From 604b24f23fe3cb506250f1405097756028c9806a Mon Sep 17 00:00:00 2001
From: =?UTF-8?q?J=C3=B6rn=20Friedrich=20Dreyer?= <jfd@butonic.de>
Date: Wed, 26 Feb 2020 22:23:07 +0100
Subject: [PATCH] add cert and key config options
MIME-Version: 1.0
Content-Type: text/plain; charset=UTF-8
Content-Transfer-Encoding: 8bit

Signed-off-by: Jörn Friedrich Dreyer <jfd@butonic.de>
---
 pkg/command/server.go  |  2 ++
 pkg/config/config.go   |  9 ++++++++-
 pkg/flagset/flagset.go | 14 ++++++++++++++
 3 files changed, 24 insertions(+), 1 deletion(-)

diff --git a/pkg/command/server.go b/pkg/command/server.go
index c9d11a1..def1336 100644
--- a/pkg/command/server.go
+++ b/pkg/command/server.go
@@ -144,6 +144,8 @@ func Server(cfg *config.Config) *cli.Command {
 					LDAPS: glauthcfg.LDAPS{
 						Enabled: cfg.Ldaps.Enabled,
 						Listen:  cfg.Ldaps.Address,
+						Cert:    cfg.Ldaps.Cert,
+						Key:     cfg.Ldaps.Key,
 					},
 					Backend: glauthcfg.Backend{
 						Datastore:   cfg.Backend.Datastore,
diff --git a/pkg/config/config.go b/pkg/config/config.go
index 666a773..bf99a62 100644
--- a/pkg/config/config.go
+++ b/pkg/config/config.go
@@ -37,6 +37,13 @@ type Ldap struct {
 	Enabled bool
 }
 
+// Ldaps defined the available LDAPS configuration.
+type Ldaps struct {
+	Ldap
+	Cert string
+	Key  string
+}
+
 // Backend defined the available backend configuration.
 type Backend struct {
 	Datastore   string
@@ -57,7 +64,7 @@ type Config struct {
 	HTTP    HTTP
 	Tracing Tracing
 	Ldap    Ldap
-	Ldaps   Ldap
+	Ldaps   Ldaps
 	Backend Backend
 }
 
diff --git a/pkg/flagset/flagset.go b/pkg/flagset/flagset.go
index 1dda6d8..d5f8133 100644
--- a/pkg/flagset/flagset.go
+++ b/pkg/flagset/flagset.go
@@ -145,6 +145,20 @@ func ServerWithConfig(cfg *config.Config) []cli.Flag {
 			EnvVars:     []string{"GLAUTH_LDAPS_ENABLED"},
 			Destination: &cfg.Ldaps.Enabled,
 		},
+		&cli.StringFlag{
+			Name:        "ldaps-cert",
+			Value:       "certs/server.crt",
+			Usage:       "path to ldaps certificate in PEM format",
+			EnvVars:     []string{"GLAUTH_LDAPS_CERT"},
+			Destination: &cfg.Ldaps.Cert,
+		},
+		&cli.StringFlag{
+			Name:        "ldaps-key",
+			Value:       "certs/server.key",
+			Usage:       "path to ldaps key in PEM format",
+			EnvVars:     []string{"GLAUTH_LDAPS_KEY"},
+			Destination: &cfg.Ldaps.Key,
+		},
 
 		&cli.StringFlag{
 			Name:        "backend-datastore",