diff --git a/README.md b/README.md index 8b90ae4b..68160bc1 100644 --- a/README.md +++ b/README.md @@ -122,9 +122,11 @@ from="" user="" pass="" -[worker] +[docker] cert="" key="" + +[worker] nodes=[ "unix:///var/run/docker.sock", "unix:///var/run/docker.sock" diff --git a/packaging/root/etc/drone/drone.toml b/packaging/root/etc/drone/drone.toml index 1e4b459e..4d07b129 100644 --- a/packaging/root/etc/drone/drone.toml +++ b/packaging/root/etc/drone/drone.toml @@ -64,9 +64,11 @@ datasource="/var/lib/drone/drone.sqlite" # user="" # pass="" -# [worker] +# [docker] # cert="" # key="" + +# [worker] # nodes=[ # "unix:///var/run/docker.sock", # "unix:///var/run/docker.sock" diff --git a/server/main.go b/server/main.go index a260ba0f..ee618016 100644 --- a/server/main.go +++ b/server/main.go @@ -34,6 +34,10 @@ import ( "github.com/drone/drone/server/worker/pool" ) +const ( + DockerTLSWarning = `WARINING: Docker TLS cert or key not given, this may cause a build errors` +) + var ( // commit sha for the current build, set by // the compile process. @@ -61,9 +65,9 @@ var ( pub *pubsub.PubSub // Docker configuration details. - dockercrt = config.String("docker-cert", "") - dockerkey = config.String("docker-key", "") - nodes StringArr + dockercert = config.String("docker-cert", "") + dockerkey = config.String("docker-key", "") + nodes StringArr db *sql.DB @@ -117,7 +121,14 @@ func main() { workers.Allocate(docker.New()) } else { for _, node := range nodes { - workers.Allocate(docker.NewHost(node)) + if strings.HasPrefix(node, "unix://") { + workers.Allocate(docker.NewHost(node)) + } else if *dockercert != "" && *dockerkey != "" { + workers.Allocate(docker.NewHostCertFile(node, *dockercert, *dockerkey)) + } else { + fmt.Println(DockerTLSWarning) + workers.Allocate(docker.NewHost(node)) + } } } diff --git a/server/worker/docker/docker.go b/server/worker/docker/docker.go index d00f7752..bff55e2a 100644 --- a/server/worker/docker/docker.go +++ b/server/worker/docker/docker.go @@ -49,6 +49,20 @@ func NewHost(host string) *Docker { } } +func NewHostCertFile(host, cert, key string) *Docker { + docker_node, err := docker.NewHostCertFile(host, cert, key) + if err != nil { + log.Fatalln(err) + } + + return &Docker{ + UUID: uuid.New(), + Kind: dockerKind, + Created: time.Now().UTC().Unix(), + docker: docker_node, + } +} + func (d *Docker) Do(c context.Context, r *worker.Work) { // ensure that we can recover from any panics to