading…
Reference in New Issue