-
Notifications
You must be signed in to change notification settings - Fork 669
Commit
This commit does not belong to any branch on this repository, and may belong to a fork outside of the repository.
add: rootCA and clientCA in grpc server
Signed-off-by: Arvindh <arvindh91@gmail.com> add: rootCA and client certificate in grpc client Signed-off-by: Arvindh <arvindh91@gmail.com> add: docker-compose for grpc-mtls and make target for mtls cert generation Signed-off-by: Arvindh <arvindh91@gmail.com>
- Loading branch information
1 parent
7ffc14b
commit 46ed2f9
Showing
21 changed files
with
784 additions
and
37 deletions.
There are no files selected for viewing
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1,14 @@ | ||
services: | ||
bootstrap: | ||
environment: | ||
# Users gRPC client environmental varaibles | ||
MF_AUTH_GRPC_CLIENT_MTLS: ${MF_USERS_GRPC_CLIENT_MTLS} | ||
MF_AUTH_GRPC_CLIENT_TLS: ${MF_USERS_GRPC_CLIENT_TLS} | ||
MF_AUTH_GRPC_CLIENT_CERT: /users-grpc-client.crt | ||
MF_AUTH_GRPC_CLIENT_KEY: /users-grpc-client.key | ||
MF_AUTH_GRPC_SERVER_CA_CERTS: /users-grpc-server-ca.crt | ||
volumes: | ||
# Users gRPC client certificates | ||
- ${MF_USERS_GRPC_CLIENT_CERT}:/users-grpc-client.crt | ||
- ${MF_USERS_GRPC_CLIENT_KEY}:/users-grpc-client.key | ||
- ${MF_USERS_GRPC_SERVER_CA_CERTS}:/users-grpc-server-ca.crt |
24 changes: 24 additions & 0 deletions
24
docker/addons/cassandra-reader/docker-compose.grpc-mtls.yaml
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1,24 @@ | ||
services: | ||
cassandra-reader: | ||
environment: | ||
# Users gRPC client environmental varaibles | ||
MF_AUTH_GRPC_CLIENT_MTLS: ${MF_USERS_GRPC_CLIENT_MTLS} | ||
MF_AUTH_GRPC_CLIENT_TLS: ${MF_USERS_GRPC_CLIENT_TLS} | ||
MF_AUTH_GRPC_CLIENT_CERT: /users-grpc-client.crt | ||
MF_AUTH_GRPC_CLIENT_KEY: /users-grpc-client.key | ||
MF_AUTH_GRPC_SERVER_CA_CERTS: /users-grpc-server-ca.crt | ||
# Things gRPC client environmental varaibles | ||
MF_THINGS_AUTH_GRPC_CLIENT_MTLS: ${MF_THINGS_AUTH_GRPC_CLIENT_MTLS} | ||
MF_THINGS_AUTH_GRPC_CLIENT_TLS: ${MF_THINGS_AUTH_GRPC_CLIENT_TLS} | ||
MF_THINGS_AUTH_GRPC_CLIENT_CERT: /client.crt | ||
MF_THINGS_AUTH_GRPC_CLIENT_KEY: /client.key | ||
MF_THINGS_AUTH_GRPC_SERVER_CA_CERTS: /server_ca.crt | ||
volumes: | ||
# Users gRPC client certificates | ||
- ${MF_USERS_GRPC_CLIENT_CERT}:/users-grpc-client.crt | ||
- ${MF_USERS_GRPC_CLIENT_KEY}:/users-grpc-client.key | ||
- ${MF_USERS_GRPC_SERVER_CA_CERTS}:/users-grpc-server-ca.crt | ||
# Things gRPC client certificates | ||
- ${MF_THINGS_AUTH_GRPC_CLIENT_CERT}:/client.crt | ||
- ${MF_THINGS_AUTH_GRPC_CLIENT_KEY}:/client.key | ||
- ${MF_THINGS_AUTH_GRPC_SERVER_CA_CERTS}:/server_ca.crt |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1,14 @@ | ||
