status-im
/
consul
mirror of https://github.com/status-im/consul.git
2
0
Fork 0
Code Issues Projects Releases Wiki Activity
consul/agent/config
History
Matt Keeler 3f2fc48623 Require enabling TLS to enable Auto Config (#8159) 
On the servers they must have a certificate.

On the clients they just have to set verify_outgoing to true to attempt TLS connections for RPCs.

Eventually we may relax these restrictions but right now all of the settings we push down (acl tokens, acl related settings, certificates, gossip key) are sensitive and shouldn’t be transmitted over an unencrypted connection. Our guides and docs should recoommend verify_server_hostname on the clients as well.

Another reason to do this is weird things happen when making an insecure RPC when TLS is not enabled. Basically it tries TLS anyways. We should probably fix that to make it clearer what is going on.
 		2020-06-19 20:38:38 +00:00
..
agent_limits.go config: validate system limits against limits.http_max_conns_per_client (#7434) 2020-04-02 09:22:17 +02:00
agent_limits_test.go Merge pull request #7762 from hashicorp/dnephin/warn-on-unknown-service-file 2020-06-17 15:21:34 -04:00
builder.go Require enabling TLS to enable Auto Config (#8159) 2020-06-19 20:38:38 +00:00
builder_oss.go agent/config: include Audit struct as a pointer on Config, fix tests 2020-05-11 14:13:05 -07:00
builder_oss_test.go Update enterprise configurations to be in OSS 2020-05-04 10:21:05 -04:00
builder_test.go Merge pull request #7762 from hashicorp/dnephin/warn-on-unknown-service-file 2020-06-17 15:21:34 -04:00
config.go Change auto config authorizer to allow for future extension 2020-06-18 19:22:51 +00:00
config_oss.go agent/config: add auditing config to OSS and add to enterpriseConfigMap exclusions 2020-05-11 13:27:35 -07:00
default.go Merge pull request #8086 from hashicorp/feature/auto-config/client-config-inject 2020-06-18 14:45:52 +00:00
default_oss.go OSS changes to allow for parsing the enterprise DNS config prop… (#6959) 2019-12-18 10:16:35 -05:00
doc.go Metrics service prefix (#3498) 2017-09-26 17:49:55 -07:00
flags.go Merge pull request #7762 from hashicorp/dnephin/warn-on-unknown-service-file 2020-06-17 15:21:34 -04:00
flags_test.go Merge pull request #7762 from hashicorp/dnephin/warn-on-unknown-service-file 2020-06-17 15:21:34 -04:00
flagset.go New config parser, HCL support, multiple bind addrs (#3480) 2017-09-25 11:40:42 -07:00
limits.go Add unconvert linter 2020-05-12 13:47:25 -04:00
limits_windows.go config: validate system limits against limits.http_max_conns_per_client (#7434) 2020-04-02 09:22:17 +02:00
merge.go Agent Auto Configuration: Configuration Syntax Updates (#8003) 2020-06-16 19:03:59 +00:00
merge_test.go Changes maps to merge vs. overwrite when processing configs. 2017-12-13 16:06:01 -08:00
runtime.go Agent Auto Configuration: Configuration Syntax Updates (#8003) 2020-06-16 19:03:59 +00:00
runtime_oss.go Sync of OSS changes to support namespaces (#6909) 2019-12-09 21:26:41 -05:00
runtime_oss_test.go Update enterprise configurations to be in OSS 2020-05-04 10:21:05 -04:00
runtime_test.go Require enabling TLS to enable Auto Config (#8159) 2020-06-19 20:38:38 +00:00
segment_oss.go Update to use a consulent build tag instead of just ent (#5759) 2019-05-01 11:11:27 -04:00
segment_oss_test.go Update enterprise configurations to be in OSS 2020-05-04 10:21:05 -04:00