forked from TrueCloudLab/frostfs-aio
[#52] Support TLS for s3-gw
Signed-off-by: Denis Kirillov <d.kirillov@yadro.com>
This commit is contained in:
parent
fcc4b84805
commit
6e4817101d
8 changed files with 107 additions and 7 deletions
|
|
@ -49,6 +49,8 @@ COPY ./s3-gw/rules.json /config/bearer-rules.json
|
|||
COPY ./s3-gw/regions.json /config/regions.json
|
||||
COPY ./s3-gw/s3-gw-config.yaml /config/s3-gw-config.yaml
|
||||
COPY ./s3-gw/s3-gw-wallet.json /config/s3-gw-wallet.json
|
||||
COPY ./s3-gw/s3-gw-tls.crt /config/s3-gw-tls.crt
|
||||
COPY ./s3-gw/s3-gw-tls.key /config/s3-gw-tls.key
|
||||
COPY ./s3-gw/user-wallet.json /config/user-wallet.json
|
||||
COPY ./sn/cli-cfg.yaml /config/cli-cfg-sn.yaml
|
||||
COPY ./sn/wallet.json /config/wallet-sn.json
|
||||
|
|
|
|||
|
|
@ -49,6 +49,8 @@ COPY ./s3-gw/rules.json /config/bearer-rules.json
|
|||
COPY ./s3-gw/regions.json /config/regions.json
|
||||
COPY ./s3-gw/s3-gw-config.yaml /config/s3-gw-config.yaml
|
||||
COPY ./s3-gw/s3-gw-wallet.json /config/s3-gw-wallet.json
|
||||
COPY ./s3-gw/s3-gw-tls.crt /config/s3-gw-tls.crt
|
||||
COPY ./s3-gw/s3-gw-tls.key /config/s3-gw-tls.key
|
||||
COPY ./s3-gw/user-wallet.json /config/user-wallet.json
|
||||
COPY ./sn/cli-cfg.yaml /config/cli-cfg-sn.yaml
|
||||
COPY ./sn/wallet.json /config/wallet-sn.json
|
||||
|
|
|
|||
|
|
@ -34,6 +34,8 @@ COPY ./s3-gw/rules.json /config/bearer-rules.json
|
|||
COPY ./s3-gw/regions.json /config/regions.json
|
||||
COPY ./s3-gw/s3-gw-config.yaml /config/s3-gw-config.yaml
|
||||
COPY ./s3-gw/s3-gw-wallet.json /config/s3-gw-wallet.json
|
||||
COPY ./s3-gw/s3-gw-tls.crt /config/s3-gw-tls.crt
|
||||
COPY ./s3-gw/s3-gw-tls.key /config/s3-gw-tls.key
|
||||
COPY ./s3-gw/user-wallet.json /config/user-wallet.json
|
||||
COPY ./sn/cli-cfg.yaml /config/cli-cfg-sn.yaml
|
||||
COPY ./sn/wallet.json /config/wallet-sn.json
|
||||
|
|
|
|||
14
README.md
14
README.md
|
|
@ -15,13 +15,13 @@ files for:
|
|||
Entrypoint script starts blockchain, inner ring, storage, s3, and http gateway
|
||||
services and configures it in the initial start.
