[#90] Added tls cert to nodes

Signed-off-by: Denis Kirillov <denis@nspcc.ru>
This commit is contained in:
Denis Kirillov 2021-07-06 12:52:22 +03:00 committed by Alex Vanin
parent 1aa8d407ff
commit 58bc422f2b
2 changed files with 11 additions and 4 deletions

View file

@ -10,6 +10,8 @@ get.storage:
echo "req_extensions=san"; \
echo "[san]"; \
echo "subjectAltName=DNS:s04.${LOCAL_DOMAIN}") > ${SSL_CONFIG}
ifeq ($(shell ! test -e ${STORAGE_DIR}/s04tls.key && echo -n yes),yes)
@openssl req -new -newkey rsa:4096 -x509 -sha256 -days 365 -nodes \
-subj "/C=RU/ST=SPB/L=St.Petersburg/O=NSPCC/OU=NSPCC/CN=s04.${LOCAL_DOMAIN}" \
-keyout ${STORAGE_DIR}/s04tls.key -out ${STORAGE_DIR}/s04tls.crt -extensions san -config ${SSL_CONFIG}
-subj "/C=RU/ST=SPB/L=St.Petersburg/O=NSPCC/OU=NSPCC/CN=s04.${LOCAL_DOMAIN}" \
-keyout ${STORAGE_DIR}/s04tls.key -out ${STORAGE_DIR}/s04tls.crt -extensions san -config ${SSL_CONFIG}
endif

View file

@ -18,6 +18,7 @@ services:
- storage_s01:/storage
- ./../../vendor/neofs-cli:/neofs-cli
- ./healthcheck.sh:/healthcheck.sh
- ./s04tls.crt:/etc/ssl/certs/s04tls.crt
stop_signal: SIGKILL
env_file: [ ".env", ".storage.env" ]
environment:
@ -50,6 +51,7 @@ services:
- storage_s02:/storage
- ./../../vendor/neofs-cli:/neofs-cli
- ./healthcheck.sh:/healthcheck.sh
- ./s04tls.crt:/etc/ssl/certs/s04tls.crt
stop_signal: SIGKILL
env_file: [ ".env", ".storage.env" ]
environment:
@ -82,6 +84,7 @@ services:
- storage_s03:/storage
- ./../../vendor/neofs-cli:/neofs-cli
- ./healthcheck.sh:/healthcheck.sh
- ./s04tls.crt:/etc/ssl/certs/s04tls.crt
stop_signal: SIGKILL
env_file: [ ".env", ".storage.env" ]
environment:
@ -120,10 +123,12 @@ services:
env_file: [ ".env", ".storage.env" ]
environment:
- NEOFS_NODE_KEY=/04.key
- NEOFS_NODE_ADDRESSES=s04.${LOCAL_DOMAIN}:8080
- NEOFS_GRPC_0_ENDPOINT=s04.${LOCAL_DOMAIN}:8080
- NEOFS_NODE_ADDRESSES=grpcs://s04.${LOCAL_DOMAIN}:8080 s04.${LOCAL_DOMAIN}:8082
- NEOFS_CONTROL_GRPC_ENDPOINT=s04.${LOCAL_DOMAIN}:8081
- NEOFS_GRPC_NUM=2
- NEOFS_GRPC_0_ENDPOINT=s04.${LOCAL_DOMAIN}:8080
- NEOFS_GRPC_0_TLS_ENABLED=true
- NEOFS_GRPC_1_ENDPOINT=s04.${LOCAL_DOMAIN}:8082
- NEOFS_NODE_ATTRIBUTE_0=UN-LOCODE:FI HEL
- NEOFS_NODE_ATTRIBUTE_1=Price:44
healthcheck: