direktil/local-server
4
0
Fork 0
Code Issues Pull Requests Projects Releases Wiki Activity

feat: ca extra certs

Browse Source
This commit is contained in:
Mikaël Cluseau
2026-02-21 08:43:43 +01:00
parent 629bb21f12
commit d37c4c2f13
4 changed files with 26 additions and 3 deletions
Download Patch File Download Diff File Expand all files Collapse all files

14
cmd/dkl-local-server/cluster-render-context.go
View File

@ -117,7 +117,12 @@ func templateFuncs(sslCfg *cfsslconfig.Config) map[string]any {
return
}
s = string(ca.Cert)
extra, err := caExtraCerts(cluster, name)
if err != nil {
return
}
s = string(ca.Cert) + extra
return
},
@ -127,13 +132,18 @@ func templateFuncs(sslCfg *cfsslconfig.Config) map[string]any {
return
}
extra, err := caExtraCerts(cluster, name)
if err != nil {
return
}
dir := "/etc/tls-ca/" + name
return asYaml([]config.FileDef{
{
Path: path.Join(dir, "ca.crt"),
Mode: 0644,
Content: string(ca.Cert),
Content: string(ca.Cert) + extra,
},
{
Path: path.Join(dir, "ca.key"),

11
cmd/dkl-local-server/ws-cluster-cas.go
View File

@ -79,6 +79,17 @@ func getUsableClusterCA(cluster, name string) (ca CA, err error) {
return
}
func caExtraCerts(cluster, name string) (extra string, err error) {
cfg, err := readConfig()
if err != nil {
return
}
if cfg.ExtraCaCerts != nil {
extra = cfg.ExtraCaCerts[cluster+"/"+name]
}
return
}
var clusterCASignedKeys = newClusterSecretKV[KeyCert]("CA-signed-keys")
func wsClusterCASignedKeys(req *restful.Request, resp *restful.Response) {

2
go.mod
View File

@ -25,7 +25,7 @@ require (
gopkg.in/yaml.v2 v2.4.0
k8s.io/apimachinery v0.33.2
m.cluseau.fr/go v0.0.0-20230809064045-12c5a121c766
novit.tech/direktil/pkg v0.0.0-20260210141740-4d5661fa8ecd
novit.tech/direktil/pkg v0.0.0-20260221072850-b72bed72bb51
)
replace github.com/zmap/zlint/v3 => github.com/zmap/zlint/v3 v3.3.1

2
go.sum
View File

@ -348,3 +348,5 @@ m.cluseau.fr/go v0.0.0-20230809064045-12c5a121c766 h1:JRzMBDbUwrTTGDJaJSH0ap4vRL
m.cluseau.fr/go v0.0.0-20230809064045-12c5a121c766/go.mod h1:BMv3aOSYpupuiiG3Ch3ND88aB5CfAks3YZuRLE8j1ls=
novit.tech/direktil/pkg v0.0.0-20260210141740-4d5661fa8ecd h1:proGf8Cid9tzJzoRbqQHGGpZZKTpUDFwOREbjYrCbkM=
novit.tech/direktil/pkg v0.0.0-20260210141740-4d5661fa8ecd/go.mod h1:zjezU6tELE880oYHs/WAauGBupKIEQQ7KqWTB69RW10=
novit.tech/direktil/pkg v0.0.0-20260221072850-b72bed72bb51 h1:NBcpvWcTBMzFos0pkuLsbVCQ+mHf8KqNOdVywMX6FFk=
novit.tech/direktil/pkg v0.0.0-20260221072850-b72bed72bb51/go.mod h1:zjezU6tELE880oYHs/WAauGBupKIEQQ7KqWTB69RW10=