services: | ||
certs: | ||
environment: | ||
# Users gRPC client environmental varaibles | ||
MF_AUTH_GRPC_CLIENT_MTLS: ${MF_USERS_GRPC_CLIENT_MTLS} | ||
MF_AUTH_GRPC_CLIENT_TLS: ${MF_USERS_GRPC_CLIENT_TLS} | ||
MF_AUTH_GRPC_CLIENT_CERT: /users-grpc-client.crt | ||
MF_AUTH_GRPC_CLIENT_KEY: /users-grpc-client.key | ||
MF_AUTH_GRPC_SERVER_CA_CERTS: /users-grpc-server-ca.crt | ||
volumes: | ||
# Users gRPC client certificates | ||
- ${MF_USERS_GRPC_CLIENT_CERT}:/users-grpc-client.crt | ||
- ${MF_USERS_GRPC_CLIENT_KEY}:/users-grpc-client.key | ||
- ${MF_USERS_GRPC_SERVER_CA_CERTS}:/users-grpc-server-ca.crt |
24 changes: 24 additions & 0 deletions
24
docker/addons/influxdb-reader/docker-compose.grpc-mtls.yaml
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1,24 @@ | ||
services: | ||
influxdb-reader: | ||
environment: | ||
# Users gRPC client environmental varaibles | ||
MF_AUTH_GRPC_CLIENT_MTLS: ${MF_USERS_GRPC_CLIENT_MTLS} | ||
MF_AUTH_GRPC_CLIENT_TLS: ${MF_USERS_GRPC_CLIENT_TLS} | ||
MF_AUTH_GRPC_CLIENT_CERT: /users-grpc-client.crt | ||
MF_AUTH_GRPC_CLIENT_KEY: /users-grpc-client.key | ||
MF_AUTH_GRPC_SERVER_CA_CERTS: /users-grpc-server-ca.crt | ||
# Things gRPC client environmental varaibles | ||
MF_THINGS_AUTH_GRPC_CLIENT_MTLS: ${MF_THINGS_AUTH_GRPC_CLIENT_MTLS} | ||
MF_THINGS_AUTH_GRPC_CLIENT_TLS: ${MF_THINGS_AUTH_GRPC_CLIENT_TLS} | ||
MF_THINGS_AUTH_GRPC_CLIENT_CERT: /client.crt | ||
MF_THINGS_AUTH_GRPC_CLIENT_KEY: /client.key | ||
MF_THINGS_AUTH_GRPC_SERVER_CA_CERTS: /server_ca.crt | ||
volumes: | ||
# Users gRPC client certificates | ||
- ${MF_USERS_GRPC_CLIENT_CERT}:/users-grpc-client.crt | ||
- ${MF_USERS_GRPC_CLIENT_KEY}:/users-grpc-client.key | ||
- ${MF_USERS_GRPC_SERVER_CA_CERTS}:/users-grpc-server-ca.crt | ||
# Things gRPC client certificates | ||
- ${MF_THINGS_AUTH_GRPC_CLIENT_CERT}:/client.crt | ||
- ${MF_THINGS_AUTH_GRPC_CLIENT_KEY}:/client.key | ||
- ${MF_THINGS_AUTH_GRPC_SERVER_CA_CERTS}:/server_ca.crt |
24 changes: 24 additions & 0 deletions
24
docker/addons/mongodb-reader/docker-compose.grpc-mtls.yaml
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1,24 @@ | ||
services: | ||
mongodb-reader: | ||
environment: | ||
# Users gRPC client environmental varaibles | ||
MF_AUTH_GRPC_CLIENT_MTLS: ${MF_USERS_GRPC_CLIENT_MTLS} | ||
MF_AUTH_GRPC_CLIENT_TLS: ${MF_USERS_GRPC_CLIENT_TLS} | ||
MF_AUTH_GRPC_CLIENT_CERT: /users-grpc-client.crt | ||
MF_AUTH_GRPC_CLIENT_KEY: /users-grpc-client.key | ||
MF_AUTH_GRPC_SERVER_CA_CERTS: /users-grpc-server-ca.crt | ||
# Things gRPC client environmental varaibles | ||
MF_THINGS_AUTH_GRPC_CLIENT_MTLS: ${MF_THINGS_AUTH_GRPC_CLIENT_MTLS} | ||
MF_THINGS_AUTH_GRPC_CLIENT_TLS: ${MF_THINGS_AUTH_GRPC_CLIENT_TLS} | ||
