53 lines
932 B
Go
53 lines
932 B
Go
package config
|
|
|
|
import (
|
|
"crypto/tls"
|
|
"crypto/x509"
|
|
"os"
|
|
)
|
|
|
|
// EtcdConf etcd配置
|
|
type EtcdConf struct {
|
|
Endpoints string `yaml:"endpoints"`
|
|
Ca string `yaml:"ca"`
|
|
Cert string `yaml:"cert"`
|
|
Key string `yaml:"key"`
|
|
}
|
|
|
|
// NewEtcdConf with default value
|
|
func NewEtcdConf() *EtcdConf {
|
|
return &EtcdConf{
|
|
Endpoints: "http://127.0.0.1:2379",
|
|
Cert: "",
|
|
Ca: "",
|
|
Key: "",
|
|
}
|
|
}
|
|
|
|
// TLSConfig ...
|
|
func (c *EtcdConf) TLSConfig() (*tls.Config, error) {
|
|
if c.Cert == "" || c.Ca == "" || c.Key == "" {
|
|
return nil, nil
|
|
}
|
|
|
|
cert, err := tls.LoadX509KeyPair(c.Cert, c.Key)
|
|
if err != nil {
|
|
return nil, err
|
|
}
|
|
|
|
caData, err := os.ReadFile(c.Ca)
|
|
if err != nil {
|
|
return nil, err
|
|
}
|
|
pool := x509.NewCertPool()
|
|
pool.AppendCertsFromPEM(caData)
|
|
|
|
// nolint TLS MinVersion too low.
|
|
tlsCfg := &tls.Config{
|
|
Certificates: []tls.Certificate{cert},
|
|
RootCAs: pool,
|
|
}
|
|
|
|
return tlsCfg, nil
|
|
}
|