|
||||
|
||||
| Service | Port |
|
||||
|-----------------------------|-------|
|
||||
| neo-go RPC | 30333 |
|
||||
| FrostFS Storage gRPC API | 8080 |
|
||||
| FrostFS Storage Control API | 16513 |
|
||||
| FrostFS HTTP Gateway | 8081 |
|
||||
| FrostFS S3 Gateway | 8084 |
|
||||
| Service | Port |
|
||||
|-----------------------------|------------------|
|
||||
| neo-go RPC | 30333 |
|
||||
| FrostFS Storage gRPC API | 8080 |
|
||||
| FrostFS Storage Control API | 16513 |
|
||||
| FrostFS HTTP Gateway | 8081 |
|
||||
| FrostFS S3 Gateway | 8084, 8184 (TLS) |
|
||||
|
||||
# Limitations
|
||||
|
||||
|
|
|
|||
|
|
@ -25,6 +25,7 @@ services:
|
|||
- "30333:30333" # RPC
|
||||
- "8080:8080" # FrostFS API RPC
|
||||
- "8084:8084" # S3 Gateway
|
||||
- "8184:8184" # S3 Gateway with TLS
|
||||
- "16513:16513" # Control service
|
||||
|
||||
volumes:
|
||||
|
|
|
|||
|
|
@ -11,6 +11,11 @@ peers:
|
|||
|
||||
server:
|
||||
- address: 0.0.0.0:8084
|
||||
- address: 0.0.0.0:8184
|
||||
tls:
|
||||
enabled: true
|
||||
cert_file: /config/s3-gw-tls.crt
|
||||
key_file: /config/s3-gw-tls.key
|
||||
|
||||
logger:
|
||||
level: debug
|
||||
|
|
|
|||
36
s3-gw/s3-gw-tls.crt
Normal file
36
s3-gw/s3-gw-tls.crt
Normal file
|
|
@ -0,0 +1,36 @@
|
|||
-----BEGIN CERTIFICATE-----
|
||||
MIIGOzCCBCOgAwIBAgIUYWyZ9RMzV7CIRScF85cb8kmjUK4wDQYJKoZIhvcNAQEL
|
||||
BQAwgawxCzAJBgNVBAYTAlJVMRkwFwYDVQQIDBBTYWludCBQZXRlcnNidXJnMRcw
|
||||
FQYDVQQHDA5TdC4gUGV0ZXJzYnVyZzEXMBUGA1UECgwOVHJ1ZSBDbG91ZCBMYWIx
|
||||
FzAVBgNVBAsMDlRydWUgQ2xvdWQgTGFiMRUwEwYDVQQDDAxmcm9zdGZzLmluZm8x
|
||||
IDAeBgkqhkiG9w0BCQEWEWluZm9AZnJvc3Rmcy5pbmZvMB4XDTI0MTEwODA5MzQ0
|
||||
MFoXDTM0MTEwNjA5MzQ0MFowgawxCzAJBgNVBAYTAlJVMRkwFwYDVQQIDBBTYWlu
|
||||
dCBQZXRlcnNidXJnMRcwFQYDVQQHDA5TdC4gUGV0ZXJzYnVyZzEXMBUGA1UECgwO
|
||||
VHJ1ZSBDbG91ZCBMYWIxFzAVBgNVBAsMDlRydWUgQ2xvdWQgTGFiMRUwEwYDVQQD
|
||||
