Browse code
Use certs.d from XDG_CONFIG_HOME when in rootless mode
Signed-off-by: Dmitry Sharshakov <d3dx12.xx@gmail.com>
Dmitry Sharshakov authored on 2019/11/25 19:12:54Showing 1 changed files
| ... | ... |
@@ -16,6 +16,9 @@ import ( |
| 16 | 16 |
"github.com/docker/distribution/registry/client/transport" |
| 17 | 17 |
"github.com/docker/go-connections/tlsconfig" |
| 18 | 18 |
"github.com/sirupsen/logrus" |
| 19 |
+ |
|
| 20 |
+ "github.com/docker/docker/pkg/homedir" |
|
| 21 |
+ "github.com/docker/docker/rootless" |
|
| 19 | 22 |
) |
| 20 | 23 |
|
| 21 | 24 |
var ( |
| ... | ... |
@@ -31,7 +34,19 @@ func newTLSConfig(hostname string, isSecure bool) (*tls.Config, error) {
|
| 31 | 31 |
tlsConfig.InsecureSkipVerify = !isSecure |
| 32 | 32 |
|
| 33 | 33 |
if isSecure && CertsDir != "" {
|
| 34 |
- hostDir := filepath.Join(CertsDir, cleanPath(hostname)) |
|
| 34 |
+ certsDir := CertsDir |
|
| 35 |
+ |
|
| 36 |
+ if rootless.RunningWithRootlessKit() {
|
|
| 37 |
+ configHome, err := homedir.GetConfigHome() |
|
| 38 |
+ if err != nil {
|
|
| 39 |
+ return nil, err |
|
| 40 |
+ } |
|
| 41 |
+ |
|
| 42 |
+ certsDir = filepath.Join(configHome, "docker/certs.d") |
|
| 43 |
+ } |
|
| 44 |
+ |
|
| 45 |
+ hostDir := filepath.Join(certsDir, cleanPath(hostname)) |
|
| 46 |
+ |
|
| 35 | 47 |
logrus.Debugf("hostDir: %s", hostDir)
|
| 36 | 48 |
if err := ReadCertsDirectory(tlsConfig, hostDir); err != nil {
|
| 37 | 49 |
return nil, err |