fix services after identity merge (#224)
unfortunately, we can't enable server-side tls yet because client-side tls hasn't been implemented
This commit is contained in:
parent
1f8db2a4c7
commit
df726b3ee8
@ -64,6 +64,7 @@ func cmdSetup(cmd *cobra.Command, args []string) (err error) {
|
|||||||
setupCfg.HCCA.KeyPath = filepath.Join(hcPath, "ca.key")
|
setupCfg.HCCA.KeyPath = filepath.Join(hcPath, "ca.key")
|
||||||
setupCfg.HCIdentity.CertPath = filepath.Join(hcPath, "identity.cert")
|
setupCfg.HCIdentity.CertPath = filepath.Join(hcPath, "identity.cert")
|
||||||
setupCfg.HCIdentity.KeyPath = filepath.Join(hcPath, "identity.key")
|
setupCfg.HCIdentity.KeyPath = filepath.Join(hcPath, "identity.key")
|
||||||
|
fmt.Printf("creating identity for satellite\n")
|
||||||
err = provider.SetupIdentity(process.Ctx(cmd), setupCfg.HCCA, setupCfg.HCIdentity)
|
err = provider.SetupIdentity(process.Ctx(cmd), setupCfg.HCCA, setupCfg.HCIdentity)
|
||||||
if err != nil {
|
if err != nil {
|
||||||
return err
|
return err
|
||||||
@ -81,6 +82,7 @@ func cmdSetup(cmd *cobra.Command, args []string) (err error) {
|
|||||||
farmerIdentity := setupCfg.FarmerIdentity
|
farmerIdentity := setupCfg.FarmerIdentity
|
||||||
farmerIdentity.CertPath = filepath.Join(farmerPath, "identity.cert")
|
farmerIdentity.CertPath = filepath.Join(farmerPath, "identity.cert")
|
||||||
farmerIdentity.KeyPath = filepath.Join(farmerPath, "identity.key")
|
farmerIdentity.KeyPath = filepath.Join(farmerPath, "identity.key")
|
||||||
|
fmt.Printf("creating identity for storage node %d\n", i+1)
|
||||||
err := provider.SetupIdentity(process.Ctx(cmd), farmerCA, farmerIdentity)
|
err := provider.SetupIdentity(process.Ctx(cmd), farmerCA, farmerIdentity)
|
||||||
if err != nil {
|
if err != nil {
|
||||||
return err
|
return err
|
||||||
@ -96,6 +98,7 @@ func cmdSetup(cmd *cobra.Command, args []string) (err error) {
|
|||||||
setupCfg.GWCA.KeyPath = filepath.Join(gwPath, "ca.key")
|
setupCfg.GWCA.KeyPath = filepath.Join(gwPath, "ca.key")
|
||||||
setupCfg.GWIdentity.CertPath = filepath.Join(gwPath, "identity.cert")
|
setupCfg.GWIdentity.CertPath = filepath.Join(gwPath, "identity.cert")
|
||||||
setupCfg.GWIdentity.KeyPath = filepath.Join(gwPath, "identity.key")
|
setupCfg.GWIdentity.KeyPath = filepath.Join(gwPath, "identity.key")
|
||||||
|
fmt.Printf("creating identity for gateway\n")
|
||||||
err = provider.SetupIdentity(process.Ctx(cmd), setupCfg.GWCA, setupCfg.GWIdentity)
|
err = provider.SetupIdentity(process.Ctx(cmd), setupCfg.GWCA, setupCfg.GWIdentity)
|
||||||
if err != nil {
|
if err != nil {
|
||||||
return err
|
return err
|
||||||
|
@ -37,7 +37,7 @@ type FullCertificateAuthority struct {
|
|||||||
type CASetupConfig struct {
|
type CASetupConfig struct {
|
||||||
CertPath string `help:"path to the certificate chain for this identity" default:"$CONFDIR/ca.cert"`
|
CertPath string `help:"path to the certificate chain for this identity" default:"$CONFDIR/ca.cert"`
|
||||||
KeyPath string `help:"path to the private key for this identity" default:"$CONFDIR/ca.key"`
|
KeyPath string `help:"path to the private key for this identity" default:"$CONFDIR/ca.key"`
|
||||||
Difficulty uint64 `help:"minimum difficulty for identity generation" default:"24"`
|
Difficulty uint64 `help:"minimum difficulty for identity generation" default:"12"`
|
||||||
Timeout string `help:"timeout for CA generation; golang duration string (0 no timeout)" default:"5m"`
|
Timeout string `help:"timeout for CA generation; golang duration string (0 no timeout)" default:"5m"`
|
||||||
Overwrite bool `help:"if true, existing CA certs AND keys will overwritten" default:"false"`
|
Overwrite bool `help:"if true, existing CA certs AND keys will overwritten" default:"false"`
|
||||||
Concurrency uint `help:"number of concurrent workers for certificate authority generation" default:"4"`
|
Concurrency uint `help:"number of concurrent workers for certificate authority generation" default:"4"`
|
||||||
|
@ -38,18 +38,20 @@ type Provider struct {
|
|||||||
func NewProvider(identity *FullIdentity, lis net.Listener,
|
func NewProvider(identity *FullIdentity, lis net.Listener,
|
||||||
responsibilities ...Responsibility) (*Provider, error) {
|
responsibilities ...Responsibility) (*Provider, error) {
|
||||||
// NB: talk to anyone with an identity
|
// NB: talk to anyone with an identity
|
||||||
s, err := identity.ServerOption()
|
ident, err := identity.ServerOption()
|
||||||
if err != nil {
|
if err != nil {
|
||||||
return nil, err
|
return nil, err
|
||||||
}
|
}
|
||||||
|
|
||||||
return &Provider{
|
// TODO: use ident
|
||||||
|
_ = ident
|
||||||
|
|
||||||
|
return &Provider{
|
||||||
lis: lis,
|
lis: lis,
|
||||||
g: grpc.NewServer(
|
g: grpc.NewServer(
|
||||||
grpc.StreamInterceptor(streamInterceptor),
|
grpc.StreamInterceptor(streamInterceptor),
|
||||||
grpc.UnaryInterceptor(unaryInterceptor),
|
grpc.UnaryInterceptor(unaryInterceptor),
|
||||||
s,
|
// ident, TODO
|
||||||
),
|
),
|
||||||
next: responsibilities,
|
next: responsibilities,
|
||||||
identity: identity,
|
identity: identity,
|
||||||
|
Loading…
Reference in New Issue
Block a user