Skip to content

Commit e62018d

Browse files
mcasimirmcasimir
committed
tls config
1 parent b87df77 commit e62018d

File tree

2 files changed

+29
-13
lines changed

2 files changed

+29
-13
lines changed

docker/kerberos/config.js

Lines changed: 13 additions & 13 deletions
Original file line numberDiff line numberDiff line change
@@ -4,18 +4,18 @@ const execa = require('execa');
44
const {default: ConnectionString} = require('mongodb-connection-string-url');
55

66
const principal = 'mongodb.user';
7-
const defaultConnectionString = new ConnectionString('mongodb://mongodb-kerberos-1.example.com:29017');
8-
defaultConnectionString.username = principal;
9-
defaultConnectionString.searchParams.set('authMechanism', 'GSSAPI');
7+
const simple = new ConnectionString('mongodb://mongodb-kerberos-1.example.com:29017');
8+
simple.username = principal;
9+
simple.searchParams.set('authMechanism', 'GSSAPI');
1010

11-
const alternateConnectionString = new ConnectionString('mongodb://mongodb-kerberos-2.example.com:29018');
12-
alternateConnectionString.username = principal;
13-
alternateConnectionString.searchParams.set('authMechanism', 'GSSAPI');
14-
alternateConnectionString.searchParams.set('authMechanismProperties', 'SERVICE_NAME:alternate');
11+
const alternate = new ConnectionString('mongodb://mongodb-kerberos-2.example.com:29018');
12+
alternate.username = principal;
13+
alternate.searchParams.set('authMechanism', 'GSSAPI');
14+
alternate.searchParams.set('authMechanismProperties', 'SERVICE_NAME:alternate');
1515

16-
const crossRealmConnectionString = new ConnectionString('mongodb://mongodb-kerberos-3.examplecrossrealm.com:29019');
17-
crossRealmConnectionString.username = principal;
18-
crossRealmConnectionString.searchParams.set('authMechanism', 'GSSAPI');
16+
const crossRealm = new ConnectionString('mongodb://mongodb-kerberos-3.examplecrossrealm.com:29019');
17+
crossRealm.username = principal;
18+
crossRealm.searchParams.set('authMechanism', 'GSSAPI');
1919

2020
module.exports = {
2121
dockerCompose: {
@@ -50,13 +50,13 @@ module.exports = {
5050
},
5151
connections: {
5252
default: {
53-
connectionString: defaultConnectionString.href
53+
connectionString: simple.href
5454
},
5555
alternate: {
56-
connectionString: alternateConnectionString.href
56+
connectionString: alternate.href
5757
},
5858
crossRealm: {
59-
connectionString: crossRealmConnectionString.href
59+
connectionString: crossRealm.href
6060
}
6161
}
6262
};

docker/tls/config.js

Lines changed: 16 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -21,6 +21,13 @@ x509.searchParams.set('tlsCAFile', path.resolve(__dirname, 'tls', 'ca.pem'));
2121
x509.searchParams.set('tlsCertificateKeyFile', path.resolve(__dirname, 'tls', 'client.pem'));
2222
x509.searchParams.set('authMechanism', 'MONGODB-X509');
2323

24+
const x509WithSsh = new ConnectionString('mongodb://mongodb-tls-x509:27017');
25+
x509WithSsh.searchParams.set('tls', 'true');
26+
x509WithSsh.searchParams.set('tlsAllowInvalidHostnames', 'true');
27+
x509WithSsh.searchParams.set('tlsCAFile', path.resolve(__dirname, 'tls', 'ca.pem'));
28+
x509WithSsh.searchParams.set('tlsCertificateKeyFile', path.resolve(__dirname, 'tls', 'client.pem'));
29+
x509WithSsh.searchParams.set('authMechanism', 'MONGODB-X509');
30+
2431
module.exports = {
2532
dockerCompose: {
2633
projectName: path.basename(__dirname),
@@ -44,6 +51,15 @@ module.exports = {
4451
},
4552
x509: {
4653
connectionString: x509.href
54+
},
55+
x509WithSsh: {
56+
connectionString: x509WithSsh.href,
57+
sshTunnel: {
58+
host: 'localhost',
59+
port: 22223,
60+
username: 'root',
61+
password: 'password'
62+
}
4763
}
4864
}
4965
};

0 commit comments

Comments
 (0)