Closed systemcrash closed 4 years ago
Added os.Mkdir to create the "certs" dir for non-container users.
This should be improved. Mby it's better to introduce a new config option like TLSCertificates which holds a path like certs/. Default should be the current dir ".". With that you can call cert.NewCertificateAuthority(filepath.Join(config.Setting.TLSCertificates, "heplify-server")
If the user wants a different folder than the current binary folder for certs, he can create or mount it himself.
OK. Fixed. Thoughts?
I tested against "."
and "./"
in config.go
and with various directories in the toml. All good.
Looks better. Please use as Config parameter name TLSCertFolder and mby the folder creation should be done by the user and not by heplify-server. Need to think about it.
Folder creation I think are better done by heplify-server
- at least this way, the permissions and readability should be correct when running in a container. ( the whole point of this PR )
Edit: binaries run as nobody might encounter problems (fail to start?) if the path is full and not relative - but this is a signal to the user that something is misconfigured.
The one problem I can think of in containers: if someone sets the param (thinking it's on their local system), but doesn't map the volume.
Thanks! I would suggest to merge it like it is now and then think about auto folder creation. Could you please resolve the conflicts?
Good to go.
Thank you for the contribution!
now possible to expose this path as a volume via docker (so that you can provide your own certificates).