Containerized TLS routing.
A pre-built Docker image is available for immediate use. The following environment variables are required:
BUCKET, the AWS bucket in which the TLS router configuration is stored.AWS_ACCESS_KEY_ID, this key must have access to the S3 bucket in which backups will be stored.AWS_SECRET_ACCESS_KEY.
The following optional variables are also available:
STORAGE_PREFIX, an arbitrary prefix from which to retrieve the TLS router configuration.
An example:
docker run \
-e BUCKET=my-bucket \
-e AWS_ACCESS_KEY_ID=myawsaccesskey \
-e AWS_SECRET_ACCESS_KEY=mysecretaccesskey \
furiousluke/tlsrouterSpecifying secret keys directly on the command line is not generally
recommended. Typically, secrets will make their way into containers as files
located somewhere like /run/secrets. These may be specified as follows:
docker run \
-e BUCKET=my-bucket \
-e AWS_ACCESS_KEY_ID_FILE=/run/secrets/aws_access_key_id \
-e AWS_SECRET_ACCESS_KEY_FILE=/run/secrets/aws_secret_access_key \
furiousluke/tlsrouterWhen launched, a configuration file is read from S3 from
s3://$BUCKET/$STORAGE_PREFIX/tlsrouter.conf.
The heavy lifting of performing TLS routing is handled by tlsrouter, which
can be found
here.