DAxmcm9zdGZzLmluZm8xIDAeBgkqhkiG9w0BCQEWEWluZm9AZnJvc3Rmcy5pbmZv
|
||||
MIICIjANBgkqhkiG9w0BAQEFAAOCAg8AMIICCgKCAgEAz6tgNXMCc6MGrI/2r/Il
|
||||
sF4Nr6/RkX1kti+hH/3azbheaTD7rYqrP37F/qFoeRY6jXYzW1Bwhq5jqrUeqnDD
|
||||
NsY6Gpedn2HJjD1A1zq96Sv3SU8gT0WsSArDaCQW9joYfIlKTjOBS1WBJbWfNEqX
|
||||
R2ld6/L/x5DoyNJ5+DkdnT+lj1sCCy4uKIDgrM92v6O5MHCjZk6Tp9t5t64EboXH
|
||||
Wz3gJHCdK76VstSWCJ6Huw6rHcqKTbolZy0CiM9G5m6XeBD7G/28iM9k17KkwZ2T
|
||||
8w6IKRyrfknl/vPjLKWC3Nj5eJTQuucpLBIs/wK+jgABQYIYzejguj5HPqnSUQ6d
|
||||
u7UbOWBgOppzkyKJyXY5qJbgZlsMp/lkcDyoyLwGL6+ucz6f5vW72aDHrX3+p5/7
|
||||
HLbI7phK48OchcMMn9MG0dOZ/vhhvTQ2nNBza905ZZQRQt/AucC1nyCfyTlG5bjb
|
||||
16EdDbDu0o2PFZqHI0rx/Ytw2FFg6J4PCImxxetimOr1TomcdcvdxdJNqPTTrB9J
|
||||
fRoh7w1HIxBwXToJ2eUz3kfvI920Jxad8VxcAWVctO2MfDQ1uSUnvqouEswUGPdx
|
||||
ifpOHcj24b7uDn8g015d/p3yDSEZzxVC6Uw6xZ9dt9CZDtQBDLrno8aAc1xYMmci
|
||||
J9Q94FepyhV4tg8IwnyIljECAwEAAaNTMFEwHQYDVR0OBBYEFHSkza/3e5y8v9T+
|
||||
BjBej6ZgqtoHMB8GA1UdIwQYMBaAFHSkza/3e5y8v9T+BjBej6ZgqtoHMA8GA1Ud
|
||||
EwEB/wQFMAMBAf8wDQYJKoZIhvcNAQELBQADggIBAIYOmcqr+gwbY0zIREcoovBw
|
||||
z4K5uR1OYY1+HzhzvJHCuFpssCMEjCFQjs5lD726ASFhEYaPaLuDiXtdn2u5QpQd
|
||||
KwO98HDpC5jVb77Z8Bthf0eKrqzjbr+m7WFa22CPgyav8vGlQ+sv1+4HjHclkeW8
|
||||
CEtf4k6YjM3//C03JN93Yvsu4zmGbFLkSUVujwLOx/LzF+PbWv6d6tbP8QNufaBx
|
||||
vk74xc8icHBkyNnYhUddBXimpJEKAbGiF13Hf6M0Lbx/m8QIQ9P4VVR8FYdygYh3
|
||||
n7O7Ivusae3M+fapSYODwtp3OVC6lz07wC0+m+G08h7YBwcC7z+BofFawtilZuRg
|
||||
bbtoy5PhQTSpLzYOUtJOA5ihM3EqXR4k4/oeitNF78ZZI27p8z2g6YJY9Mjk+AfL
|
||||
f6jaBCSqJnnPB8NQtLN6VI2C3Q9/glhUkHLZkHs8DMxZsf+PpqjssU5kZGf0Viha
|
||||
BCeClyHpK/sOWOYTKfprRtfcVEYmW7favXkhdfG3QaWc8bkpvfw7ZEVmfkUJ2iUB
|
||||
xJ279uDAdnPcqA43Nw6BtRhxV5AVNfAOSzpsH9MIjRes5RS2FcAs/qt9p7ciCh3Z
|
||||
QsrnZHUvbgpaWMJimS9bxcXAvWwGhjve/OUmpeXMrjrJfsRtjuK/w4sT9wXZUrbj
|
||||
zp1TkSmKv3w1aF3xTsOv
|
||||
-----END CERTIFICATE-----
|
||||
52
s3-gw/s3-gw-tls.key
