@@ -11,6 +11,7 @@ import (
1111 "encoding/json"
1212 "fmt"
1313 "log"
14+ "net"
1415 "os"
1516 "strconv"
1617 "strings"
6061 flagTLSCaKeyFile string
6162 flagDomainName string
6263 flagServerPort int
64+ flagIpAddr string
6365)
6466
6567// AppConfig stores application-wide configuration parameters for the QPI server.
@@ -85,6 +87,7 @@ type AppConfig struct {
8587 TlsCaKeyFile string
8688 DomainName string
8789 ServerPort int
90+ IpAddr string
8891 tlsConfig * certKeyPair
8992 parsedTlsConfig * tls.Config
9093 tlsCaConfig * certKeyPair
@@ -191,13 +194,13 @@ func (cfg *AppConfig) StartTlsRenewalWorker(ctx context.Context) {
191194 }
192195
193196 // regenerate certificate with new CA
194- err = generateCertAndKeyFiles (cfg .DomainName , cfg .TlsCertFile , cfg .TlsKeyFile , cfg .tlsCaConfig )
197+ err = generateCertAndKeyFiles (cfg .DomainName , cfg .TlsCertFile , cfg .TlsKeyFile , cfg .tlsCaConfig , cfg . IpAddr )
195198 if err != nil {
196199 log .Printf ("[Config] Error regenerating TLS cert and key: %v\n " , err )
197200 continue
198201 }
199202
200- cfg .tlsConfig , err = getTlsCertKeyPair (cfg .TlsCertFile , cfg .TlsKeyFile , cfg .DomainName , cfg .tlsCaConfig )
203+ cfg .tlsConfig , err = getTlsCertKeyPair (cfg .TlsCertFile , cfg .TlsKeyFile , cfg .DomainName , cfg .tlsCaConfig , cfg . IpAddr )
201204 if err != nil {
202205 log .Printf ("[Config] Error getting TLS config: %v\n " , err )
203206 continue
@@ -224,7 +227,7 @@ func (cfg *AppConfig) StartTlsRenewalWorker(ctx context.Context) {
224227 if isCertUpForRenewal (cfg .tlsConfig , certBuffer ) {
225228 log .Println ("[Config] TLS certificate regenerating..." )
226229
227- err := generateCertAndKeyFiles (cfg .DomainName , cfg .TlsCertFile , cfg .TlsKeyFile , cfg .tlsCaConfig )
230+ err := generateCertAndKeyFiles (cfg .DomainName , cfg .TlsCertFile , cfg .TlsKeyFile , cfg .tlsCaConfig , cfg . IpAddr )
228231 if err != nil {
229232 log .Printf ("[Config] Error regenerating TLS cert and key: %v\n " , err )
230233 continue
@@ -236,7 +239,7 @@ func (cfg *AppConfig) StartTlsRenewalWorker(ctx context.Context) {
236239 continue
237240 }
238241
239- cfg .tlsConfig , err = getTlsCertKeyPair (cfg .TlsCertFile , cfg .TlsKeyFile , cfg .DomainName , cfg .tlsCaConfig )
242+ cfg .tlsConfig , err = getTlsCertKeyPair (cfg .TlsCertFile , cfg .TlsKeyFile , cfg .DomainName , cfg .tlsCaConfig , cfg . IpAddr )
240243 if err != nil {
241244 log .Printf ("[Config] Error loading TLS config: %v\n " , err )
242245 continue
@@ -314,6 +317,7 @@ func BindFlags(cmd *cobra.Command) {
314317 cmd .PersistentFlags ().StringVar (& flagTLSCaCertFile , "tls-ca-cert-file" , DefaultTLSCaCertFile , "Path to QPI TLS certificate authority CA cert file" )
315318 cmd .PersistentFlags ().StringVar (& flagTLSCaKeyFile , "tls-ca-key-file" , DefaultTLSCaKeyFile , "Path to QPI TLS certificate authority CA key file" )
316319 cmd .PersistentFlags ().StringVar (& flagDomainName , "domain" , "" , "The domain name this server is running on" )
320+ cmd .PersistentFlags ().StringVar (& flagIpAddr , "ip-addr" , "127.0.0.1" , "The public IP address to include in the generated TLS certificates" )
317321 cmd .PersistentFlags ().IntVar (& flagServerPort , "server-port" , 8090 , "The port this server should run on" )
318322 cmd .PersistentFlags ().StringVar (& flagCollectionQPUs , "qpus-collection" , DefaultQpusCollection , "Collection name for QPUs" )
