--- func/commonconfig.py | 1 + func/minion/server.py | 29 ++++++++++++++++++++++------- 2 files changed, 23 insertions(+), 7 deletions(-) diff --git a/func/commonconfig.py b/func/commonconfig.py index c71138d..46c2216 100644 --- a/func/commonconfig.py +++ b/func/commonconfig.py @@ -29,6 +29,7 @@ class FuncdConfig(BaseConfig): minion_name = Option('') method_log_dir = Option("/var/log/func/methods/") + use_certmaster = BoolOption(True) ca_file = Option('') cert_file = Option('') key_file = Option('') diff --git a/func/minion/server.py b/func/minion/server.py index fbe5c4b..96f796f 100644 --- a/func/minion/server.py +++ b/func/minion/server.py @@ -100,6 +100,9 @@ class XmlRpcInterface(object): methods.sort() return methods + def load_module(self, name): + """FIXME load a module and set it up on the running xmlrpc instance""" + pass import func.minion.modules.func_module as fm @fm.findout @@ -243,13 +246,23 @@ class FuncSSLXMLRPCServer(AuthedXMLRPCServer.AuthedSSLXMLRPCServer, XmlRpcInterface.__init__(self) hn = func_utils.get_hostname_by_route() - - self.key = "%s/%s.pem" % (self.cm_config.cert_dir, hn) - self.cert = "%s/%s.cert" % (self.cm_config.cert_dir, hn) - self.ca = "%s/ca.cert" % self.cm_config.cert_dir + + if self.config.key_file != '': + self.key = self.config.key_file + else: + self.key = "%s/%s.pem" % (self.cm_config.cert_dir, hn) + + if self.config.cert_file != '': + self.cert = self.config.cert_file + else: + self.cert = "%s/%s.cert" % (self.cm_config.cert_dir, hn) + if self.config.ca_file != '': + self.ca = self.config.ca_file + else: + self.ca = "%s/ca.cert" % self.cm_config.cert_dir + self._our_ca = certs.retrieve_cert_from_file(self.ca) - self.acls = acls_mod.Acls(config=self.config) AuthedXMLRPCServer.AuthedSSLXMLRPCServer.__init__(self, args, @@ -358,8 +371,10 @@ def main(argv): print "serving...\n" try: - hn = futils.get_hostname_by_route() - requester.request_cert(hn) + config = read_config("/etc/func/minion.conf", FuncdConfig) + if config.use_certmaster: + hn = futils.get_hostname_by_route() + requester.request_cert(hn) serve() except codes.FuncException, e: print >> sys.stderr, 'error: %s' % e -- 1.6.6 _______________________________________________ Func-list mailing list Func-list@xxxxxxxxxx https://www.redhat.com/mailman/listinfo/func-list