Enable TLS for Consul

author: Alex Auvolat <alex@adnab.me> 2021-12-30 20:56:13 +0100
committer: Alex Auvolat <alex@adnab.me> 2021-12-30 20:56:13 +0100
commit: 5ea4cef2946a71467c519db803cd1c31f1ffff20 (patch)
tree: 5eb1f5ddd1f06650511f1b1442d50112427b0fa6 /sslproxy.sh
parent: b00a8358b20ac99912bacafd8fee5466da257e67 (diff)
download: nixcfg-5ea4cef2946a71467c519db803cd1c31f1ffff20.tar.gz
nixcfg-5ea4cef2946a71467c519db803cd1c31f1ffff20.zip
1 files changed, 16 insertions, 1 deletions
diff --git a/sslproxy.sh b/sslproxy.sh
index 4f529fe..aa0006a 100755
--- a/sslproxy.sh
+++ b/sslproxy.sh
@@ -2,4 +2,19 @@
 
 YEAR=$(date +%Y)
 
-socat -dd tcp4-listen:4646,reuseaddr,fork openssl:localhost:14646,cert=secrets/pki/nomad$YEAR-client.crt,key=secrets/pki/nomad$YEAR-client.key,cafile=secrets/pki/nomad$YEAR.crt
+_int() {
+  echo "Caught SIGINT signal!"
+  kill -INT "$child1" 2>/dev/null
+  kill -INT "$child2" 2>/dev/null
+}
+
+trap _int SIGINT
+
+socat -dd tcp4-listen:4646,reuseaddr,fork openssl:localhost:14646,cert=secrets/pki/nomad$YEAR-client.crt,key=secrets/pki/nomad$YEAR-client.key,cafile=secrets/pki/nomad$YEAR.crt &
+child1=$!
+
+socat -dd tcp4-listen:8500,reuseaddr,fork openssl:localhost:8501,cert=secrets/pki/consul$YEAR-client.crt,key=secrets/pki/consul$YEAR-client.key,cafile=secrets/pki/consul$YEAR.crt &
+child2=$!
+
+wait "$child1"
+wait "$child2"
author	Alex Auvolat <alex@adnab.me>	2021-12-30 20:56:13 +0100
committer	Alex Auvolat <alex@adnab.me>	2021-12-30 20:56:13 +0100
commit	5ea4cef2946a71467c519db803cd1c31f1ffff20 (patch)
tree	5eb1f5ddd1f06650511f1b1442d50112427b0fa6 /sslproxy.sh
parent	b00a8358b20ac99912bacafd8fee5466da257e67 (diff)
download	nixcfg-5ea4cef2946a71467c519db803cd1c31f1ffff20.tar.gz nixcfg-5ea4cef2946a71467c519db803cd1c31f1ffff20.zip