Allows server to pick up DOCKER_CERT_PATH variable

Closes #9
spurious-io · Oct 26, 2014 · 9261a46 · 9261a46
1 parent 88383f8
commit 9261a46
Show file tree

Hide file tree

Showing 2 changed files with 27 additions and 1 deletion.
diff --git a/bin/spurious-server b/bin/spurious-server
@@ -9,6 +9,7 @@ require 'eventmachine'
 require 'spurious/server/options'
 
 options = Spurious::Server::Options.new(ENV)
+ENV['DOCKER_HOST'] = options.ssl_docker_host
 
 Excon.defaults[:write_timeout] = options.write_timeout
 Excon.defaults[:read_timeout]  = options.read_timeout

diff --git a/lib/spurious/server/options.rb b/lib/spurious/server/options.rb
@@ -1,7 +1,7 @@
 module Spurious
   module Server
     class Options
-      attr_reader :docker_full_path, :docker_host, :docker_port, :docker_api, :server_port, :server_ip, :write_timeout, :read_timeout
+      attr_reader :docker_full_path, :docker_host, :docker_port, :docker_api, :server_port, :server_ip, :write_timeout, :read_timeout, :cert_path
 
       def initialize(env)
         @docker_host      = env['DOCKER_HOST'].nil? ? 'localhost' : env['DOCKER_HOST'][/\/\/([0-9a-z\.]+):/,1]
@@ -11,8 +11,33 @@ def initialize(env)
         @server_ip        = env.fetch('SPURIOUS_SERVER_IP', '0.0.0.0')
         @write_timeout    = env.fetch('EXCON_WRITE_TIMEOUT', 30000)
         @read_timeout     = env.fetch('EXCON_READ_TIMEOUT', 30000)
+        @cert_path        = env.fetch('DOCKER_CERT_PATH', nil)
+        setup_ssl if @cert_path
       end
 
+      def ssl_docker_host
+        "https://#{docker_host}:#{docker_port}"
+      end
+
+      protected
+
+      def setup_ssl
+        Docker.options = {
+          :client_cert => valid_cert_path?('cert.pem'),
+          :client_key  => valid_cert_path?('key.pem'),
+          :ssl_ca_file => valid_cert_path?('ca.pem')
+        }
+      end
+
+      def valid_cert_path?(cert)
+        File.join(absolute_cert_path, cert).tap do |path|
+          raise "Could not find: #{path}, please check it exists in your DOCKER_CERTS_PATH folder" unless File.exists? path
+        end
+      end
+
+      def absolute_cert_path
+        @absolute_cert_path ||= File.expand_path cert_path
+      end
     end
   end
 end