command: various cleanup

10 years ago · 2220ccdac2
3 changed files with 13 additions and 13 deletions
--- a/command/agent/agent.go
+++ b/command/agent/agent.go
@ -688,7 +688,8 @@ func (a *Agent) deletePid() error {
 	return nil
 }

-// loadKeyringFile will load a keyring out of a file
+// loadKeyringFile will load a gossip encryption keyring out of a file. The file
+// must be in JSON format and contain a list of encryption key strings.
 func loadKeyringFile(c *serf.Config) error {
 	if c.KeyringFile == "" {
 		return nil
--- a/command/agent/command.go
+++ b/command/agent/command.go
@ -67,6 +67,7 @@ func (c *Command) readConfig() *Config {
 	cmdFlags.StringVar(&cmdConfig.UiDir, "ui-dir", "", "path to the web UI directory")
 	cmdFlags.StringVar(&cmdConfig.PidFile, "pid-file", "", "path to file to store PID")
 	cmdFlags.StringVar(&cmdConfig.EncryptKey, "encrypt", "", "gossip encryption key")
+
 	cmdFlags.BoolVar(&cmdConfig.Server, "server", false, "run agent as server")
 	cmdFlags.BoolVar(&cmdConfig.Bootstrap, "bootstrap", false, "enable server bootstrap mode")
 	cmdFlags.IntVar(&cmdConfig.BootstrapExpect, "bootstrap-expect", 0, "enable automatic bootstrap via expect mode")
@ -142,6 +143,13 @@ func (c *Command) readConfig() *Config {
 		config.NodeName = hostname
 	}

+	if config.EncryptKey != "" {
+		if _, err := config.EncryptBytes(); err != nil {
+			c.Ui.Error(fmt.Sprintf("Invalid encryption key: %s", err))
+			return nil
+		}
+	}
+
 	// Ensure we have a data directory
 	if config.DataDir == "" {
 		c.Ui.Error("Must specify data directory using -data-dir")
@ -172,13 +180,6 @@ func (c *Command) readConfig() *Config {
 		return nil
 	}

-	if config.EncryptKey != "" {
-		if _, err := config.EncryptBytes(); err != nil {
-			c.Ui.Error(fmt.Sprintf("Invalid encryption key: %s", err))
-			return nil
-		}
-	}
-
 	// Compile all the watches
 	for _, params := range config.Watches {
 		// Parse the watches, excluding the handler
@ -591,10 +592,7 @@ func (c *Command) Run(args []string) int {
 	}

 	// Determine if gossip is encrypted
-	gossipEncrypted := false
-	if config.EncryptKey != "" || config.keyringFileExists() {
-		gossipEncrypted = true
-	}
+	gossipEncrypted := config.EncryptKey != "" || config.keyringFileExists()

 	// Let the agent know we've finished registration
 	c.agent.StartSync()
--- a/command/agent/config.go
+++ b/command/agent/config.go
@ -412,7 +412,8 @@ func (c *Config) ClientListenerAddr(override string, port int) (string, error) {
 }

 // keyringFileExists determines if there are encryption key files present
-// in the data directory.
+// in the data directory. On client nodes, this returns true if a LAN keyring
+// is present. On server nodes, it returns true if either keyring file exists.
 func (c *Config) keyringFileExists() bool {
 	fileLAN := filepath.Join(c.DataDir, SerfLANKeyring)
 	fileWAN := filepath.Join(c.DataDir, SerfWANKeyring)