Normal file
52
s3-gw/s3-gw-tls.key
Normal file
|
|
@ -0,0 +1,52 @@
|
|||
-----BEGIN PRIVATE KEY-----
|
||||
MIIJQwIBADANBgkqhkiG9w0BAQEFAASCCS0wggkpAgEAAoICAQDPq2A1cwJzowas
|
||||
j/av8iWwXg2vr9GRfWS2L6Ef/drNuF5pMPutiqs/fsX+oWh5FjqNdjNbUHCGrmOq
|
||||
tR6qcMM2xjoal52fYcmMPUDXOr3pK/dJTyBPRaxICsNoJBb2Ohh8iUpOM4FLVYEl
|
||||
tZ80SpdHaV3r8v/HkOjI0nn4OR2dP6WPWwILLi4ogOCsz3a/o7kwcKNmTpOn23m3
|
||||
rgRuhcdbPeAkcJ0rvpWy1JYInoe7DqsdyopNuiVnLQKIz0bmbpd4EPsb/byIz2TX
|
||||
sqTBnZPzDogpHKt+SeX+8+MspYLc2Pl4lNC65yksEiz/Ar6OAAFBghjN6OC6Pkc+
|
||||
qdJRDp27tRs5YGA6mnOTIonJdjmoluBmWwyn+WRwPKjIvAYvr65zPp/m9bvZoMet
|
||||
ff6nn/sctsjumErjw5yFwwyf0wbR05n++GG9NDac0HNr3TlllBFC38C5wLWfIJ/J
|
||||
OUbluNvXoR0NsO7SjY8VmocjSvH9i3DYUWDong8IibHF62KY6vVOiZx1y93F0k2o
|
||||
9NOsH0l9GiHvDUcjEHBdOgnZ5TPeR+8j3bQnFp3xXFwBZVy07Yx8NDW5JSe+qi4S
|
||||
zBQY93GJ+k4dyPbhvu4OfyDTXl3+nfINIRnPFULpTDrFn1230JkO1AEMuuejxoBz
|
||||
XFgyZyIn1D3gV6nKFXi2DwjCfIiWMQIDAQABAoICAQC5u3ailygcMDRp5aAmIJYg
|
||||
tR3cgY0XaGTIpLSgnjQxRbH6trqBrcIXWdTPNaDwmzbnCk5IXxsk+ZdeN/sjSRLv
|
||||
TD7vRabNw3G1IZt6Y6kygAX85O3quE+rZyT5YT3AHpmD2G5CnsIGlISbK2MmK4g9
|
||||
cDl2K7Ej1bC827IGlV6tIx15p1WelkDmLM3FARAdudqJPlSFzcU1nY+w/cws5S01
|
||||
p5NuQ+HuG9hbRtKhBtgyLp5QWLN1bQTC0Hixz2CD+2kxE07i6/7RBVwVpkrAd6S4
|
||||
/8g7rM6cdo9jhNErPyRZTR1iAQbmApTKO79OnC+9ZLe61RZGIv/K0qR5oPzfTgk3
|
||||
Gb1lOo36jdBFRNr9wwON726W4pyrMIRURe2zDqfa3SMeSK++6MSxQiam1KXh8C2y
|
||||
3qa6uWHGrrVrQJQUwXEpE1jonJ43GWNmds1cYD0Mhu/vzicwuOiw9VAtiskYm848
|
||||
XgIgq5fQoO0lWe2mVfqXfmX4ANwQ3Cw5GaZI8ZbbEJtgSv1NOt6MzIEgNrMjtXGT
|
||||
B3AG1gwUxf7i6fYCwR6YVDw5F9ze+3BheFiaANVzZ1MGw6RCbDGV0a74ncRAYdGc
|
||||
N2QFoRY8W0eCYWkqVsDzhITJ2g3/bG5cN/9jD+r3R9ACHf7z7xFCQYEZC5p3+mT0
|
||||
+MvV1F0p94tHetokAMD6mQKCAQEA7z0olJxdVEbnLFabz1VBYFYpNE/FriQCl1in
|
||||
Cgdvfd3QOER0UdcpUct7j51dBO4LnGCzCVf8R4CVnUuHqA+CDlezDF1aBZVDdVoH
|
||||
ICpdeKwiUDsdijAnVvXqjo9aWaS+Elscz+hnbsTq0KTJOGasJLcPmG84oBEInofT
