From 94a1edc4adb2c165b0001d6e3732aedce9a2b17f Mon Sep 17 00:00:00 2001 From: Frederik Ring Date: Wed, 20 Apr 2022 14:16:59 +0200 Subject: [PATCH] Allow disabling of certificate verification for WebDAV (#98) --- README.md | 12 +++++++++--- cmd/backup/config.go | 1 + cmd/backup/script.go | 10 ++++++++++ test/compose/docker-compose.yml | 1 + 4 files changed, 21 insertions(+), 3 deletions(-) diff --git a/README.md b/README.md index 02c2439..6a388ab 100644 --- a/README.md +++ b/README.md @@ -207,9 +207,9 @@ You can populate below template according to your requirements and use it as you # AWS_ENDPOINT_PROTO="https" # Setting this variable to `true` will disable verification of -# SSL certificates. You shouldn't use this unless you use self-signed -# certificates for your remote storage backend. This can only be used -# when AWS_ENDPOINT_PROTO is set to `https`. +# SSL certificates for AWS_ENDPOINT. You shouldn't use this unless you use +# self-signed certificates for your remote storage backend. This can only be +# used when AWS_ENDPOINT_PROTO is set to `https`. # AWS_ENDPOINT_INSECURE="true" @@ -232,6 +232,12 @@ You can populate below template according to your requirements and use it as you # WEBDAV_PASSWORD="password" +# Setting this variable to `true` will disable verification of +# SSL certificates for WEBDAV_URL. You shouldn't use this unless you use +# self-signed certificates for your remote storage backend. + +# WEBDAV_URL_INSECURE="true" + # In addition to storing backups remotely, you can also keep local copies. # Pass a container-local path to store your backups if needed. You also need to # mount a local folder or Docker volume into that location (`/archive` diff --git a/cmd/backup/config.go b/cmd/backup/config.go index 06c8c3a..4651d3a 100644 --- a/cmd/backup/config.go +++ b/cmd/backup/config.go @@ -36,6 +36,7 @@ type Config struct { EmailSMTPUsername string `envconfig:"EMAIL_SMTP_USERNAME"` EmailSMTPPassword string `envconfig:"EMAIL_SMTP_PASSWORD"` WebdavUrl string `split_words:"true"` + WebdavUrlInsecure bool `split_words:"true"` WebdavPath string `split_words:"true" default:"/"` WebdavUsername string `split_words:"true"` WebdavPassword string `split_words:"true"` diff --git a/cmd/backup/script.go b/cmd/backup/script.go index 8bc6074..26c67a3 100644 --- a/cmd/backup/script.go +++ b/cmd/backup/script.go @@ -9,6 +9,7 @@ import ( "fmt" "io" "io/fs" + "net/http" "os" "path" "path/filepath" @@ -146,6 +147,15 @@ func newScript() (*script, error) { } else { webdavClient := gowebdav.NewClient(s.c.WebdavUrl, s.c.WebdavUsername, s.c.WebdavPassword) s.webdavClient = webdavClient + if s.c.WebdavUrlInsecure { + defaultTransport, ok := http.DefaultTransport.(*http.Transport) + if !ok { + return nil, errors.New("newScript: unexpected error when asserting type for http.DefaultTransport") + } + webdavTransport := defaultTransport.Clone() + webdavTransport.TLSClientConfig.InsecureSkipVerify = s.c.WebdavUrlInsecure + s.webdavClient.SetTransport(webdavTransport) + } } } diff --git a/test/compose/docker-compose.yml b/test/compose/docker-compose.yml index 4c1c04e..5018dd9 100644 --- a/test/compose/docker-compose.yml +++ b/test/compose/docker-compose.yml @@ -43,6 +43,7 @@ services: BACKUP_PRUNING_PREFIX: test GPG_PASSPHRASE: 1234secret WEBDAV_URL: http://webdav/ + WEBDAV_URL_INSECURE: 'true' WEBDAV_PATH: /my/new/path/ WEBDAV_USERNAME: test WEBDAV_PASSWORD: test