Add support for communicating with Consul over TLS #14

Closed
lx wants to merge 0 commits from consul-tls into main
Owner

As the title says, Diplonat can now communicate with Consul over a TLS connection. This is usefull to create a more secure environment where access to Consul is restricted to holders of client keys (we are doing this on the staging cluster, see nixcfg repo).

This adds the following three environment variables:

  • DIPLONAT_CONSUL_CA_CERT
  • DIPLONAT_CONSUL_CLIENT_CERT
  • DIPLONAT_CONSUL_CLIENT_KEY

which expect file paths, similar to those used by the Consul CLI.

To use TLS, remember to also set the DIPLONAT_CONSUL_URL to an https:// URL !

As the title says, Diplonat can now communicate with Consul over a TLS connection. This is usefull to create a more secure environment where access to Consul is restricted to holders of client keys (we are doing this on the staging cluster, see `nixcfg` repo). This adds the following three environment variables: - `DIPLONAT_CONSUL_CA_CERT` - `DIPLONAT_CONSUL_CLIENT_CERT` - `DIPLONAT_CONSUL_CLIENT_KEY` which expect file paths, similar to those used by the Consul CLI. To use TLS, remember to also set the `DIPLONAT_CONSUL_URL` to an `https://` URL !
lx added 2 commits 2021-12-30 19:59:35 +00:00
lx added 1 commit 2022-08-24 16:22:11 +00:00
continuous-integration/drone/push Build was killed Details
continuous-integration/drone/pr Build was killed Details
e7f6c15bc1
Add possibility to skip tls verification for consul
lx added 1 commit 2022-12-01 16:42:45 +00:00
continuous-integration/drone/push Build is failing Details
continuous-integration/drone/pr Build is failing Details
04528d1e60
Make repo a nix flake
lx force-pushed consul-tls from 04528d1e60 to e7f6c15bc1 2022-12-01 16:44:32 +00:00 Compare
lx added 1 commit 2022-12-01 16:47:41 +00:00
continuous-integration/drone/push Build was killed Details
continuous-integration/drone/pr Build was killed Details
778dd64609
Default value for skip tls parameter
lx added 1 commit 2022-12-01 16:50:00 +00:00
continuous-integration/drone/push Build was killed Details
continuous-integration/drone/pr Build was killed Details
2a910c7af2
Default value for skip tls parameter
Author
Owner

Merged with #16

Merged with #16
lx closed this pull request 2022-12-01 16:52:12 +00:00
lx deleted branch consul-tls 2022-12-01 16:52:17 +00:00
Some checks reported errors
continuous-integration/drone/push Build was killed
Required
Details
continuous-integration/drone/pr Build was killed
Required
Details

Pull request closed

Sign in to join this conversation.
No reviewers
No Milestone
No Assignees
1 Participants
Notifications
Due Date
The due date is invalid or out of range. Please use the format 'yyyy-mm-dd'.

No due date set.

Dependencies

No dependencies set.

Reference: Deuxfleurs/diplonat#14
No description provided.