tls fix

consul/discovery.go

@@ -17,6 +17,7 @@ type Service struct {
 	appID      string
 	domain     string
 	pathPrefix string
+	tls        bool
 	port       int
 	ttl        time.Duration
 	client     *consul.Client
@@ -37,6 +38,7 @@ func NewService(servAddr, id, name, useDomainOverIp, addr, domain, pathPrefix st
 	s.appID = id
 	s.domain = domain
 	s.pathPrefix = pathPrefix
+	s.tls = true // FIXME add arg
 	s.port = appPort
 	s.ttl = time.Second * 10
 
@@ -158,6 +160,7 @@ func (s *Service) healthCheck() (bool, error) {
 	alive := func() bool {
 		client := &http.Client{}
 		healthUrl := fmt.Sprintf("%s%s?name=%s", s.GetFullAddr(), "health", s.Name)
+		fmt.Printf("HealthCheck URL: %s%s?name=%s", s.GetFullAddr(), "health", s.Name)
 		req, err := http.NewRequest(http.MethodGet, healthUrl, nil)
 		if err != nil {
 			return false
@@ -196,26 +199,26 @@ func (s *Service) getTags() []string {
 		// "traefik.http.middlewares.auth_" + s.Name + ".forwardauth.trustForwardHeader=true",
 		// "traefik.http.middlewares.auth_" + s.Name + ".forwardauth.authRequestHeaders=Cookie",
 		// "traefik.http.middlewares.auth_" + s.Name + ".forwardauth.authResponseHeaders=Set-Cookie, Server",
-		"traefik.http.middlewares.auth_" + s.Name + ".plugin.auth.handlerURL=" + config.GetEnv("AUTH_HANDLER_URL", "http://identity.service.ego.io/api/v1/traefik"),
+		"traefik.http.middlewares.auth_" + s.Name + ".plugin.auth.handlerURL=" + config.GetEnv("AUTH_HANDLER_URL", "https://identity.service.ego.io/api/v1/traefik"),
 		"traefik.http.middlewares.stripprefix_" + s.Name + ".stripprefix.prefixes=" + s.pathPrefix,
 		"traefik.http.middlewares.requestid_" + s.Name + ".plugin.requestid.headerName=X-Request-ID",
 		// "treafik.http.middlewares.retryif_" + s.Name + ".plugin.retryif.attempts=3",
 		// "treafik.http.middlewares.retryif_" + s.Name + ".plugin.retryif.statusCode=503",
 		"traefik.http.routers." + s.Name + ".rule=PathPrefix(`" + s.pathPrefix + "`)",
-		// "traefik.http.routers." + s.Name + ".rule=Host(`" + s.domain + "`)",
+		"traefik.http.routers." + s.Name + ".rule=Host(`" + s.domain + "`)",
 		"traefik.http.routers." + s.Name + ".entryPoints=https",
-		// "traefik.http.routers." + s.Name + ".tls=true",
+		"traefik.http.routers." + s.Name + ".tls=true",
 		"traefik.http.routers." + s.Name + ".service=" + s.Name,
 		// "traefik.http.routers." + s.Name + ".middlewares=auth_" + s.Name + ",stripprefix_" + s.Name,
 		"traefik.http.routers." + s.Name + ".middlewares=auth_" + s.Name + ",stripprefix_" + s.Name + ",requestid_" + s.Name + "",
-		"traefik.http.services." + s.Name + ".loadbalancer.server.scheme=http",
+		"traefik.http.services." + s.Name + ".loadbalancer.server.scheme=https",
 		"traefik.http.services." + s.Name + ".loadbalancer.server.port=" + strconv.Itoa(s.port),
 		"traefik.http.services." + s.Name + ".loadbalancer.passhostheader=true",
 		"traefik.http.services." + s.Name + ".loadbalancer.healthcheck.interval=1s",
 		"traefik.http.services." + s.Name + ".loadbalancer.healthcheck.timeout=1s",
 		"traefik.http.services." + s.Name + ".loadbalancer.healthcheck.path=/health",
-		"traefik.tls.certificates.certfile=/certs/client.cert",
+		"traefik.tls.certificates.certfile=certs/client.cert",
-		"traefik.tls.certificates.keyfile=/certs/client.key",
+		"traefik.tls.certificates.keyfile=certs/client.key",
 	}
 
 	return tags