From: Sage Weil Date: Fri, 2 Jun 2017 14:05:54 +0000 (-0400) Subject: pybind/mgr/restful: localize key/crt keys X-Git-Tag: v12.1.0~213^2~7 X-Git-Url: http://git.apps.os.sepia.ceph.com/?a=commitdiff_plain;h=2535c2699e276328a0b47001920943fab165e9c2;p=ceph-ci.git pybind/mgr/restful: localize key/crt keys Signed-off-by: Sage Weil --- diff --git a/src/pybind/mgr/restful/module.py b/src/pybind/mgr/restful/module.py index c9a516aefbc..adfefd098a9 100644 --- a/src/pybind/mgr/restful/module.py +++ b/src/pybind/mgr/restful/module.py @@ -234,6 +234,11 @@ class Module(MgrModule): except: self.log.error(str(traceback.format_exc())) + def get_localized_config(self, key): + r = self.get_config(self.get_mgr_id() + '/' + key) + if r is None: + r = self.get_config(key) + return r def _serve(self): # Load stored authentication keys @@ -245,28 +250,28 @@ class Module(MgrModule): separators=(',', ': '), ) - server_addr = self.get_config('server_addr') or '127.0.0.1' - server_port = int(self.get_config('server_port') or '8003') + server_addr = self.get_localized_config('server_addr') or '127.0.0.1' + server_port = int(self.get_localized_config('server_port') or '8003') self.log.info('server_addr: %s server_port: %d', server_addr, server_port) - cert = self.get_config("cert") + cert = self.get_localized_config("crt") if cert is not None: cert_tmp = tempfile.NamedTemporaryFile() cert_tmp.write(cert) cert_tmp.flush() cert_fname = cert_tmp.name else: - cert_fname = self.get_config('cert_file') or '/etc/ceph/ceph-mgr-restful.crt' + cert_fname = self.get_localized_config('crt_file') or '/etc/ceph/ceph-mgr-restful.crt' - pkey = self.get_config("pkey") + pkey = self.get_localized_config("key") if pkey is not None: pkey_tmp = tempfile.NamedTemporaryFile() pkey_tmp.write(pkey) pkey_tmp.flush() pkey_fname = pkey_tmp.name else: - pkey_fname = self.get_config('pkey_file') or '/etc/ceph/ceph-mgr-restful.key' + pkey_fname = self.get_localized_config('key_file') or '/etc/ceph/ceph-mgr-restful.key' # Create the HTTPS werkzeug server serving pecan app self.server = make_server( diff --git a/src/vstart.sh b/src/vstart.sh index 214558b7bf5..f48fdfbea97 100755 --- a/src/vstart.sh +++ b/src/vstart.sh @@ -629,8 +629,8 @@ start_mgr() { host = $HOSTNAME EOF - ceph_adm config-key put mgr/$name/dashboard/server_addr $IP - ceph_adm config-key put mgr/$name/dashboard/server_port $MGR_PORT + ceph_adm config-key put mgr/dashboard/$name/server_addr $IP + ceph_adm config-key put mgr/dashboard/$name/server_port $MGR_PORT DASH_URLS+="http://$IP:$MGR_PORT/" MGR_PORT=$(($MGR_PORT + 1000)) @@ -639,10 +639,10 @@ EOF openssl req -new -nodes -x509 \ -subj "/O=IT/CN=ceph-mgr-restful" \ -days 3650 -keyout "$PKEY" -out "$CERT" -extensions v3_ca - ceph_adm config-key put mgr/$name/restful/server_addr $IP - ceph_adm config-key put mgr/$name/restful/server_port $MGR_PORT - ceph_adm config-key put mgr/$name/restful/cert -i $CERT - ceph_adm config-key put mgr/$name/restful/pkey -i $PKEY + ceph_adm config-key put mgr/restful/$name/server_addr $IP + ceph_adm config-key put mgr/restful/$name/server_port $MGR_PORT + ceph_adm config-key put mgr/restful/$name/crt -i $CERT + ceph_adm config-key put mgr/restful/$name/key -i $PKEY rm $CERT $PKEY RESTFUL_URLS+="https://$IP:$MGR_PORT"