add: enable working with a remote daemon (#37)

queil · web-flow · commit 5569f3588902 · 2024-04-06T11:39:59.000+01:00
diff --git a/Cargo.lock b/Cargo.lock
diff --git a/Cargo.toml b/Cargo.toml
@@ -1,11 +1,11 @@
 [package]
 name = "rooz"
-version = "0.59.0"
+version = "0.60.0"
 edition = "2021"
 
 [dependencies]
 base64 = "0.21.3"
-bollard = "0.15.0"
+bollard = { version = "0.15.0", features = ["ssl"] }
 #bollard = { git = "https://github.com/fussybeaver/bollard.git" }
 
 clap = { version = "4.4.2", features = ["derive", "env"] }
diff --git a/README.md b/README.md
@@ -184,6 +184,22 @@ Supported keywords:
 
 * auto-resizing rooz session to fit the terminal window (if resized) is not implemented. Workaround: exit the session, resize the window to your liking, enter the container.
 
+## Connecting to a remote Docker host
+
+Rooz connects to a local Docker daemon by default. However, it also supports working with
+a remote mTLS-protected Docker socket.
+
+:warning: make sure the Docker daemon has [remote access enabled](https://docs.docker.com/config/daemon/remote-access/) and is [mTLS-protected](https://docs.docker.com/engine/security/protect-access/#create-a-ca-server-and-client-keys-with-openssl)
+
+Configure rooz to connect to a remote daemon:
+
+* env: `export ROOZ_REMOTE=true`
+* env: `export DOCKER_HOST=tcp://X.X.X.X:2376`
+* make sure you have the following files in `~/.docker/`:
+  * `ca.pem` (Docker daemon's CA cert)
+  * `cert.pem` (Your client cert)
+  * `key.pem` (Your client key)
+
 ## Running with Podman
 
 1. Make sure podman remote socket is enabled:
diff --git a/src/cli.rs b/src/cli.rs
@@ -167,4 +167,6 @@ pub enum Commands {
 pub struct Cli {
     #[command(subcommand)]
     pub command: Commands,
+    #[arg(hide = true, env = "ROOZ_REMOTE")]
+    pub env_remote: Option<bool>,
 }
diff --git a/src/main.rs b/src/main.rs
@@ -35,7 +35,15 @@ async fn main() -> Result<(), AnyError> {
     log::debug!("Started");
 
     let args = Cli::parse();
-    let docker = Docker::connect_with_local_defaults().expect("Docker API connection established");
+
+    let connection = if let Cli{env_remote:Some(true), command:_ } = args {
+        Docker::connect_with_ssl_defaults()
+    } else {
+        Docker::connect_with_local_defaults()
+    };
+
+    let docker = connection.expect("Docker API connection established");
+     
     log::debug!("Client ver: {}", &docker.client_version());
 
     let version = &docker.version().await?;
@@ -203,12 +211,7 @@ async fn main() -> Result<(), AnyError> {
                 .await?
         }
 
-        Cli {
-            command:
-                System(cli::System {
-                    command: cli::SystemCommands::Completion(CompletionParams { shell }),
-                }),
-        } => {
+        Cli {command:System(cli::System{command:cli::SystemCommands::Completion(CompletionParams{shell}),}), env_remote: _ } => {
             let mut cli = Cli::command()
                 .disable_help_flag(true)
                 .disable_help_subcommand(true);

Original file line number	Diff line number	Diff line change
`@@ -167,4 +167,6 @@ pub enum Commands {`
`167`	`167`	`pub struct Cli {`
`168`	`168`	`#[command(subcommand)]`
`169`	`169`	`pub command: Commands,`
	`170`	`+ #[arg(hide = true, env = "ROOZ_REMOTE")]`
	`171`	`+ pub env_remote: Option<bool>,`
`170`	`172`	`}`