package spegel import ( "net" "github.com/containerd/containerd/remotes/docker" "github.com/k3s-io/k3s/pkg/daemons/config" "github.com/rancher/wharfie/pkg/registries" ) // InjectMirror configures TLS for the registry mirror client, and adds the mirror address as an endpoint // to all configured registries. func (c *Config) InjectMirror(nodeConfig *config.Node) error { mirrorAddr := net.JoinHostPort(c.InternalAddress, c.RegistryPort) mirrorURL := "https://" + mirrorAddr + "/v2" registry := nodeConfig.AgentConfig.Registry if registry.Configs == nil { registry.Configs = map[string]registries.RegistryConfig{} } registry.Configs[mirrorAddr] = registries.RegistryConfig{ TLS: ®istries.TLSConfig{ CAFile: c.ServerCAFile, CertFile: c.ClientCertFile, KeyFile: c.ClientKeyFile, }, } if registry.Mirrors == nil { registry.Mirrors = map[string]registries.Mirror{} } for host, mirror := range registry.Mirrors { // Don't handle wildcard or local registry entries if host != "*" && !docker.IsLocalhost(host) { mirror.Endpoints = append([]string{mirrorURL}, mirror.Endpoints...) registry.Mirrors[host] = mirror } } registry.Mirrors[mirrorAddr] = registries.Mirror{ Endpoints: []string{mirrorURL}, } return nil }