aboutsummaryrefslogtreecommitdiff
path: root/src/config/runtime.rs
diff options
context:
space:
mode:
Diffstat (limited to 'src/config/runtime.rs')
-rw-r--r--src/config/runtime.rs21
1 files changed, 13 insertions, 8 deletions
diff --git a/src/config/runtime.rs b/src/config/runtime.rs
index cc80b0d..2e7b573 100644
--- a/src/config/runtime.rs
+++ b/src/config/runtime.rs
@@ -20,7 +20,7 @@ pub struct RuntimeConfigAcme {
pub struct RuntimeConfigConsul {
pub node_name: String,
pub url: String,
- pub tls: Option<(reqwest::Certificate, reqwest::Identity)>,
+ pub tls: Option<(Option<reqwest::Certificate>, bool, reqwest::Identity)>,
}
#[derive(Debug)]
@@ -80,11 +80,16 @@ impl RuntimeConfigConsul {
.expect("'DIPLONAT_CONSUL_NODE_NAME' environment variable is required");
let url = opts.url.unwrap_or(super::CONSUL_URL.to_string());
- let tls = match (&opts.ca_cert, &opts.client_cert, &opts.client_key) {
- (Some(ca_cert), Some(client_cert), Some(client_key)) => {
- let mut ca_cert_buf = vec![];
- File::open(ca_cert)?.read_to_end(&mut ca_cert_buf)?;
- let cert = reqwest::Certificate::from_pem(&ca_cert_buf[..])?;
+ let tls = match (&opts.client_cert, &opts.client_key) {
+ (Some(client_cert), Some(client_key)) => {
+ let cert = match &opts.ca_cert {
+ Some(ca_cert) => {
+ let mut ca_cert_buf = vec![];
+ File::open(ca_cert)?.read_to_end(&mut ca_cert_buf)?;
+ Some(reqwest::Certificate::from_pem(&ca_cert_buf[..])?)
+ }
+ None => None,
+ };
let mut client_cert_buf = vec![];
File::open(client_cert)?.read_to_end(&mut client_cert_buf)?;
@@ -95,9 +100,9 @@ impl RuntimeConfigConsul {
let ident =
reqwest::Identity::from_pem(&[&client_cert_buf[..], &client_key_buf[..]].concat()[..])?;
- Some((cert, ident))
+ Some((cert, opts.tls_skip_verify, ident))
}
- (None, None, None) => None,
+ (None, None) => None,
_ => bail!("Incomplete TLS configuration parameters"),
};