MF_THINGS_AUTH_GRPC_CLIENT_CERT: /client.crt | ||
MF_THINGS_AUTH_GRPC_CLIENT_KEY: /client.key | ||
MF_THINGS_AUTH_GRPC_SERVER_CA_CERTS: /server_ca.crt | ||
volumes: | ||
# Users gRPC client certificates | ||
- ${MF_USERS_GRPC_CLIENT_CERT}:/users-grpc-client.crt | ||
- ${MF_USERS_GRPC_CLIENT_KEY}:/users-grpc-client.key | ||
- ${MF_USERS_GRPC_SERVER_CA_CERTS}:/users-grpc-server-ca.crt | ||
# Things gRPC client certificates | ||
- ${MF_THINGS_AUTH_GRPC_CLIENT_CERT}:/client.crt | ||
- ${MF_THINGS_AUTH_GRPC_CLIENT_KEY}:/client.key | ||
- ${MF_THINGS_AUTH_GRPC_SERVER_CA_CERTS}:/server_ca.crt |
24 changes: 24 additions & 0 deletions
24
docker/addons/postgres-reader/docker-compose.grpc-mtls.yaml
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1,24 @@ | ||
services: | ||
postgres-reader: | ||
environment: | ||
# Users gRPC client environmental varaibles | ||
MF_AUTH_GRPC_CLIENT_MTLS: ${MF_USERS_GRPC_CLIENT_MTLS} | ||
MF_AUTH_GRPC_CLIENT_TLS: ${MF_USERS_GRPC_CLIENT_TLS} | ||
MF_AUTH_GRPC_CLIENT_CERT: /users-grpc-client.crt | ||
MF_AUTH_GRPC_CLIENT_KEY: /users-grpc-client.key | ||
MF_AUTH_GRPC_SERVER_CA_CERTS: /users-grpc-server-ca.crt | ||
# Things gRPC client environmental varaibles | ||
MF_THINGS_AUTH_GRPC_CLIENT_MTLS: ${MF_THINGS_AUTH_GRPC_CLIENT_MTLS} | ||
MF_THINGS_AUTH_GRPC_CLIENT_TLS: ${MF_THINGS_AUTH_GRPC_CLIENT_TLS} | ||
MF_THINGS_AUTH_GRPC_CLIENT_CERT: /client.crt | ||
MF_THINGS_AUTH_GRPC_CLIENT_KEY: /client.key | ||
MF_THINGS_AUTH_GRPC_SERVER_CA_CERTS: /server_ca.crt | ||
volumes: | ||
# Users gRPC client certificates | ||
- ${MF_USERS_GRPC_CLIENT_CERT}:/users-grpc-client.crt | ||
- ${MF_USERS_GRPC_CLIENT_KEY}:/users-grpc-client.key | ||
- ${MF_USERS_GRPC_SERVER_CA_CERTS}:/users-grpc-server-ca.crt | ||
# Things gRPC client certificates | ||
- ${MF_THINGS_AUTH_GRPC_CLIENT_CERT}:/client.crt | ||
- ${MF_THINGS_AUTH_GRPC_CLIENT_KEY}:/client.key | ||
- ${MF_THINGS_AUTH_GRPC_SERVER_CA_CERTS}:/server_ca.crt |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1,14 @@ | ||
services: | ||
smpp-notifier: | ||
environment: | ||
# Users gRPC client environmental varaibles | ||
MF_AUTH_GRPC_CLIENT_MTLS: ${MF_USERS_GRPC_CLIENT_MTLS} | ||
MF_AUTH_GRPC_CLIENT_TLS: ${MF_USERS_GRPC_CLIENT_TLS} | ||
MF_AUTH_GRPC_CLIENT_CERT: /users-grpc-client.crt | ||
MF_AUTH_GRPC_CLIENT_KEY: /users-grpc-client.key | ||
MF_AUTH_GRPC_SERVER_CA_CERTS: /users-grpc-server-ca.crt | ||
volumes: | ||
# Users gRPC client certificates | ||
- ${MF_USERS_GRPC_CLIENT_CERT}:/users-grpc-client.crt | ||
- ${MF_USERS_GRPC_CLIENT_KEY}:/users-grpc-client.key | ||
- ${MF_USERS_GRPC_SERVER_CA_CERTS}:/users-grpc-server-ca.crt |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1,14 @@ | ||
services: | ||
smtp-notifier: | ||
environment: | ||
