homelab/traefik
1
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity Actions

Add Support for Consul Connect

Browse source 
Co-authored-by: Florian Apolloner <apollo13@users.noreply.github.com>
This commit is contained in:
Mohammad Gufran 2021-07-15 17:32:11 +05:30 committed by GitHub
parent 3a180e2afc
commit 7e43e5615e
No known key found for this signature in database
GPG key ID: 4AEE18F83AFDEB23
36 changed files with 2118 additions and 644 deletions
Download patch file Download diff file Expand all files Collapse all files

8
pkg/server/service/roundtripper.go
View file

@ -132,13 +132,19 @@ func createRoundTripper(cfg *dynamic.ServersTransport) (http.RoundTripper, error
transport.IdleConnTimeout = time.Duration(cfg.ForwardingTimeouts.IdleConnTimeout)
}
if cfg.InsecureSkipVerify || len(cfg.RootCAs) > 0 || len(cfg.ServerName) > 0 || len(cfg.Certificates) > 0 {
if cfg.InsecureSkipVerify || len(cfg.RootCAs) > 0 || len(cfg.ServerName) > 0 || len(cfg.Certificates) > 0 || cfg.PeerCertURI != "" {
transport.TLSClientConfig = &tls.Config{
ServerName: cfg.ServerName,
InsecureSkipVerify: cfg.InsecureSkipVerify,
RootCAs: createRootCACertPool(cfg.RootCAs),
Certificates: cfg.Certificates.GetCertificates(),
}
if cfg.PeerCertURI != "" {
transport.TLSClientConfig.VerifyPeerCertificate = func(rawCerts [][]byte, _ [][]*x509.Certificate) error {
return traefiktls.VerifyPeerCertificate(cfg.PeerCertURI, transport.TLSClientConfig, rawCerts)
}
}
}
// Return directly HTTP/1.1 transport when HTTP/2 is disabled