github.com/baris/docker@v1.7.0/docker/docker.go (about) 1 package main 2 3 import ( 4 "crypto/tls" 5 "crypto/x509" 6 "fmt" 7 "io/ioutil" 8 "os" 9 "runtime" 10 "strings" 11 12 "github.com/Sirupsen/logrus" 13 "github.com/docker/docker/api/client" 14 "github.com/docker/docker/autogen/dockerversion" 15 "github.com/docker/docker/opts" 16 flag "github.com/docker/docker/pkg/mflag" 17 "github.com/docker/docker/pkg/reexec" 18 "github.com/docker/docker/pkg/term" 19 "github.com/docker/docker/utils" 20 ) 21 22 const ( 23 defaultTrustKeyFile = "key.json" 24 defaultCaFile = "ca.pem" 25 defaultKeyFile = "key.pem" 26 defaultCertFile = "cert.pem" 27 ) 28 29 func main() { 30 if reexec.Init() { 31 return 32 } 33 34 // Set terminal emulation based on platform as required. 35 stdin, stdout, stderr := term.StdStreams() 36 37 initLogging(stderr) 38 39 flag.Parse() 40 // FIXME: validate daemon flags here 41 42 if *flVersion { 43 showVersion() 44 return 45 } 46 47 if *flLogLevel != "" { 48 lvl, err := logrus.ParseLevel(*flLogLevel) 49 if err != nil { 50 fmt.Fprintf(os.Stderr, "Unable to parse logging level: %s\n", *flLogLevel) 51 os.Exit(1) 52 } 53 setLogLevel(lvl) 54 } else { 55 setLogLevel(logrus.InfoLevel) 56 } 57 58 if *flDebug { 59 os.Setenv("DEBUG", "1") 60 setLogLevel(logrus.DebugLevel) 61 } 62 63 if len(flHosts) == 0 { 64 defaultHost := os.Getenv("DOCKER_HOST") 65 if defaultHost == "" || *flDaemon { 66 if runtime.GOOS != "windows" { 67 // If we do not have a host, default to unix socket 68 defaultHost = fmt.Sprintf("unix://%s", opts.DefaultUnixSocket) 69 } else { 70 // If we do not have a host, default to TCP socket on Windows 71 defaultHost = fmt.Sprintf("tcp://%s:%d", opts.DefaultHTTPHost, opts.DefaultHTTPPort) 72 } 73 } 74 defaultHost, err := opts.ValidateHost(defaultHost) 75 if err != nil { 76 if *flDaemon { 77 logrus.Fatal(err) 78 } else { 79 fmt.Fprint(os.Stderr, err) 80 } 81 os.Exit(1) 82 } 83 flHosts = append(flHosts, defaultHost) 84 } 85 86 setDefaultConfFlag(flTrustKey, defaultTrustKeyFile) 87 88 if *flDaemon { 89 if *flHelp { 90 flag.Usage() 91 return 92 } 93 mainDaemon() 94 return 95 } 96 97 if len(flHosts) > 1 { 98 fmt.Fprintf(os.Stderr, "Please specify only one -H") 99 os.Exit(0) 100 } 101 protoAddrParts := strings.SplitN(flHosts[0], "://", 2) 102 103 var ( 104 cli *client.DockerCli 105 tlsConfig tls.Config 106 ) 107 tlsConfig.InsecureSkipVerify = true 108 109 // Regardless of whether the user sets it to true or false, if they 110 // specify --tlsverify at all then we need to turn on tls 111 if flag.IsSet("-tlsverify") { 112 *flTls = true 113 } 114 115 // If we should verify the server, we need to load a trusted ca 116 if *flTlsVerify { 117 certPool := x509.NewCertPool() 118 file, err := ioutil.ReadFile(*flCa) 119 if err != nil { 120 fmt.Fprintf(os.Stderr, "Couldn't read ca cert %s: %s\n", *flCa, err) 121 os.Exit(1) 122 } 123 certPool.AppendCertsFromPEM(file) 124 tlsConfig.RootCAs = certPool 125 tlsConfig.InsecureSkipVerify = false 126 } 127 128 // If tls is enabled, try to load and send client certificates 129 if *flTls || *flTlsVerify { 130 _, errCert := os.Stat(*flCert) 131 _, errKey := os.Stat(*flKey) 132 if errCert == nil && errKey == nil { 133 *flTls = true 134 cert, err := tls.LoadX509KeyPair(*flCert, *flKey) 135 if err != nil { 136 fmt.Fprintf(os.Stderr, "Couldn't load X509 key pair: %q. Make sure the key is encrypted\n", err) 137 os.Exit(1) 138 } 139 tlsConfig.Certificates = []tls.Certificate{cert} 140 } 141 // Avoid fallback to SSL protocols < TLS1.0 142 tlsConfig.MinVersion = tls.VersionTLS10 143 } 144 145 if *flTls || *flTlsVerify { 146 cli = client.NewDockerCli(stdin, stdout, stderr, *flTrustKey, protoAddrParts[0], protoAddrParts[1], &tlsConfig) 147 } else { 148 cli = client.NewDockerCli(stdin, stdout, stderr, *flTrustKey, protoAddrParts[0], protoAddrParts[1], nil) 149 } 150 151 if err := cli.Cmd(flag.Args()...); err != nil { 152 if sterr, ok := err.(client.StatusError); ok { 153 if sterr.Status != "" { 154 fmt.Fprintln(cli.Err(), sterr.Status) 155 os.Exit(1) 156 } 157 os.Exit(sterr.StatusCode) 158 } 159 fmt.Fprintln(cli.Err(), err) 160 os.Exit(1) 161 } 162 } 163 164 func showVersion() { 165 if utils.ExperimentalBuild() { 166 fmt.Printf("Docker version %s, build %s, experimental\n", dockerversion.VERSION, dockerversion.GITCOMMIT) 167 } else { 168 fmt.Printf("Docker version %s, build %s\n", dockerversion.VERSION, dockerversion.GITCOMMIT) 169 } 170 }