summaryrefslogtreecommitdiff
diff options
context:
space:
mode:
authorJan Lehnardt <jan@apache.org>2018-11-09 11:23:04 +0100
committerJan Lehnardt <jan@apache.org>2018-11-09 11:28:10 +0100
commit838c5ef6f3e7555014e95c0cc46336567d62caa6 (patch)
tree51f5dfae4c6672ce73a4ebdb0ca4112ec9def372
parent0d316b27cf014dd5287acd4cd666e976c1effc2a (diff)
downloadcouchdb-838c5ef6f3e7555014e95c0cc46336567d62caa6.tar.gz
feat: change enaabling of chttpsd to `[ssl] enable = true`
The previous configuration `[daemons] httpsd = {chttpd, start_link, [https]}` is also sill supported for backwards cmpatibility reasons.
-rw-r--r--rel/overlay/etc/local.ini6
-rw-r--r--src/couch/src/couch_secondary_sup.erl16
2 files changed, 16 insertions, 6 deletions
diff --git a/rel/overlay/etc/local.ini b/rel/overlay/etc/local.ini
index ea5467c9a..ecc97f466 100644
--- a/rel/overlay/etc/local.ini
+++ b/rel/overlay/etc/local.ini
@@ -52,12 +52,8 @@
; Basic realm="server" in order to prevent you getting logged out.
; require_valid_user = false
-[daemons]
-; enable SSL support by uncommenting the following line and supply the PEM's below.
-; the default ssl port CouchDB listens on is 6984
-; httpsd = {chttpd, start_link, [https]}
-
[ssl]
+;enable = true
;cert_file = /full/path/to/server_cert.pem
;key_file = /full/path/to/server_key.pem
;password = somepassword
diff --git a/src/couch/src/couch_secondary_sup.erl b/src/couch/src/couch_secondary_sup.erl
index 255c84980..9b424dc6a 100644
--- a/src/couch/src/couch_secondary_sup.erl
+++ b/src/couch/src/couch_secondary_sup.erl
@@ -36,6 +36,11 @@ init([]) ->
{compaction_daemon, {couch_compaction_daemon, start_link, []}}
],
+ MaybeHttps = case https_enabled() of
+ true -> [{httpsd, {chttpd, start_link, [https]}}];
+ _False -> []
+ end,
+
Children = SecondarySupervisors ++ [
begin
{Module, Fun, Args} = Spec,
@@ -48,6 +53,15 @@ init([]) ->
[Module]}
end
|| {Name, Spec}
- <- Daemons, Spec /= ""],
+ <- Daemons ++ MaybeHttps, Spec /= ""],
{ok, {{one_for_one, 50, 3600},
couch_epi:register_service(couch_db_epi, Children)}}.
+
+https_enabled() ->
+ % 1. [ssl] enable = true | false
+ % 2. if [daemons] httpsd == {chttpd, start_link, [https]} -> pretend true as well
+ SSLEnabled = config:get_boolean("ssl", "enable", false),
+ LegacySSL = config:get("daemons", "httpsd"),
+ LegacySSLEnabled = LegacySSL =:= "{chttpd, start_link, [https]}",
+
+ SSLEnabled orelse LegacySSLEnabled.