Skip to content
This repository has been archived by the owner on Jun 20, 2024. It is now read-only.

Commit

Permalink
Merge pull request #1679 from weaveworks/1539-no-detect-tls-flag
Browse files Browse the repository at this point in the history
[proxy] add --no-detect-tls flag, and proxy always tries to detect TLS.
  • Loading branch information
awh committed Nov 17, 2015
2 parents 9ee3b1b + f458491 commit bcc70b3
Show file tree
Hide file tree
Showing 2 changed files with 12 additions and 8 deletions.
10 changes: 5 additions & 5 deletions site/proxy.md
Original file line number Diff line number Diff line change
Expand Up @@ -231,11 +231,11 @@ be able to launch a TLS-enabled proxy with:

host1$ weave launch-proxy

You can also manually configure the proxy's TLS. This is accomplished
by launching the proxy with the same TLS-related command-line flags as
supplied to the docker daemon. For example, if you have generated your
certificates and keys into the docker host's `/tls` directory, we can
launch the proxy with:
To disable auto-detection of TLS configuration, you can either pass
the `--no-detect-tls` flag, or manually configure the proxy's TLS with
the same TLS-related command-line flags as supplied to the docker
daemon. For example, if you have generated your certificates and keys
into the docker host's `/tls` directory, we can launch the proxy with:

host1$ weave launch-proxy --tls-verify --tls-cacert=/tls/ca.pem \
--tls-cert=/tls/server-cert.pem --tls-key=/tls/server-key.pem
Expand Down
10 changes: 7 additions & 3 deletions weave
Original file line number Diff line number Diff line change
Expand Up @@ -1278,6 +1278,9 @@ proxy_parse_args() {
PROXY_HOST="${1#*=}"
PROXY_ARGS="$PROXY_ARGS $1"
;;
-no-detect-tls|--no-detect-tls)
PROXY_TLS_DETECTION_DISABLED=1
;;
-tls|--tls|-tlsverify|--tlsverify)
PROXY_TLS_ENABLED=1
PROXY_ARGS="$PROXY_ARGS $1"
Expand Down Expand Up @@ -1315,12 +1318,13 @@ proxy_args() {
PROXY_VOLUMES=""
PROXY_ARGS=""
PROXY_TLS_ENABLED=""
PROXY_TLS_DETECTION_DISABLED=""
PROXY_HOST=""
proxy_parse_args "$@"

if [ -z "$PROXY_HOST" -a -n "$CLIENT_TLS_ENABLED" -a -z "$PROXY_TLS_ENABLED" ] ; then
if ! proxy_parse_args $(docker_tls_args) ; then
echo "When launching the proxy via TLS, -H and/or TLS options are required." >&2
if [ -z "$PROXY_TLS_ENABLED" ] ; then
if [ -z "$PROXY_TLS_DETECTION_DISABLED" ] && ! proxy_parse_args $(docker_tls_args) ; then
echo "Unable to auto-detect TLS configuration, --no-detect-tls or TLS options are required." >&2
exit 1
fi
fi
Expand Down

0 comments on commit bcc70b3

Please sign in to comment.