From bcc185df400f0b459d78d6bdd3084ef5b6ac5e8a Mon Sep 17 00:00:00 2001 From: Alex Auvolat Date: Thu, 30 Dec 2021 20:08:10 +0100 Subject: Add support for Consul TLS --- src/main.rs | 22 +++++++++++++++++++++- 1 file changed, 21 insertions(+), 1 deletion(-) (limited to 'src/main.rs') diff --git a/src/main.rs b/src/main.rs index 353af66..857d24e 100644 --- a/src/main.rs +++ b/src/main.rs @@ -27,6 +27,18 @@ struct Opt { )] pub consul_addr: String, + /// CA certificate for Consul server with TLS + #[structopt(long = "consul-ca-cert", env = "TRICOT_CONSUL_CA_CERT")] + pub consul_ca_cert: Option, + + /// Client certificate for Consul server with TLS + #[structopt(long = "consul-client-cert", env = "TRICOT_CONSUL_CLIENT_CERT")] + pub consul_client_cert: Option, + + /// Client key for Consul server with TLS + #[structopt(long = "consul-client-key", env = "TRICOT_CONSUL_CLIENT_KEY")] + pub consul_client_key: Option, + /// Prefix of Tricot's entries in Consul KV space #[structopt( long = "consul-kv-prefix", @@ -89,7 +101,15 @@ async fn main() { info!("Starting Tricot"); - let consul = consul::Consul::new(&opt.consul_addr, &opt.consul_kv_prefix, &opt.node_name); + let consul_config = consul::ConsulConfig{ + addr: opt.consul_addr.clone(), + ca_cert: opt.consul_ca_cert.clone(), + client_cert: opt.consul_client_cert.clone(), + client_key: opt.consul_client_key.clone(), + }; + + let consul = consul::Consul::new(consul_config, &opt.consul_kv_prefix, &opt.node_name) + .expect("Error creating Consul client"); let mut rx_proxy_config = proxy_config::spawn_proxy_config_task(consul.clone()); let cert_store = cert_store::CertStore::new( -- cgit v1.2.3