319323 cmd .PersistentFlags ().StringVar (& flagCollectionTimeSlots , "timeslots-collection" , DefaultTimeSlotsCollection , "Collection name for Time Slots" )
@@ -363,6 +367,7 @@ func NewFromFlags(cmd *cobra.Command) (*AppConfig, error) {
363367 cfg .TlsKeyFile = DefaultTLSKeyFile
364368 cfg .TlsCaCertFile = DefaultTLSCaCertFile
365369 cfg .TlsCaKeyFile = DefaultTLSCaKeyFile
370+ cfg .IpAddr = "127.0.0.1"
366371
367372 // Overlay Config File (if specified via env or flag)
368373 configFile := flagConfigFile
@@ -393,6 +398,7 @@ func NewFromFlags(cmd *cobra.Command) (*AppConfig, error) {
393398 TlsCaCertFile * string `json:"tlsCaCertFile" yaml:"tlsCaCertFile"`
394399 TlsCaKeyFile * string `json:"tlsCaKeyFile" yaml:"tlsCaKeyFile"`
395400 ServerPort * int `json:"serverPort" yaml:"serverPort"`
401+ IpAddr * string `json:"ipAddr" yaml:"ipAddr"`
396402 CollectionTimeSlots * string `json:"timeslotsCollection" yaml:"timeslotsCollection"`
397403 CollectionQuantumJobs * string `json:"jobsCollection" yaml:"jobsCollection"`
398404 CollectionAPITokens * string `json:"apiTokensCollection" yaml:"apiTokensCollection"`
@@ -434,6 +440,11 @@ func NewFromFlags(cmd *cobra.Command) (*AppConfig, error) {
434440 if fileCfg .ServerPort != nil {
435441 cfg .ServerPort = * fileCfg .ServerPort
436442 }
443+ if fileCfg .IpAddr != nil {
444+ if _ , err := parseIpOrErr (* fileCfg .IpAddr ); err == nil {
445+ cfg .IpAddr = * fileCfg .IpAddr
446+ }
447+ }
437448 if fileCfg .CollectionQPUs != nil {
438449 cfg .CollectionQPUs = * fileCfg .CollectionQPUs
439450 }
@@ -554,6 +565,7 @@ func NewFromFlags(cmd *cobra.Command) (*AppConfig, error) {
554565 cfg .TlsCaCertFile = resolveString ("tls-ca-cert-file" , "QPI_TLS_CA_CERT_FILE" , cfg .TlsCaCertFile )
555566 cfg .TlsCaKeyFile = resolveString ("tls-ca-key-file" , "QPI_TLS_CA_KEY_FILE" , cfg .TlsCaKeyFile )
556567 cfg .ServerPort = resolveInt ("server-port" , "QPI_SERVER_PORT" , cfg .ServerPort )
568+ cfg .IpAddr = resolveString ("ip-addr" , "QPI_IP_ADDR" , cfg .IpAddr )
557569 cfg .CollectionQPUs = resolveString ("qpus-collection" , "QPI_QPUS_COLLECTION" , cfg .CollectionQPUs )
558570 cfg .CollectionTimeSlots = resolveString ("timeslots-collection" , "QPI_TIMESLOTS_COLLECTION" , cfg .CollectionTimeSlots )
559571 cfg .CollectionQuantumJobs = resolveString ("jobs-collection" , "QPI_JOBS_COLLECTION" , cfg .CollectionQuantumJobs )
@@ -606,7 +618,7 @@ func NewFromFlags(cmd *cobra.Command) (*AppConfig, error) {
606618 }
607619
608620 // Load the TLS
609- cfg .tlsConfig , err = getTlsCertKeyPair (cfg .TlsCertFile , cfg .TlsKeyFile , cfg .DomainName , cfg .tlsCaConfig )
621+ cfg .tlsConfig , err = getTlsCertKeyPair (cfg .TlsCertFile , cfg .TlsKeyFile , cfg .DomainName , cfg .tlsCaConfig , cfg . IpAddr )
610622 if err != nil {
611623 return nil , fmt .Errorf ("[Config] NewFromFlags error: %w" , err )
612624 }
@@ -647,3 +659,13 @@ func fileExists(path string) bool {
647659
648660 return true
649661}
662+
663+ // parseIp parsed the IP string, returning an error if invalid
664+ func parseIpOrErr (value string ) (net.IP , error ) {
665+ parsedIP := net .ParseIP (value )
666+ if parsedIP == nil {
667+ return nil , fmt .Errorf ("invalid IP address: %s" , value )
668+ }
669+
670+ return parsedIP , nil
671+ }
0 commit comments