Skip to content
This repository was archived by the owner on Oct 13, 2023. It is now read-only.

Commit 7b2f8d7

Browse files
dssengAkihiroSuda
authored andcommitted
Use certs.d
from XDG_CONFIG_HOME when in rootless mode Signed-off-by: Dmitry Sharshakov <d3dx12.xx@gmail.com> (cherry picked from commit f4fa98f583a64d736eea1bb3a8fab755e159fdf4) Signed-off-by: Akihiro Suda <akihiro.suda.cz@hco.ntt.co.jp> Upstream-commit: a2d887b6f5a1a97b6bc5d015054f7d290088892c Component: engine
1 parent 169aca7 commit 7b2f8d7

1 file changed

Lines changed: 16 additions & 1 deletion

File tree

components/engine/registry/registry.go

Lines changed: 16 additions & 1 deletion
Original file line numberDiff line numberDiff line change
@@ -17,6 +17,9 @@ import (
1717
"github.com/docker/go-connections/sockets"
1818
"github.com/docker/go-connections/tlsconfig"
1919
"github.com/sirupsen/logrus"
20+
21+
"github.com/docker/docker/pkg/homedir"
22+
"github.com/docker/docker/rootless"
2023
)
2124

2225
var (
@@ -32,7 +35,19 @@ func newTLSConfig(hostname string, isSecure bool) (*tls.Config, error) {
3235
tlsConfig.InsecureSkipVerify = !isSecure
3336

3437
if isSecure && CertsDir != "" {
35-
hostDir := filepath.Join(CertsDir, cleanPath(hostname))
38+
certsDir := CertsDir
39+
40+
if rootless.RunningWithRootlessKit() {
41+
configHome, err := homedir.GetConfigHome()
42+
if err != nil {
43+
return nil, err
44+
}
45+
46+
certsDir = filepath.Join(configHome, "docker/certs.d")
47+
}
48+
49+
hostDir := filepath.Join(certsDir, cleanPath(hostname))
50+
3651
logrus.Debugf("hostDir: %s", hostDir)
3752
if err := ReadCertsDirectory(tlsConfig, hostDir); err != nil {
3853
return nil, err

0 commit comments

Comments
 (0)