From 6dce21cdc8648a3d1fc9e593d9d28cef4d4789b9 Mon Sep 17 00:00:00 2001 From: Lars Karlitski Date: Thu, 24 Sep 2020 00:28:58 +0200 Subject: [PATCH] osbuild-composer: enforce one listener for worker API There's no use case for many of those. --- cmd/osbuild-composer/main.go | 48 +++++++++++++++++++----------------- 1 file changed, 25 insertions(+), 23 deletions(-) diff --git a/cmd/osbuild-composer/main.go b/cmd/osbuild-composer/main.go index 593d6daa5..1d37f390f 100644 --- a/cmd/osbuild-composer/main.go +++ b/cmd/osbuild-composer/main.go @@ -259,30 +259,32 @@ func main() { } if remoteWorkerListeners, exists := listeners["osbuild-remote-worker.socket"]; exists { - for _, listener := range remoteWorkerListeners { - log.Printf("Starting remote listener\n") - - if config.Worker == nil { - log.Fatal("remote worker not configured in the config file") - } - - tlsConfig, err := createTLSConfig(&connectionConfig{ - CACertFile: config.Worker.CA, - ServerKeyFile: "/etc/osbuild-composer/composer-key.pem", - ServerCertFile: "/etc/osbuild-composer/composer-crt.pem", - AllowedDomains: config.Worker.AllowedDomains, - }) - - if err != nil { - log.Fatalf("TLS configuration cannot be created: " + err.Error()) - } - - listener := tls.NewListener(listener, tlsConfig) - go func() { - err := workers.Serve(listener) - common.PanicOnError(err) - }() + if len(remoteWorkerListeners) != 1 { + log.Fatal("The osbuild-remote-worker.socket unit is misconfigured. It should contain only one socket.") } + + log.Printf("Starting remote listener\n") + + if config.Worker == nil { + log.Fatal("remote worker not configured in the config file") + } + + tlsConfig, err := createTLSConfig(&connectionConfig{ + CACertFile: config.Worker.CA, + ServerKeyFile: "/etc/osbuild-composer/composer-key.pem", + ServerCertFile: "/etc/osbuild-composer/composer-crt.pem", + AllowedDomains: config.Worker.AllowedDomains, + }) + + if err != nil { + log.Fatalf("TLS configuration cannot be created: " + err.Error()) + } + + listener := tls.NewListener(remoteWorkerListeners[0], tlsConfig) + go func() { + err := workers.Serve(listener) + common.PanicOnError(err) + }() } err = weldrAPI.Serve(weldrListener)