secretsmgr: fix up host header
This commit is contained in:
parent
b904a15186
commit
07350a1d42
1 changed files with 22 additions and 7 deletions
|
|
@ -12,6 +12,8 @@ import (
|
||||||
"fmt"
|
"fmt"
|
||||||
"io"
|
"io"
|
||||||
"io/fs"
|
"io/fs"
|
||||||
|
"net"
|
||||||
|
"net/http"
|
||||||
"os"
|
"os"
|
||||||
"os/exec"
|
"os/exec"
|
||||||
"os/user"
|
"os/user"
|
||||||
|
|
@ -612,14 +614,27 @@ func checkAndRenewACMECertificates(ctx context.Context, c *vapi.Client) bool {
|
||||||
func main() {
|
func main() {
|
||||||
flag.Parse()
|
flag.Parse()
|
||||||
|
|
||||||
cfg := vapi.DefaultConfig()
|
d := &net.Dialer{
|
||||||
cfg.Address = "https://vault.int.lukegb.com"
|
Timeout: 30 * time.Second,
|
||||||
cfg.AgentAddress = "unix:///run/vault-agent/sock"
|
KeepAlive: 30 * time.Second,
|
||||||
cfg.MaxRetries = 0
|
}
|
||||||
cfg.Timeout = 15 * time.Minute
|
agentPath := strings.TrimPrefix(*vaultAgentAddress, "unix://")
|
||||||
c, err := vapi.NewClient(cfg)
|
agentDialer := func(ctx context.Context, network, addr string) (net.Conn, error) {
|
||||||
|
if !strings.HasPrefix(*vaultAgentAddress, "unix://") {
|
||||||
|
return http.DefaultClient.Transport.(*http.Transport).DialContext(ctx, network, addr)
|
||||||
|
}
|
||||||
|
// Ignore what they want.
|
||||||
|
return d.DialContext(ctx, "unix", agentPath)
|
||||||
|
}
|
||||||
|
|
||||||
|
vcfg := vapi.DefaultConfig()
|
||||||
|
vcfg.AgentAddress = "http://vault-agent"
|
||||||
|
vcfg.MaxRetries = 0
|
||||||
|
vcfg.Timeout = 15 * time.Minute
|
||||||
|
vcfg.HttpClient.Transport.(*http.Transport).DialContext = agentDialer
|
||||||
|
c, err := vapi.NewClient(vcfg)
|
||||||
if err != nil {
|
if err != nil {
|
||||||
log.Exitf("failed to create vault client: %v", err)
|
log.Exitf("creating vault client against %v: %v", *vaultAgentAddress, err)
|
||||||
}
|
}
|
||||||
|
|
||||||
ctx := context.Background()
|
ctx := context.Background()
|
||||||
|
|
|
||||||
Loading…
Reference in a new issue