Browse Source

volume server directly support https

pull/862/head
Chris Lu 6 years ago
parent
commit
7bbe24dd28
  1. 13
      weed/command/scaffold.go
  2. 7
      weed/command/volume.go

13
weed/command/scaffold.go

@ -255,8 +255,6 @@ directory = "/" # destination directory
[jwt.signing] [jwt.signing]
key = "" key = ""
# volume server also uses grpc that should be secured.
# all grpc tls authentications are mutual # all grpc tls authentications are mutual
# the values for the following ca, cert, and key are paths to the PERM files. # the values for the following ca, cert, and key are paths to the PERM files.
[grpc] [grpc]
@ -280,5 +278,16 @@ key = ""
cert = "" cert = ""
key = "" key = ""
# volume server https options
# Note: work in progress!
# this does not work with other clients, e.g., "weed filer|mount" etc, yet.
[https.client]
enabled = true
[https.volume]
cert = ""
key = ""
` `
) )

7
weed/command/volume.go

@ -195,8 +195,15 @@ func (v VolumeServerOptions) startVolumeServer(volumeFolders, maxVolumeCounts, v
reflection.Register(grpcS) reflection.Register(grpcS)
go grpcS.Serve(grpcL) go grpcS.Serve(grpcL)
if viper.GetString("https.volume.key") != "" {
if e := http.ServeTLS(listener, volumeMux,
viper.GetString("https.volume.cert"), viper.GetString("https.volume.key")); e != nil {
glog.Fatalf("Volume server fail to serve: %v", e)
}
} else {
if e := http.Serve(listener, volumeMux); e != nil { if e := http.Serve(listener, volumeMux); e != nil {
glog.Fatalf("Volume server fail to serve: %v", e) glog.Fatalf("Volume server fail to serve: %v", e)
} }
}
} }
Loading…
Cancel
Save