From 4dd890d4a2e84b4bdb1335d3454a4e139563d228 Mon Sep 17 00:00:00 2001 From: Konstantin Lebedev <9497591+kmlebedev@users.noreply.github.com> Date: Wed, 14 Jun 2023 11:58:49 +0500 Subject: [PATCH] optional https port for s3 (#4482) Co-authored-by: Konstantin Lebedev <9497591+kmlebedev@users.noreply.github.co> --- weed/command/filer.go | 1 + weed/command/s3.go | 35 ++++++++++++++++++++++++++++------- 2 files changed, 29 insertions(+), 7 deletions(-) diff --git a/weed/command/filer.go b/weed/command/filer.go index 5bdf53455..b5a44eedf 100644 --- a/weed/command/filer.go +++ b/weed/command/filer.go @@ -95,6 +95,7 @@ func init() { // start s3 on filer filerStartS3 = cmdFiler.Flag.Bool("s3", false, "whether to start S3 gateway") filerS3Options.port = cmdFiler.Flag.Int("s3.port", 8333, "s3 server http listen port") + filerS3Options.portHttps = cmdFiler.Flag.Int("s3.port.https", 0, "s3 server https listen port") filerS3Options.portGrpc = cmdFiler.Flag.Int("s3.port.grpc", 0, "s3 server grpc listen port") filerS3Options.domainName = cmdFiler.Flag.String("s3.domainName", "", "suffix of the host name in comma separated list, {bucket}.{domainName}") filerS3Options.dataCenter = cmdFiler.Flag.String("s3.dataCenter", "", "prefer to read and write to volumes in this data center") diff --git a/weed/command/s3.go b/weed/command/s3.go index 7a599cc86..69f4ec270 100644 --- a/weed/command/s3.go +++ b/weed/command/s3.go @@ -32,6 +32,7 @@ type S3Options struct { filer *string bindIp *string port *int + portHttps *int portGrpc *int config *string domainName *string @@ -51,6 +52,7 @@ func init() { s3StandaloneOptions.filer = cmdS3.Flag.String("filer", "localhost:8888", "filer server address") s3StandaloneOptions.bindIp = cmdS3.Flag.String("ip.bind", "", "ip address to bind to. Default to localhost.") s3StandaloneOptions.port = cmdS3.Flag.Int("port", 8333, "s3 server http listen port") + s3StandaloneOptions.portHttps = cmdS3.Flag.Int("port.https", 0, "s3 server https listen port") s3StandaloneOptions.portGrpc = cmdS3.Flag.Int("port.grpc", 0, "s3 server grpc listen port") s3StandaloneOptions.domainName = cmdS3.Flag.String("domainName", "", "suffix of the host name in comma separated list, {bucket}.{domainName}") s3StandaloneOptions.dataCenter = cmdS3.Flag.String("dataCenter", "", "prefer to read and write to volumes in this data center") @@ -264,18 +266,37 @@ func (s3opt *S3Options) startS3Server() bool { glog.Fatalf("pemfile.NewProvider(%v) failed: %v", pemfileOptions, err) } httpS.TLSConfig = &tls.Config{GetCertificate: s3opt.GetCertificateWithUpdate} - glog.V(0).Infof("Start Seaweed S3 API Server %s at https port %d", util.Version(), *s3opt.port) - if s3ApiLocalListener != nil { + if *s3opt.portHttps == 0 { + glog.V(0).Infof("Start Seaweed S3 API Server %s at https port %d", util.Version(), *s3opt.port) + if s3ApiLocalListener != nil { + go func() { + if err = httpS.ServeTLS(s3ApiLocalListener, "", ""); err != nil { + glog.Fatalf("S3 API Server Fail to serve: %v", err) + } + }() + } + if err = httpS.ServeTLS(s3ApiListener, "", ""); err != nil { + glog.Fatalf("S3 API Server Fail to serve: %v", err) + } + } else { + glog.V(0).Infof("Start Seaweed S3 API Server %s at https port %d", util.Version(), *s3opt.portHttps) + s3ApiListenerHttps, s3ApiLocalListenerHttps, _ := util.NewIpAndLocalListeners( + *s3opt.bindIp, *s3opt.portHttps, time.Duration(10)*time.Second) + if s3ApiLocalListenerHttps != nil { + go func() { + if err = httpS.ServeTLS(s3ApiLocalListenerHttps, "", ""); err != nil { + glog.Fatalf("S3 API Server Fail to serve: %v", err) + } + }() + } go func() { - if err = httpS.ServeTLS(s3ApiLocalListener, "", ""); err != nil { + if err = httpS.ServeTLS(s3ApiListenerHttps, "", ""); err != nil { glog.Fatalf("S3 API Server Fail to serve: %v", err) } }() } - if err = httpS.ServeTLS(s3ApiListener, "", ""); err != nil { - glog.Fatalf("S3 API Server Fail to serve: %v", err) - } - } else { + } + if *s3opt.tlsPrivateKey == "" || *s3opt.portHttps > 0 { glog.V(0).Infof("Start Seaweed S3 API Server %s at http port %d", util.Version(), *s3opt.port) if s3ApiLocalListener != nil { go func() {