github.com/endocode/docker@v1.4.2-0.20160113120958-46eb4700391e/docker/common.go (about) 1 package main 2 3 import ( 4 "fmt" 5 "os" 6 "path/filepath" 7 8 "github.com/Sirupsen/logrus" 9 "github.com/docker/docker/cli" 10 "github.com/docker/docker/cliconfig" 11 "github.com/docker/docker/opts" 12 flag "github.com/docker/docker/pkg/mflag" 13 "github.com/docker/go-connections/tlsconfig" 14 ) 15 16 const ( 17 defaultTrustKeyFile = "key.json" 18 defaultCaFile = "ca.pem" 19 defaultKeyFile = "key.pem" 20 defaultCertFile = "cert.pem" 21 ) 22 23 var ( 24 daemonFlags *flag.FlagSet 25 commonFlags = &cli.CommonFlags{FlagSet: new(flag.FlagSet)} 26 27 dockerCertPath = os.Getenv("DOCKER_CERT_PATH") 28 dockerTLSVerify = os.Getenv("DOCKER_TLS_VERIFY") != "" 29 ) 30 31 func init() { 32 if dockerCertPath == "" { 33 dockerCertPath = cliconfig.ConfigDir() 34 } 35 36 commonFlags.PostParse = postParseCommon 37 38 cmd := commonFlags.FlagSet 39 40 cmd.BoolVar(&commonFlags.Debug, []string{"D", "-debug"}, false, "Enable debug mode") 41 cmd.StringVar(&commonFlags.LogLevel, []string{"l", "-log-level"}, "info", "Set the logging level") 42 cmd.BoolVar(&commonFlags.TLS, []string{"-tls"}, false, "Use TLS; implied by --tlsverify") 43 cmd.BoolVar(&commonFlags.TLSVerify, []string{"-tlsverify"}, dockerTLSVerify, "Use TLS and verify the remote") 44 45 // TODO use flag flag.String([]string{"i", "-identity"}, "", "Path to libtrust key file") 46 47 var tlsOptions tlsconfig.Options 48 commonFlags.TLSOptions = &tlsOptions 49 cmd.StringVar(&tlsOptions.CAFile, []string{"-tlscacert"}, filepath.Join(dockerCertPath, defaultCaFile), "Trust certs signed only by this CA") 50 cmd.StringVar(&tlsOptions.CertFile, []string{"-tlscert"}, filepath.Join(dockerCertPath, defaultCertFile), "Path to TLS certificate file") 51 cmd.StringVar(&tlsOptions.KeyFile, []string{"-tlskey"}, filepath.Join(dockerCertPath, defaultKeyFile), "Path to TLS key file") 52 53 cmd.Var(opts.NewListOptsRef(&commonFlags.Hosts, opts.ValidateHost), []string{"H", "-host"}, "Daemon socket(s) to connect to") 54 } 55 56 func postParseCommon() { 57 cmd := commonFlags.FlagSet 58 59 if commonFlags.LogLevel != "" { 60 lvl, err := logrus.ParseLevel(commonFlags.LogLevel) 61 if err != nil { 62 fmt.Fprintf(os.Stderr, "Unable to parse logging level: %s\n", commonFlags.LogLevel) 63 os.Exit(1) 64 } 65 logrus.SetLevel(lvl) 66 } else { 67 logrus.SetLevel(logrus.InfoLevel) 68 } 69 70 if commonFlags.Debug { 71 os.Setenv("DEBUG", "1") 72 logrus.SetLevel(logrus.DebugLevel) 73 } 74 75 // Regardless of whether the user sets it to true or false, if they 76 // specify --tlsverify at all then we need to turn on tls 77 // TLSVerify can be true even if not set due to DOCKER_TLS_VERIFY env var, so we need to check that here as well 78 if cmd.IsSet("-tlsverify") || commonFlags.TLSVerify { 79 commonFlags.TLS = true 80 } 81 82 if !commonFlags.TLS { 83 commonFlags.TLSOptions = nil 84 } else { 85 tlsOptions := commonFlags.TLSOptions 86 tlsOptions.InsecureSkipVerify = !commonFlags.TLSVerify 87 88 // Reset CertFile and KeyFile to empty string if the user did not specify 89 // the respective flags and the respective default files were not found. 90 if !cmd.IsSet("-tlscert") { 91 if _, err := os.Stat(tlsOptions.CertFile); os.IsNotExist(err) { 92 tlsOptions.CertFile = "" 93 } 94 } 95 if !cmd.IsSet("-tlskey") { 96 if _, err := os.Stat(tlsOptions.KeyFile); os.IsNotExist(err) { 97 tlsOptions.KeyFile = "" 98 } 99 } 100 } 101 }