TLS allowed commonNames

docker/Makefile

@@ -5,7 +5,7 @@ all: gen
 gen: dev
 
 build:
-	cd ../weed; GOOS=linux go build; mv weed ../docker/
+	cd ../weed; CGO_ENABLED=0 GOOS=linux go build -ldflags "-extldflags -static"; mv weed ../docker/
 	docker build --no-cache -t chrislusf/seaweedfs:local -f Dockerfile.local .
 	rm ./weed
 
@@ -15,6 +15,9 @@ s3tests_build:
 dev: build
 	docker-compose -f compose/local-dev-compose.yml -p seaweedfs up
 
+dev_tls: build certstrap
+	ENV_FILE="tls.env" docker-compose -f compose/local-dev-compose.yml -p seaweedfs up
+
 dev_mount: build
 	docker-compose -f compose/local-mount-compose.yml -p seaweedfs up
 
@@ -41,3 +44,15 @@ filer_etcd: build
 
 clean:
 	rm ./weed
+
+certstrap:
+	go get github.com/square/certstrap
+	certstrap --depot-path compose/tls init --passphrase "" --common-name "SeaweedFS CA" || true
+	certstrap --depot-path compose/tls request-cert --passphrase "" --common-name volume01 || true
+	certstrap --depot-path compose/tls request-cert --passphrase "" --common-name master01 || true
+	certstrap --depot-path compose/tls request-cert --passphrase "" --common-name filer01 || true
+	certstrap --depot-path compose/tls request-cert --passphrase "" --common-name client01 || true
+	certstrap --depot-path compose/tls sign --CA "SeaweedFS CA" volume01 || true
+	certstrap --depot-path compose/tls sign --CA "SeaweedFS CA" master01 || true
+	certstrap --depot-path compose/tls sign --CA "SeaweedFS CA" filer01 || true
+	certstrap --depot-path compose/tls sign --CA "SeaweedFS CA" client01 || true