Add https cert and key options to docker#2186
Conversation
|
Is it user-friendly to have 2 options, and if you don't supply both, nothing happens? As an idea, if someone specifies 1 of them, does that indicate they are definately trying to activate the feature, and maybe the system should error and prompt them for the other option? |
|
On 10/14/2013 08:51 PM, Brad Murray wrote:
-Colin |
|
+1. This is useful! Pinging the core maintainers so this PR gets the review it deserves :-) /cc @creack @vieux @crosbymichael Before merging, we will also need to:
I believe that the first two points will be necessary to merge; the last three might require a more significant rehaul of the option parsing so maybe it can be left for later. The maintainers will tell! |
|
Please add documentation around this new feature and an example setup would be great. |
server.go
Outdated
There was a problem hiding this comment.
Instead of storing both values on the Server struct why not create and store the tls.Config on the server when it is created?
There was a problem hiding this comment.
That sounds like a better approach.
|
@crosbymichael |
|
Yes, I think both would be great. |
|
@crosbymichael |
|
There should be a Dockerfile in the root of the docs folder that you can build and run to test the doc changes . |
|
@crosbymichael Docs are updated. There didn't seem to be any server flag documentation so I added a basic segment. I'm not sure if its the right thing to do. |
|
@c00w Can you please rebase these changes? |
|
Rebasing isn't going to solve the problem, the structure of running in daemon mode changed completely and this code is going to have to be rewritten. |
|
Ah, I'm sorry Colin, I know how it feels when that happens. |
|
Hey Colin, sorry about that. If you want to drop by irc (#docker-dev on freenode) we can walk you through the changes. It's not as bad as it looks. 90% of your code can probably stay the same, but moved around a little bit. On Mon, Nov 4, 2013 at 6:32 AM, Jérôme Petazzoni [email protected]
|
|
I'm going to rewrite the patch but its probably going to take a bit On 11/04/2013 09:59 AM, Solomon Hykes wrote:
|
|
Hi @c00w just a reminder that we are available to walk you through this on IRC. I have one more request: could you add the same options to the client, so that there is still a way to use it when the daemon uses tls? Thanks. |
|
+1 |
|
this would be awesome 👍 |
|
I've rebased this PR and solved merge conflicts here: https://github.com/discordianfish/docker/tree/1745_HTTPS_Remote_client_api |
|
Closing in favor if #2996 |
support.sh: add host links
8 participants
This adds two new options to the docker daemon which pass in a ssl certificate and private key. When both of these are passed in, it uses https rather than http.
Partially fixes issue #1745