Merge pull request #108 from FlowFuse/privateCA-certs

Add support for privateCA config
FlowFuse · Dec 1, 2023 · 913b276 · 913b276
2 parents eb32971 + ca003a2
commit 913b276
Show file tree

Hide file tree

Showing 2 changed files with 18 additions and 6 deletions.
diff --git a/README.md b/README.md
@@ -4,12 +4,19 @@ This will start/stop/monitor Node-RED instances and build separate useDirs for e
 
 ## Configure
 
-The following environment variables (in the `.env` file) configure this driver
-
- - CONTAINER_DRIVER=localfs
- - LOCALFS_ROOT=<path/to/store/project/userDirs>
- - LOCALFS_START_PORT=12080
- - LOCALFS_NODE_PATH=<path/to/node/binary> (not required, but useful with nvm)
+In the `flowforge.yml` file the following options can be set under the `drive.options` section
+
+```yaml
+...
+driver:
+  type: localfs
+  options:
+    start_port: 12080
+    privateCA: /full/path/to/chain.pem
+```
+
+ - `start_port` Port number to start from when creating Instances (default: 12080)
+ - `privateCA` is a fully qaulified path to a pem file containing trusted CA cert chain (default: not set)
 
 ## Node-RED Versions for Stacks
 

diff --git a/localfs.js b/localfs.js
@@ -78,6 +78,11 @@ async function startProject (app, project, ProjectStack, userDir, port) {
         env.PATH = process.env.PATH
     }
 
+    // fully qualified path to ca.pem file
+    if (app.config.driver.options.privateCA && fs.existsSync(this._app.config.driver.options.privateCA)) {
+        env.NODE_EXTRA_CA_CERTS = app.config.driver.options.privateCA
+    }
+
     logger.debug(`Stack info ${JSON.stringify(ProjectStack?.properties)}`)
     /*
      * ProjectStack.properties will contain the stack properties for this project