Skip to content
This repository has been archived by the owner on Jun 20, 2024. It is now read-only.

[proxy] add --no-detect-tls flag, and proxy always tries to detect TLS. #1679

Merged
merged 1 commit into from
Nov 17, 2015
Merged

[proxy] add --no-detect-tls flag, and proxy always tries to detect TLS. #1679

Show file tree
Hide file tree
Changes from all commits
Commits
Show all changes
1 commit
Select commit
File filter

Filter by extension

Filter by extension
Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
10 changes: 5 additions & 5 deletions site/proxy.md
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -231,11 +231,11 @@ be able to launch a TLS-enabled proxy with:

host1$ weave launch-proxy

You can also manually configure the proxy's TLS. This is accomplished
by launching the proxy with the same TLS-related command-line flags as
supplied to the docker daemon. For example, if you have generated your
certificates and keys into the docker host's `/tls` directory, we can
launch the proxy with:
To disable auto-detection of TLS configuration, you can either pass
the `--no-detect-tls` flag, or manually configure the proxy's TLS with
the same TLS-related command-line flags as supplied to the docker
daemon. For example, if you have generated your certificates and keys
into the docker host's `/tls` directory, we can launch the proxy with:

host1$ weave launch-proxy --tls-verify --tls-cacert=/tls/ca.pem \
--tls-cert=/tls/server-cert.pem --tls-key=/tls/server-key.pem
Expand Down
10 changes: 7 additions & 3 deletions weave
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -1278,6 +1278,9 @@ proxy_parse_args() {
PROXY_HOST="${1#*=}"
PROXY_ARGS="$PROXY_ARGS $1"
;;
-no-detect-tls|--no-detect-tls)
PROXY_TLS_DETECTION_DISABLED=1
;;
-tls|--tls|-tlsverify|--tlsverify)
PROXY_TLS_ENABLED=1
PROXY_ARGS="$PROXY_ARGS $1"
Expand Down Expand Up @@ -1315,12 +1318,13 @@ proxy_args() {
PROXY_VOLUMES=""
PROXY_ARGS=""
PROXY_TLS_ENABLED=""
PROXY_TLS_DETECTION_DISABLED=""
PROXY_HOST=""
proxy_parse_args "$@"

if [ -z "$PROXY_HOST" -a -n "$CLIENT_TLS_ENABLED" -a -z "$PROXY_TLS_ENABLED" ] ; then
if ! proxy_parse_args $(docker_tls_args) ; then
echo "When launching the proxy via TLS, -H and/or TLS options are required." >&2
if [ -z "$PROXY_TLS_ENABLED" ] ; then
if [ -z "$PROXY_TLS_DETECTION_DISABLED" ] && ! proxy_parse_args $(docker_tls_args) ; then
echo "Unable to auto-detect TLS configuration, --no-detect-tls or TLS options are required." >&2
exit 1
fi
fi
Expand Down