mirror of
https://github.com/datarhei/core.git
synced 2025-10-05 16:07:07 +08:00
Fix make autocert manager available to followers
This commit is contained in:
@@ -397,45 +397,46 @@ func New(ctx context.Context, config Config) (Cluster, error) {
|
|||||||
c.logger.Info().Log("Cluster is operational")
|
c.logger.Info().Log("Cluster is operational")
|
||||||
|
|
||||||
if c.isTLSRequired {
|
if c.isTLSRequired {
|
||||||
|
// Create certificate manager
|
||||||
|
names, err := c.getClusterHostnames()
|
||||||
|
if err != nil {
|
||||||
|
c.Shutdown()
|
||||||
|
return nil, fmt.Errorf("tls: failed to assemble list of all configured hostnames: %w", err)
|
||||||
|
}
|
||||||
|
|
||||||
|
if len(names) == 0 {
|
||||||
|
c.Shutdown()
|
||||||
|
return nil, fmt.Errorf("tls: no hostnames are configured")
|
||||||
|
}
|
||||||
|
|
||||||
|
kvs, err := NewClusterKVS(c, c.logger.WithComponent("KVS"))
|
||||||
|
if err != nil {
|
||||||
|
c.Shutdown()
|
||||||
|
return nil, fmt.Errorf("tls: cluster KVS: %w", err)
|
||||||
|
}
|
||||||
|
|
||||||
|
storage, err := NewClusterStorage(kvs, "core-cluster-certificates")
|
||||||
|
if err != nil {
|
||||||
|
c.Shutdown()
|
||||||
|
return nil, fmt.Errorf("tls: certificate store: %w", err)
|
||||||
|
}
|
||||||
|
|
||||||
|
manager, err := autocert.New(autocert.Config{
|
||||||
|
Storage: storage,
|
||||||
|
DefaultHostname: names[0],
|
||||||
|
EmailAddress: c.config.TLS.Email,
|
||||||
|
IsProduction: false,
|
||||||
|
Logger: c.logger.WithComponent("Let's Encrypt"),
|
||||||
|
})
|
||||||
|
if err != nil {
|
||||||
|
c.Shutdown()
|
||||||
|
return nil, fmt.Errorf("tls: certificate manager: %w", err)
|
||||||
|
}
|
||||||
|
|
||||||
|
c.certManager = manager
|
||||||
|
|
||||||
if c.IsRaftLeader() {
|
if c.IsRaftLeader() {
|
||||||
// Acquire certificates
|
// Acquire certificates
|
||||||
names, err := c.getClusterHostnames()
|
|
||||||
if err != nil {
|
|
||||||
c.Shutdown()
|
|
||||||
return nil, fmt.Errorf("tls: failed to assemble list of all configured hostnames: %w", err)
|
|
||||||
}
|
|
||||||
|
|
||||||
if len(names) == 0 {
|
|
||||||
c.Shutdown()
|
|
||||||
return nil, fmt.Errorf("tls: no hostnames are configured")
|
|
||||||
}
|
|
||||||
|
|
||||||
kvs, err := NewClusterKVS(c, c.logger.WithComponent("KVS"))
|
|
||||||
if err != nil {
|
|
||||||
c.Shutdown()
|
|
||||||
return nil, fmt.Errorf("tls: cluster KVS: %w", err)
|
|
||||||
}
|
|
||||||
|
|
||||||
storage, err := NewClusterStorage(kvs, "core-cluster-certificates")
|
|
||||||
if err != nil {
|
|
||||||
c.Shutdown()
|
|
||||||
return nil, fmt.Errorf("tls: certificate store: %w", err)
|
|
||||||
}
|
|
||||||
|
|
||||||
manager, err := autocert.New(autocert.Config{
|
|
||||||
Storage: storage,
|
|
||||||
DefaultHostname: names[0],
|
|
||||||
EmailAddress: c.config.TLS.Email,
|
|
||||||
IsProduction: false,
|
|
||||||
Logger: c.logger.WithComponent("Let's Encrypt"),
|
|
||||||
})
|
|
||||||
if err != nil {
|
|
||||||
c.Shutdown()
|
|
||||||
return nil, fmt.Errorf("tls: certificate manager: %w", err)
|
|
||||||
}
|
|
||||||
|
|
||||||
c.certManager = manager
|
|
||||||
|
|
||||||
err = manager.AcquireCertificates(ctx, c.config.Address, names)
|
err = manager.AcquireCertificates(ctx, c.config.Address, names)
|
||||||
if err != nil {
|
if err != nil {
|
||||||
c.Shutdown()
|
c.Shutdown()
|
||||||
|
Reference in New Issue
Block a user