diff --git a/config.yaml.sample b/config.yaml.sample
index f89eed8f9c48a1f22636edc31195bff0aeb8698d..728fa2d92067de3f32df1f4a18c3d13613766734 100644
--- a/config.yaml.sample
+++ b/config.yaml.sample
@@ -6,6 +6,8 @@
dataStorageUrl: localhost:7777
grpcListenAddress: localhost:7877
restListenAddress: localhost:7878
+# This one using by rest-gateway. Must contain the same domain name with issued certificate
+grpcURL: key-storage-agent:7877
# VIAM Variables
viamUUID: viam-system
diff --git a/config/configs.go b/config/configs.go
index 9f835140f2a576ff2d84b12358ac7c58e70afe4e..aa5f7c64087ea1a9b888fbc5ff6b066ee19bb9cc 100644
--- a/config/configs.go
+++ b/config/configs.go
@@ -29,6 +29,7 @@ var MaxMessageSize int
var GrpcListenAddress string
var RestListenAddress string
+var GrpcURL string
var DataStorageUrl string
var EntitiesManagerUrl string
var CertDir string
@@ -41,6 +42,7 @@ func SetConfigValues(configFile, etcdURL string) {
viper.SetDefault("restListenAddress", "localhost:7878")
viper.SetDefault("dataStorageUrl", "localhost:7777")
viper.SetDefault("entitiesManagerUrl", "localhost:7779")
+ viper.SetDefault("grpcURL", "key-storage-agent:7877")
viper.SetDefault("viamUUID", "viam-system")
viper.SetDefault("viamSession", "viam-session")
@@ -122,6 +124,7 @@ func SetConfigValues(configFile, etcdURL string) {
}
GrpcListenAddress = viper.GetString("grpcListenAddress")
+ GrpcURL = viper.GetString("grpcURL")
RestListenAddress = viper.GetString("restListenAddress")
DataStorageUrl = viper.GetString("dataStorageUrl")
diff --git a/main.go b/main.go
index 4b937e1f6de264df8ccf987299d4beeff654063a..75743bbbae377146ea5eabfb33d775219a20e899 100644
--- a/main.go
+++ b/main.go
@@ -42,6 +42,7 @@ func main() {
grpcAddress := config.GrpcListenAddress
restAddress := config.RestListenAddress
+ grpcURL := config.GrpcURL
dataStorageAddress := config.DataStorageUrl
certPem := config.CertificatePEM
keyPem := config.PrivateKeyPEM
@@ -62,7 +63,7 @@ func main() {
// fire the REST server in a goroutine
go func() {
- err := server.StartRESTServer(restAddress, grpcAddress, certPem)
+ err := server.StartRESTServer(restAddress, grpcURL, certPem, keyPem)
if err != nil {
log.Fatalf("failed to start gRPC server: %s", err)
}
diff --git a/server/server.go b/server/server.go
index 8c00656f1d30efb20c0b78c099531acc1a3b70ef..8ee39c1237cb2009f6de628f778ba72709a427b7 100644
--- a/server/server.go
+++ b/server/server.go
@@ -54,6 +54,9 @@ func credMatcher(headerName string) (mdName string, ok bool) {
if headerName == "Session" {
return headerName, true
}
+ if headerName == "Uuid" {
+ return headerName, true
+ }
return "", false
}
@@ -177,7 +180,8 @@ func StartGRPCServer(address string, certPEM, privateKeyPEM, caCertPEM, vereignC
return nil
}
-func StartRESTServer(address, grpcAddress string, certPEM []byte) error {
+func StartRESTServer(address, grpcURL string, certPEM, keyPEM []byte) error {
+ log.Println("grpcAddress: ", grpcURL)
ctx := context.Background()
ctx, cancel := context.WithCancel(ctx)
defer cancel()
@@ -200,14 +204,31 @@ func StartRESTServer(address, grpcAddress string, certPEM []byte) error {
opts := []grpc.DialOption{grpc.WithTransportCredentials(creds)}
// Register RedisStorageServer
- err = api.RegisterKeyStorageHandlerFromEndpoint(ctx, mux, grpcAddress, opts)
+ err = api.RegisterKeyStorageHandlerFromEndpoint(ctx, mux, grpcURL, opts)
if err != nil {
log.Printf("Error: %v", err)
return fmt.Errorf("could not register service RedisStorageServer: %s", err)
}
- log.Printf("starting HTTP/1.1 REST server on %s", address)
- http.ListenAndServe(address, mux)
+ // server certificate
+ certificate, err := tls.X509KeyPair(certPEM, keyPEM)
+ if err != nil {
+ log.Printf("Error: %v", err)
+ return fmt.Errorf("could not load server key pair: %s", err)
+ }
+
+ serverTLSConfig := &tls.Config{
+ Certificates: []tls.Certificate{certificate},
+ }
+
+ tlsServer := &http.Server{
+ Addr: address,
+ Handler: mux,
+ TLSConfig: serverTLSConfig,
+ }
+
+ log.Printf("starting HTTP/1.1 REST server on %s", address)
+ tlsServer.ListenAndServeTLS("","")
return nil
}