# Users gRPC client environmental varaibles | ||
MF_AUTH_GRPC_CLIENT_MTLS: ${MF_USERS_GRPC_CLIENT_MTLS} | ||
MF_AUTH_GRPC_CLIENT_TLS: ${MF_USERS_GRPC_CLIENT_TLS} | ||
MF_AUTH_GRPC_CLIENT_CERT: /users-grpc-client.crt | ||
MF_AUTH_GRPC_CLIENT_KEY: /users-grpc-client.key | ||
MF_AUTH_GRPC_SERVER_CA_CERTS: /users-grpc-server-ca.crt | ||
volumes: | ||
# Users gRPC client certificates | ||
- ${MF_USERS_GRPC_CLIENT_CERT}:/users-grpc-client.crt | ||
- ${MF_USERS_GRPC_CLIENT_KEY}:/users-grpc-client.key | ||
- ${MF_USERS_GRPC_SERVER_CA_CERTS}:/users-grpc-server-ca.crt |
24 changes: 24 additions & 0 deletions
24
docker/addons/timescale-reader/docker-compose.grpc-mtls.yaml
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1,24 @@ | ||
services: | ||
timescale-reader: | ||
environment: | ||
# Users gRPC client environmental varaibles | ||
MF_AUTH_GRPC_CLIENT_MTLS: ${MF_USERS_GRPC_CLIENT_MTLS} | ||
MF_AUTH_GRPC_CLIENT_TLS: ${MF_USERS_GRPC_CLIENT_TLS} | ||
MF_AUTH_GRPC_CLIENT_CERT: /users-grpc-client.crt | ||
MF_AUTH_GRPC_CLIENT_KEY: /users-grpc-client.key | ||
MF_AUTH_GRPC_SERVER_CA_CERTS: /users-grpc-server-ca.crt | ||
# Things gRPC client environmental varaibles | ||
MF_THINGS_AUTH_GRPC_CLIENT_MTLS: ${MF_THINGS_AUTH_GRPC_CLIENT_MTLS} | ||
MF_THINGS_AUTH_GRPC_CLIENT_TLS: ${MF_THINGS_AUTH_GRPC_CLIENT_TLS} | ||
MF_THINGS_AUTH_GRPC_CLIENT_CERT: /client.crt | ||
MF_THINGS_AUTH_GRPC_CLIENT_KEY: /client.key | ||
MF_THINGS_AUTH_GRPC_SERVER_CA_CERTS: /server_ca.crt | ||
volumes: | ||
# Users gRPC client certificates | ||
- ${MF_USERS_GRPC_CLIENT_CERT}:/users-grpc-client.crt | ||
- ${MF_USERS_GRPC_CLIENT_KEY}:/users-grpc-client.key | ||
- ${MF_USERS_GRPC_SERVER_CA_CERTS}:/users-grpc-server-ca.crt | ||
# Things gRPC client certificates | ||
- ${MF_THINGS_AUTH_GRPC_CLIENT_CERT}:/client.crt | ||
- ${MF_THINGS_AUTH_GRPC_CLIENT_KEY}:/client.key | ||
- ${MF_THINGS_AUTH_GRPC_SERVER_CA_CERTS}:/server_ca.crt |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1,14 @@ | ||
services: | ||
twins: | ||
environment: | ||
# Users gRPC client environmental varaibles | ||
MF_AUTH_GRPC_CLIENT_MTLS: ${MF_USERS_GRPC_CLIENT_MTLS} | ||
MF_AUTH_GRPC_CLIENT_TLS: ${MF_USERS_GRPC_CLIENT_TLS} | ||
MF_AUTH_GRPC_CLIENT_CERT: /users-grpc-client.crt | ||
MF_AUTH_GRPC_CLIENT_KEY: /users-grpc-client.key | ||
MF_AUTH_GRPC_SERVER_CA_CERTS: /users-grpc-server-ca.crt | ||
volumes: | ||
# Users gRPC client certificates | ||
- ${MF_USERS_GRPC_CLIENT_CERT}:/users-grpc-client.crt | ||
- ${MF_USERS_GRPC_CLIENT_KEY}:/users-grpc-client.key | ||
- ${MF_USERS_GRPC_SERVER_CA_CERTS}:/users-grpc-server-ca.crt |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1,4 @@ | ||
*grpc-server* | ||
*grpc-client* | ||
*srl | ||
*conf |
Oops, something went wrong.