command: create serf dir if it doesn't exist, document -disable-keyring arg

10 years ago · 471ee9ce8f
2 changed files with 13 additions and 2 deletions
--- a/command/agent/agent.go
+++ b/command/agent/agent.go
@ -116,15 +116,22 @@ func Create(config *Config, logOutput io.Writer) (*Agent, error) {

 	// Setup encryption keyring files
 	if !config.DisableKeyring && config.EncryptKey != "" {
+		serfDir := filepath.Join(config.DataDir, "serf")
+		if err := os.MkdirAll(serfDir, 0700); err != nil {
+			return nil, err
+		}
+
 		keys := []string{config.EncryptKey}
 		keyringBytes, err := json.MarshalIndent(keys, "", "  ")
 		if err != nil {
 			return nil, err
 		}
+
 		paths := []string{
-			filepath.Join(config.DataDir, "serf", "keyring_lan"),
-			filepath.Join(config.DataDir, "serf", "keyring_wan"),
+			filepath.Join(serfDir, "keyring_lan"),
+			filepath.Join(serfDir, "keyring_wan"),
 		}
+
 		for _, path := range paths {
 			if _, err := os.Stat(path); err == nil {
 				continue
--- a/command/agent/command.go
+++ b/command/agent/command.go
@ -792,6 +792,10 @@ Options:
  -data-dir=path           Path to a data directory to store agent state
  -dc=east-aws             Datacenter of the agent
  -encrypt=key             Provides the gossip encryption key
+  -disable-keyring         Disables the use of an encryption keyring. The
+                           Default behavior is to persist encryption keys using
+                           a keyring file, and reload the keys on subsequent
+                           starts. This argument disables keyring persistence.
  -join=1.2.3.4            Address of an agent to join at start time.
                           Can be specified multiple times.
  -join-wan=1.2.3.4        Address of an agent to join -wan at start time.