Exemple #1
0
func writeCaCerts(cfg *config.Config, caCertPath, caKeyPath string) error {
	if cfg.UserDocker.CACert == "" {
		if err := machineUtil.GenerateCACertificate(caCertPath, caKeyPath, NAME, BITS); err != nil {
			return err
		}

		caCert, err := ioutil.ReadFile(caCertPath)
		if err != nil {
			return err
		}

		caKey, err := ioutil.ReadFile(caKeyPath)
		if err != nil {
			return err
		}

		err = cfg.SetConfig(&config.Config{
			UserDocker: config.DockerConfig{
				CAKey:  string(caKey),
				CACert: string(caCert),
			},
		})
		if err != nil {
			return err
		}

		return nil
	}

	if err := ioutil.WriteFile(caCertPath, []byte(cfg.UserDocker.CACert), 0400); err != nil {
		return err
	}

	return ioutil.WriteFile(caKeyPath, []byte(cfg.UserDocker.CAKey), 0400)
}
func main() {
	if _, err := os.Stat(caCertPath); os.IsNotExist(err) {
		log.Printf("Creating CA: %s", caCertPath)

		// check if the key path exists; if so, error
		if _, err := os.Stat(caKeyPath); err == nil {
			log.Fatalf("The CA key already exists.  Please remove it or specify a different key/cert.")
		}

		if err := utils.GenerateCACertificate(caCertPath, caKeyPath, org, bits); err != nil {
			log.Printf("Error generating CA certificate: %s", err)
		}
	}

	if _, err := os.Stat(clientCertPath); os.IsNotExist(err) {
		log.Printf("Creating client certificate: %s", clientCertPath)

		// check if the key path exists; if so, error
		if _, err := os.Stat(clientKeyPath); err == nil {
			log.Fatalf("The client key already exists.  Please remove it or specify a different key/cert.")
		}

		err = utils.GenerateCert(
			[]string{""},
			clientCertPath,
			clientKeyPath,
			caCertPath,
			caKeyPath,
			org,
			bits,
		)
		if err != nil {
			log.Fatalf("Error generating client certificate: %s", err)
		}
	}

	if len(os.Args) <= 1 {
		return
	}
	for _, ip := range os.Args[1:] {
		serverKeyPath := fmt.Sprintf("%s-key.pem", ip)
		serverCertPath := fmt.Sprintf("%s.pem", ip)

		if _, err := os.Stat(serverCertPath); os.IsNotExist(err) {
			log.Printf("Creating server certificate: %s", serverCertPath)
			err = utils.GenerateCert(
				[]string{ip},
				serverCertPath,
				serverKeyPath,
				caCertPath,
				caKeyPath,
				org,
				bits,
			)
			if err != nil {
				log.Fatalf("error generating server cert: %s", err)
			}
		}
	}
}
Exemple #3
0
func setupCertificates(caCertPath, caKeyPath, clientCertPath, clientKeyPath string) error {
	org := utils.GetUsername()
	bits := 2048

	if _, err := os.Stat(utils.GetMachineCertDir()); err != nil {
		if os.IsNotExist(err) {
			if err := os.MkdirAll(utils.GetMachineCertDir(), 0700); err != nil {
				log.Fatalf("Error creating machine config dir: %s", err)
			}
		} else {
			log.Fatal(err)
		}
	}

	if _, err := os.Stat(caCertPath); os.IsNotExist(err) {
		log.Infof("Creating CA: %s", caCertPath)

		// check if the key path exists; if so, error
		if _, err := os.Stat(caKeyPath); err == nil {
			log.Fatalf("The CA key already exists.  Please remove it or specify a different key/cert.")
		}

		if err := utils.GenerateCACertificate(caCertPath, caKeyPath, org, bits); err != nil {
			log.Infof("Error generating CA certificate: %s", err)
		}
	}

	if _, err := os.Stat(clientCertPath); os.IsNotExist(err) {
		log.Infof("Creating client certificate: %s", clientCertPath)

		if _, err := os.Stat(utils.GetMachineCertDir()); err != nil {
			if os.IsNotExist(err) {
				if err := os.Mkdir(utils.GetMachineCertDir(), 0700); err != nil {
					log.Fatalf("Error creating machine client cert dir: %s", err)
				}
			} else {
				log.Fatal(err)
			}
		}

		// check if the key path exists; if so, error
		if _, err := os.Stat(clientKeyPath); err == nil {
			log.Fatalf("The client key already exists.  Please remove it or specify a different key/cert.")
		}

		if err := utils.GenerateCert([]string{""}, clientCertPath, clientKeyPath, caCertPath, caKeyPath, org, bits); err != nil {
			log.Fatalf("Error generating client certificate: %s", err)
		}
	}

	return nil
}
Exemple #4
0
func writeCaCerts(cfg *config.CloudConfig, caCertPath, caKeyPath string) (*config.CloudConfig, error) {
	if cfg.Rancher.Docker.CACert == "" {
		if err := machineUtil.GenerateCACertificate(caCertPath, caKeyPath, NAME, BITS); err != nil {
			return nil, err
		}

		caCert, err := ioutil.ReadFile(caCertPath)
		if err != nil {
			return nil, err
		}

		caKey, err := ioutil.ReadFile(caKeyPath)
		if err != nil {
			return nil, err
		}

		cfg, err = cfg.Merge(map[interface{}]interface{}{
			"rancher": map[interface{}]interface{}{
				"docker": map[interface{}]interface{}{
					"ca_key":  string(caKey),
					"ca_cert": string(caCert),
				},
			},
		})
		if err != nil {
			return nil, err
		}

		if err = cfg.Save(); err != nil {
			return nil, err
		}

		return cfg, nil // caCertPath, caKeyPath are already written to by machineUtil.GenerateCACertificate()
	}

	if err := ioutil.WriteFile(caCertPath, []byte(cfg.Rancher.Docker.CACert), 0400); err != nil {
		return nil, err
	}

	if err := ioutil.WriteFile(caKeyPath, []byte(cfg.Rancher.Docker.CAKey), 0400); err != nil {
		return nil, err
	}

	return cfg, nil
}