diff --git a/README.md b/README.md index 3a91342..9fd4dab 100644 --- a/README.md +++ b/README.md @@ -43,9 +43,10 @@ Die Anwendung lässt sich auch mit Umgebungsvariablen konfigurieren. Optionale Umgebungsvariablen - wenn angegeben wird eine SSL-Verbindung zu Kafka aufgebaut. -* `APP_SSL_CA_FILE`: CA für SSL-Verbindungen -* `APP_SSL_CA_FILE`: SSL Certificate Datei -* `APP_SSL_CA_FILE`: SSL Key Datei +* `APP_KAFKA_SSL_CA_FILE`: CA für SSL-Verbindungen +* `APP_KAFKA_SSL_CERT_FILE`: SSL Certificate Datei +* `APP_KAFKA_SSL_KEY_FILE`: SSL Key Datei +* `APP_KAFKA_SSL_KEY_PASSWORD`: SSL KEY Passwort (wenn benötigt) Die Angabe eines Tokens ist verpflichtend und kann entweder über den Parameter `--token` erfolgen, oder über die Umgebungsvariable `APP_SECURITY_TOKEN`. diff --git a/src/cli.rs b/src/cli.rs index fa1d761..17c6c6b 100644 --- a/src/cli.rs +++ b/src/cli.rs @@ -36,20 +36,26 @@ pub struct Cli { pub listen: String, #[arg( long, - env = "APP_SSL_CA_FILE", + env = "APP_KAFKA_SSL_CA_FILE", help = "CA file for SSL connection to Kafka" )] pub ssl_ca_file: Option, #[arg( long, - env = "APP_SSL_CERT_FILE", + env = "APP_KAFKA_SSL_CERT_FILE", help = "Certificate file for SSL connection to Kafka" )] pub ssl_cert_file: Option, #[arg( long, - env = "APP_SSL_KEY_FILE", + env = "APP_KAFKA_SSL_KEY_FILE", help = "Key file for SSL connection to Kafka" )] pub ssl_key_file: Option, + #[arg( + long, + env = "APP_KAFKA_SSL_KEY_PASSWORD", + help = "The SSL key password" + )] + pub ssl_key_password: Option, } diff --git a/src/main.rs b/src/main.rs index aeeab4b..f59a4b2 100644 --- a/src/main.rs +++ b/src/main.rs @@ -73,12 +73,16 @@ async fn main() -> Result<(), ()> { .init(); } + let mut client_config = ClientConfig::new(); + + client_config + .set("bootstrap.servers", &CONFIG.bootstrap_server) + .set("message.timeout.ms", "5000") + .set("security.protocol", "ssl"); + let producer = if CONFIG.ssl_cert_file.is_some() || CONFIG.ssl_key_file.is_some() { // Use SSL - ClientConfig::new() - .set("bootstrap.servers", &CONFIG.bootstrap_server) - .set("message.timeout.ms", "5000") - .set("security.protocol", "ssl") + client_config .set( "ssl.ca.location", CONFIG.ssl_ca_file.clone().unwrap_or_default(), @@ -90,16 +94,14 @@ async fn main() -> Result<(), ()> { .set( "ssl.key.location", CONFIG.ssl_key_file.clone().unwrap_or_default(), - ) - .create::() - .map_err(|_| ())? + ); + if let Some(ssl_key_password) = &CONFIG.ssl_key_password { + client_config.set("ssl.key.password", ssl_key_password); + } + client_config.create::().map_err(|_| ())? } else { // Plain - ClientConfig::new() - .set("bootstrap.servers", &CONFIG.bootstrap_server) - .set("message.timeout.ms", "5000") - .create::() - .map_err(|_| ())? + client_config.create::().map_err(|_| ())? }; let sender = Arc::new(DefaultMtbFileSender::new(&CONFIG.topic, producer)); @@ -128,6 +130,7 @@ static CONFIG: LazyLock = LazyLock::new(|| Cli { ssl_ca_file: None, ssl_cert_file: None, ssl_key_file: None, + ssl_key_password: None, }); #[cfg(test)]