fix: make dev_tls with volume https (#4866)

author: Konstantin Lebedev <9497591+kmlebedev@users.noreply.github.com> 2023-09-25 18:47:38 +0500
committer: GitHub <noreply@github.com> 2023-09-25 06:47:38 -0700
commit: a40888d343a9b1f4ad0b96885f50ccf70e8f8496 (patch)
tree: dd346c0012dcca0e21aaa9165a87dbc751d06634
parent: 23f334dd13f1bf801a6f5df14742db8526b29afe (diff)
download: seaweedfs-a40888d343a9b1f4ad0b96885f50ccf70e8f8496.tar.xz
seaweedfs-a40888d343a9b1f4ad0b96885f50ccf70e8f8496.zip
2 files changed, 10 insertions, 6 deletions
diff --git a/docker/Makefile b/docker/Makefile
index b473245e8..89a896f77 100644
--- a/docker/Makefile
+++ b/docker/Makefile
@@ -102,12 +102,12 @@ clean:
 	rm ./weed
 
 certstrap:
-	go get github.com/square/certstrap
-	certstrap --depot-path compose/tls init --passphrase "" --common-name "SeaweedFS CA" || true
-	certstrap --depot-path compose/tls request-cert --passphrase "" --common-name volume01.dev || true
-	certstrap --depot-path compose/tls request-cert --passphrase "" --common-name master01.dev || true
-	certstrap --depot-path compose/tls request-cert --passphrase "" --common-name filer01.dev || true
-	certstrap --depot-path compose/tls request-cert --passphrase "" --common-name client01.dev || true
+	go install -v github.com/square/certstrap@latest
+	certstrap --depot-path compose/tls init --curve P-256 --passphrase "" --common-name "SeaweedFS CA" || true
+	certstrap --depot-path compose/tls request-cert --ou "SeaweedFS" --curve P-256 --passphrase "" --domain localhost --common-name volume01.dev || true
+	certstrap --depot-path compose/tls request-cert --ou "SeaweedFS" --curve P-256 --passphrase "" --common-name master01.dev || true
+	certstrap --depot-path compose/tls request-cert --ou "SeaweedFS" --curve P-256 --passphrase "" --common-name filer01.dev || true
+	certstrap --depot-path compose/tls request-cert --ou "SeaweedFS" --curve P-256 --passphrase "" --common-name client01.dev || true
 	certstrap --depot-path compose/tls sign --CA "SeaweedFS CA" volume01.dev || true
 	certstrap --depot-path compose/tls sign --CA "SeaweedFS CA" master01.dev || true
 	certstrap --depot-path compose/tls sign --CA "SeaweedFS CA" filer01.dev || true
diff --git a/docker/compose/tls.env b/docker/compose/tls.env
index 3a52fce52..d80a3abbd 100644
--- a/docker/compose/tls.env
+++ b/docker/compose/tls.env
@@ -12,5 +12,9 @@ WEED_GRPC_MASTER_ALLOWED_COMMONNAMES="volume01.dev,master01.dev,filer01.dev,clie
 WEED_GRPC_VOLUME_ALLOWED_COMMONNAMES="volume01.dev,master01.dev,filer01.dev,client01.dev"
 WEED_GRPC_FILER_ALLOWED_COMMONNAMES="volume01.dev,master01.dev,filer01.dev,client01.dev"
 WEED_GRPC_CLIENT_ALLOWED_COMMONNAMES="volume01.dev,master01.dev,filer01.dev,client01.dev"
+WEED_HTTPS_CLIENT_ENABLE=true
+WEED_HTTPS_VOLUME_CERT=/etc/seaweedfs/tls/volume01.dev.crt
+WEED_HTTPS_VOLUME_KEY=/etc/seaweedfs/tls/volume01.dev.key
+WEED_HTTPS_VOLUME_CA=/etc/seaweedfs/tls/SeaweedFS_CA.crt
 #GRPC_GO_LOG_SEVERITY_LEVEL=info
 #GRPC_GO_LOG_VERBOSITY_LEVEL=2
 \ No newline at end of file
author	Konstantin Lebedev <9497591+kmlebedev@users.noreply.github.com>	2023-09-25 18:47:38 +0500
committer	GitHub <noreply@github.com>	2023-09-25 06:47:38 -0700
commit	a40888d343a9b1f4ad0b96885f50ccf70e8f8496 (patch)
tree	dd346c0012dcca0e21aaa9165a87dbc751d06634
parent	23f334dd13f1bf801a6f5df14742db8526b29afe (diff)
download	seaweedfs-a40888d343a9b1f4ad0b96885f50ccf70e8f8496.tar.xz seaweedfs-a40888d343a9b1f4ad0b96885f50ccf70e8f8496.zip