fix(server):support disable https only ee-2068 (#6232)

* fix/ee-2068/disable-forcely-https
2021-12-14 08:40:44 +08:00 · 2021-12-14 08:40:44 +08:00 · 7088da5157
parent da422d6ed6
commit 7088da5157
5 changed files with 13 additions and 9 deletions
--- a/api/cli/cli.go
+++ b/api/cli/cli.go
@ -45,6 +45,7 @@ func (*Service) ParseFlags(version string) (*portainer.CLIFlags, error) {
 		TLSCert:                   kingpin.Flag("tlscert", "Path to the TLS certificate file").Default(defaultTLSCertPath).String(),
 		TLSKey:                    kingpin.Flag("tlskey", "Path to the TLS key").Default(defaultTLSKeyPath).String(),
 		HTTPDisabled:              kingpin.Flag("http-disabled", "Serve portainer only on https").Default(defaultHTTPDisabled).Bool(),
+		HTTPEnabled:               kingpin.Flag("http-enabled", "Serve portainer on http").Default(defaultHTTPEnabled).Bool(),
 		SSL:                       kingpin.Flag("ssl", "Secure Portainer instance using SSL (deprecated)").Default(defaultSSL).Bool(),
 		SSLCert:                   kingpin.Flag("sslcert", "Path to the SSL certificate used to secure the Portainer instance").String(),
 		SSLKey:                    kingpin.Flag("sslkey", "Path to the SSL key used to secure the Portainer instance").String(),
--- a/api/cli/defaults.go
+++ b/api/cli/defaults.go
@ -15,6 +15,7 @@ const (
 	defaultTLSCertPath         = "/certs/cert.pem"
 	defaultTLSKeyPath          = "/certs/key.pem"
 	defaultHTTPDisabled        = "false"
+	defaultHTTPEnabled         = "false"
 	defaultSSL                 = "false"
 	defaultSSLCertPath         = "/certs/portainer.crt"
 	defaultSSLKeyPath          = "/certs/portainer.key"
--- a/api/cli/defaults_windows.go
+++ b/api/cli/defaults_windows.go
@ -13,6 +13,7 @@ const (
 	defaultTLSCertPath         = "C:\\certs\\cert.pem"
 	defaultTLSKeyPath          = "C:\\certs\\key.pem"
 	defaultHTTPDisabled        = "false"
+	defaultHTTPEnabled         = "false"
 	defaultSSL                 = "false"
 	defaultSSLCertPath         = "C:\\certs\\portainer.crt"
 	defaultSSLKeyPath          = "C:\\certs\\portainer.key"
--- a/api/cmd/portainer/main.go
+++ b/api/cmd/portainer/main.go
@ -234,14 +234,16 @@ func updateSettingsFromFlags(dataStore portainer.DataStore, flags *portainer.CLI
 		return err
 	}

-	httpEnabled := !*flags.HTTPDisabled
-
 	sslSettings, err := dataStore.SSLSettings().Settings()
 	if err != nil {
 		return err
 	}

-	sslSettings.HTTPEnabled = httpEnabled
+	if *flags.HTTPDisabled {
+		sslSettings.HTTPEnabled = false
+	} else {
+		sslSettings.HTTPEnabled = *flags.HTTPEnabled || sslSettings.HTTPEnabled
+	}

 	err = dataStore.SSLSettings().UpdateSettings(sslSettings)
 	if err != nil {
@ -551,11 +553,9 @@ func buildServer(flags *portainer.CLIFlags) portainer.Server {
 		log.Fatalf("failed initializing helm package manager: %s", err)
 	}

-	if dataStore.IsNew() {
-		err = updateSettingsFromFlags(dataStore, flags)
-		if err != nil {
-			log.Fatalf("failed updating settings from flags: %v", err)
-		}
+	err = updateSettingsFromFlags(dataStore, flags)
+	if err != nil {
+		log.Fatalf("failed updating settings from flags: %v", err)
 	}

 	err = edge.LoadEdgeJobs(dataStore, reverseTunnelService)
--- a/api/portainer.go
+++ b/api/portainer.go
@ -90,6 +90,7 @@ type (
 		TLSCert                   *string
 		TLSKey                    *string
 		HTTPDisabled              *bool
+		HTTPEnabled               *bool
 		SSL                       *bool
 		SSLCert                   *string
 		SSLKey                    *string
@ -612,7 +613,7 @@ type (
 		ManagementConfiguration *RegistryManagementConfiguration `json:"ManagementConfiguration"`
 		Gitlab                  GitlabRegistryData               `json:"Gitlab"`
 		Quay                    QuayRegistryData                 `json:"Quay"`
-		Ecr                  	EcrData                       	 `json:"Ecr"`
+		Ecr                     EcrData                          `json:"Ecr"`
 		RegistryAccesses        RegistryAccesses                 `json:"RegistryAccesses"`

 		// Deprecated fields