mirror/opencloud
1
0
Fork 0
mirror of https://github.com/opencloud-eu/opencloud.git synced 2026-01-06 12:19:37 -06:00
Code Issues Packages Projects Releases Wiki Activity

add config option to enable or disable TLS for nats

Browse Source
This commit is contained in:
David Christofas
2022-10-20 17:13:11 +02:00
committed by Michael Barz
parent ff8b16f9da
commit 45b92fc56f
26 changed files with 132 additions and 86 deletions
Download Patch File Download Diff File Expand all files Collapse all files

32
services/notifications/pkg/command/server.go
View File

@@ -39,23 +39,27 @@ func Server(cfg *config.Config) *cli.Command {
}
evtsCfg := cfg.Notifications.Events
var rootCAPool *x509.CertPool
if evtsCfg.TLSRootCACertificate != "" {
rootCrtFile, err := os.Open(evtsCfg.TLSRootCACertificate)
if err != nil {
return err
var tlsConf *tls.Config
if evtsCfg.EnableTLS {
var rootCAPool *x509.CertPool
if evtsCfg.TLSRootCACertificate != "" {
rootCrtFile, err := os.Open(evtsCfg.TLSRootCACertificate)
if err != nil {
return err
}
rootCAPool, err = crypto.NewCertPoolFromPEM(rootCrtFile)
if err != nil {
return err
}
evtsCfg.TLSInsecure = false
}
rootCAPool, err = crypto.NewCertPoolFromPEM(rootCrtFile)
if err != nil {
return err
tlsConf = &tls.Config{
InsecureSkipVerify: evtsCfg.TLSInsecure, //nolint:gosec
RootCAs: rootCAPool,
}
evtsCfg.TLSInsecure = false
}
tlsConf := &tls.Config{
InsecureSkipVerify: evtsCfg.TLSInsecure, //nolint:gosec
RootCAs: rootCAPool,
}
client, err := server.NewNatsStream(
natsjs.TLSConfig(tlsConf),