|
||||
0hLpctS7ZksZc7KcX2dpD3E/x7uWnlgH4fO663K/IybUY/c62CcvOy3L0+w7D8/2
|
||||
rKqD0tdK1QGTjStdx9MRnP5e96KN3OmvK4wbzqoyYc5Yqoc0EN53O7vedGy/IULM
|
||||
2cnoqT+bFtdILNYIXr9+04Sf0HDnABq3ADY4NUEgyZfv+jANxwKCAQEA3jgBwRpd
|
||||
BHBs3y6HTyIse4lPwrbHa2hhF57vfjfWOpx/261kyLjof3KsgV8WbjlZaTDfSfTr
|
||||
+PfqJX7BDfu6tB7pKjCogXjPXcpV6HUQLaY+hY0BSVtZCAk6MG5qrCaC10Y7NRJ9
|
||||
STwQJoq6j+gR2VdsyCAbamGpalLXRh1TG0MnNI3Qw+iRHNCwLY6K4J6/kG8S938R
|
||||
7/PbP7ylIBi0XtLlGD+FDoNt851Rg2fPr9uk+mwWFAHJEjP3UZotK+LN/TGSYV9b
|
||||
3IY40zTrt78pWwgdXXvyhZw0U0G3u7BpVXTavk2DHsCDYWFCd1LK6umLiopdN/T/
|
||||
H3H20NHiFrUcRwKCAQBrFA+WvInVT8rmgHlKilkxmj7lCBNthvaV8PsKtRtE1cP9
|
||||
ez4o50m6L35FYGSi8TzHKEzaEMR86GOOvKCiKxbF/qDIFvxU5WMFIl9wGSYu/bR5
|
||||
/ouRL05cUMNEPYtt9huQsbEqqVWqMX78FdVuZh4EbN8RFi7dDeKyug6nxwkv+WFL
|
||||
Pq/MphPxa6KNY93tMtwOUU5t5p4yBfDg9d84Qw7WcmtkbHH/j4s735QD4moQM4Zt
|
||||
4j+9fryB1MncX8n3wo0GZJ2fux0zGeBlAGuVH+DA8CGj3cmKiKXfaDux+vokzrBG
|
||||
v+KxFrc2WTWVzJWPQQlTdaGU+a+cvmLDeDrT2zA/AoIBAQC/U2VfRz2TFuEF/1+M
|
||||
qJW3/29m7EwilAoUdkkpWRXf/OKw10eQ8nNrV+ZitOXxHPt4cBWv7WpGP92fTtUV
|
||||
HwmPD5YdNyu93bBcxlrU/AVj6GCoR9E1waqUGq25CTha5AV/J/7OIQ8xwL7/EC60
|
||||
vFCx2m3UmKBCJbfhzVWADruBG35j5z45jsFyF9O4RaQY5VV2G8wuv39II6M/60IY
|
||||
smyJv/ZzvCzpZAuE1oxaIUVV2jzfR7RyoV7nh0qHPcFqqapFNysbHylOY1oFrujM
|
||||
mZAXypLN7GvQ0b7TeB+jP65RX3z+oGomTgZQD5dUeTowq8fzDlJYXV5TSqIBBNQu
|
||||
TNz9AoIBAELhsEeQucMagn0hFKY5WgxIYF27UjYZVzpt78SKyKjwka0CqDFrCwM+
|
||||
KF80TiAfqMBLD27UpYM9ylwv56e2ZLMWZb/Z0y25jlRC3ctSyRPFyLC6dRgZ1IVA
|
||||
pDsh06uxJhBcZyJC1KKMShdfgV37TQC4qlpqAnDyN39TQH0rr7g9EOzUrOk1tclU
|
||||
mnuUD5wTL5vx7h0mpTSJxf8r6D17i5loWYfi+tp4V7wibVrr7QNh7KWZ5Ww24Rmc
|
||||
LZBtCAKI6Eoac9SOmtpDHW8l8istyNNCqrvU+xtwAnguRbo71rE18j+y11PPhqxn
|
||||
4y2gRqQJl4QzugozyY0+9DKux/FDFfM=
|
||||
-----END PRIVATE KEY-----
|
||||
Loading…
Reference in a new issue