forked from TrueCloudLab/frostfs-dev-env
[#90] Added tls cert to nodes
Signed-off-by: Denis Kirillov <denis@nspcc.ru>
This commit is contained in:
parent
1aa8d407ff
commit
58bc422f2b
2 changed files with 11 additions and 4 deletions
|
@ -10,6 +10,8 @@ get.storage:
|
||||||
echo "req_extensions=san"; \
|
echo "req_extensions=san"; \
|
||||||
echo "[san]"; \
|
echo "[san]"; \
|
||||||
echo "subjectAltName=DNS:s04.${LOCAL_DOMAIN}") > ${SSL_CONFIG}
|
echo "subjectAltName=DNS:s04.${LOCAL_DOMAIN}") > ${SSL_CONFIG}
|
||||||
|
ifeq ($(shell ! test -e ${STORAGE_DIR}/s04tls.key && echo -n yes),yes)
|
||||||
@openssl req -new -newkey rsa:4096 -x509 -sha256 -days 365 -nodes \
|
@openssl req -new -newkey rsa:4096 -x509 -sha256 -days 365 -nodes \
|
||||||
-subj "/C=RU/ST=SPB/L=St.Petersburg/O=NSPCC/OU=NSPCC/CN=s04.${LOCAL_DOMAIN}" \
|
-subj "/C=RU/ST=SPB/L=St.Petersburg/O=NSPCC/OU=NSPCC/CN=s04.${LOCAL_DOMAIN}" \
|
||||||
-keyout ${STORAGE_DIR}/s04tls.key -out ${STORAGE_DIR}/s04tls.crt -extensions san -config ${SSL_CONFIG}
|
-keyout ${STORAGE_DIR}/s04tls.key -out ${STORAGE_DIR}/s04tls.crt -extensions san -config ${SSL_CONFIG}
|
||||||
|
endif
|
||||||
|
|
|
@ -18,6 +18,7 @@ services:
|
||||||
- storage_s01:/storage
|
- storage_s01:/storage
|
||||||
- ./../../vendor/neofs-cli:/neofs-cli
|
- ./../../vendor/neofs-cli:/neofs-cli
|
||||||
- ./healthcheck.sh:/healthcheck.sh
|
- ./healthcheck.sh:/healthcheck.sh
|
||||||
|
- ./s04tls.crt:/etc/ssl/certs/s04tls.crt
|
||||||
stop_signal: SIGKILL
|
stop_signal: SIGKILL
|
||||||
env_file: [ ".env", ".storage.env" ]
|
env_file: [ ".env", ".storage.env" ]
|
||||||
environment:
|
environment:
|
||||||
|
@ -50,6 +51,7 @@ services:
|
||||||
- storage_s02:/storage
|
- storage_s02:/storage
|
||||||
- ./../../vendor/neofs-cli:/neofs-cli
|
- ./../../vendor/neofs-cli:/neofs-cli
|
||||||
- ./healthcheck.sh:/healthcheck.sh
|
- ./healthcheck.sh:/healthcheck.sh
|
||||||
|
- ./s04tls.crt:/etc/ssl/certs/s04tls.crt
|
||||||
stop_signal: SIGKILL
|
stop_signal: SIGKILL
|
||||||
env_file: [ ".env", ".storage.env" ]
|
env_file: [ ".env", ".storage.env" ]
|
||||||
environment:
|
environment:
|
||||||
|
@ -82,6 +84,7 @@ services:
|
||||||
- storage_s03:/storage
|
- storage_s03:/storage
|
||||||
- ./../../vendor/neofs-cli:/neofs-cli
|
- ./../../vendor/neofs-cli:/neofs-cli
|
||||||
- ./healthcheck.sh:/healthcheck.sh
|
- ./healthcheck.sh:/healthcheck.sh
|
||||||
|
- ./s04tls.crt:/etc/ssl/certs/s04tls.crt
|
||||||
stop_signal: SIGKILL
|
stop_signal: SIGKILL
|
||||||
env_file: [ ".env", ".storage.env" ]
|
env_file: [ ".env", ".storage.env" ]
|
||||||
environment:
|
environment:
|
||||||
|
@ -120,10 +123,12 @@ services:
|
||||||
env_file: [ ".env", ".storage.env" ]
|
env_file: [ ".env", ".storage.env" ]
|
||||||
environment:
|
environment:
|
||||||
- NEOFS_NODE_KEY=/04.key
|
- NEOFS_NODE_KEY=/04.key
|
||||||
- NEOFS_NODE_ADDRESSES=s04.${LOCAL_DOMAIN}:8080
|
- NEOFS_NODE_ADDRESSES=grpcs://s04.${LOCAL_DOMAIN}:8080 s04.${LOCAL_DOMAIN}:8082
|
||||||
- NEOFS_GRPC_0_ENDPOINT=s04.${LOCAL_DOMAIN}:8080
|
|
||||||
- NEOFS_CONTROL_GRPC_ENDPOINT=s04.${LOCAL_DOMAIN}:8081
|
- NEOFS_CONTROL_GRPC_ENDPOINT=s04.${LOCAL_DOMAIN}:8081
|
||||||
|
- NEOFS_GRPC_NUM=2
|
||||||
|
- NEOFS_GRPC_0_ENDPOINT=s04.${LOCAL_DOMAIN}:8080
|
||||||
- NEOFS_GRPC_0_TLS_ENABLED=true
|
- NEOFS_GRPC_0_TLS_ENABLED=true
|
||||||
|
- NEOFS_GRPC_1_ENDPOINT=s04.${LOCAL_DOMAIN}:8082
|
||||||
- NEOFS_NODE_ATTRIBUTE_0=UN-LOCODE:FI HEL
|
- NEOFS_NODE_ATTRIBUTE_0=UN-LOCODE:FI HEL
|
||||||
- NEOFS_NODE_ATTRIBUTE_1=Price:44
|
- NEOFS_NODE_ATTRIBUTE_1=Price:44
|
||||||
healthcheck:
|
healthcheck:
|
||||||
|
|
Loading…
Reference in a new issue