func writeCerts(generateServer bool, hostname []string, cfg *config.CloudConfig, certPath, keyPath, caCertPath, caKeyPath string) error {
if !generateServer {
return machineUtil.GenerateCert([]string{""}, certPath, keyPath, caCertPath, caKeyPath, NAME, BITS)
}
if cfg.Rancher.UserDocker.ServerKey == "" || cfg.Rancher.UserDocker.ServerCert == "" {
err := machineUtil.GenerateCert(hostname, certPath, keyPath, caCertPath, caKeyPath, NAME, BITS)
if err != nil {
return err
}
cert, err := ioutil.ReadFile(certPath)
if err != nil {
return err
}
key, err := ioutil.ReadFile(keyPath)
if err != nil {
return err
}
return cfg.SetConfig(&config.CloudConfig{
Rancher: config.RancherConfig{
UserDocker: config.DockerConfig{
CAKey: cfg.Rancher.UserDocker.CAKey,
CACert: cfg.Rancher.UserDocker.CACert,
ServerCert: string(cert),
ServerKey: string(key),
},
},
})
}
if err := ioutil.WriteFile(certPath, []byte(cfg.Rancher.UserDocker.ServerCert), 0400); err != nil {
return err
}
return ioutil.WriteFile(keyPath, []byte(cfg.Rancher.UserDocker.ServerKey), 0400)
}
func writeCaCerts(cfg *config.CloudConfig, caCertPath, caKeyPath string) error {
if cfg.Rancher.UserDocker.CACert == "" {
if err := machineUtil.GenerateCACertificate(caCertPath, caKeyPath, NAME, BITS); err != nil {
return err
}
caCert, err := ioutil.ReadFile(caCertPath)
if err != nil {
return err
}
caKey, err := ioutil.ReadFile(caKeyPath)
if err != nil {
return err
}
err = cfg.SetConfig(&config.CloudConfig{
Rancher: config.RancherConfig{
UserDocker: config.DockerConfig{
CAKey: string(caKey),
CACert: string(caCert),
},
},
})
if err != nil {
return err
}
return nil
}
if err := ioutil.WriteFile(caCertPath, []byte(cfg.Rancher.UserDocker.CACert), 0400); err != nil {
return err
}
return ioutil.WriteFile(caKeyPath, []byte(cfg.Rancher.UserDocker.CAKey), 0400)
}