Skip to content
Projects
Groups
Snippets
Help
Loading...
Help
Support
Keyboard shortcuts
?
Submit feedback
Contribute to GitLab
Sign in / Register
Toggle navigation
C
caddy
Project overview
Project overview
Details
Activity
Releases
Repository
Repository
Files
Commits
Branches
Tags
Contributors
Graph
Compare
Issues
0
Issues
0
List
Boards
Labels
Milestones
Merge Requests
0
Merge Requests
0
Analytics
Analytics
Repository
Value Stream
Wiki
Wiki
Snippets
Snippets
Members
Members
Collapse sidebar
Close sidebar
Activity
Graph
Create a new issue
Commits
Issue Boards
Open sidebar
nexedi
caddy
Commits
4e92c712
Commit
4e92c712
authored
Oct 16, 2015
by
Matthew Holt
Browse files
Options
Browse Files
Download
Email Patches
Plain Diff
LE flags, modified tis directive, moved LE stuff to own file
parent
79de2a5d
Changes
6
Show whitespace changes
Inline
Side-by-side
Showing
6 changed files
with
93 additions
and
44 deletions
+93
-44
app/app.go
app/app.go
+24
-0
config/config.go
config/config.go
+19
-33
config/letsencrypt.go
config/letsencrypt.go
+35
-0
config/setup/tls.go
config/setup/tls.go
+11
-8
main.go
main.go
+2
-0
server/config.go
server/config.go
+2
-3
No files found.
app/app.go
View file @
4e92c712
...
...
@@ -7,6 +7,8 @@ package app
import
(
"errors"
"os"
"path/filepath"
"runtime"
"strconv"
"strings"
...
...
@@ -74,3 +76,25 @@ func SetCPU(cpu string) error {
runtime
.
GOMAXPROCS
(
numCPU
)
return
nil
}
// DataFolder returns the path to the folder
// where the application may store data. This
// currently resolves to ~/.caddy
func
DataFolder
()
string
{
return
filepath
.
Join
(
userHomeDir
(),
".caddy"
)
}
// userHomeDir returns the user's home directory according to
// environment variables.
//
// Credit: http://stackoverflow.com/a/7922977/1048862
func
userHomeDir
()
string
{
if
runtime
.
GOOS
==
"windows"
{
home
:=
os
.
Getenv
(
"HOMEDRIVE"
)
+
os
.
Getenv
(
"HOMEPATH"
)
if
home
==
""
{
home
=
os
.
Getenv
(
"USERPROFILE"
)
}
return
home
}
return
os
.
Getenv
(
"HOME"
)
}
config/config.go
View file @
4e92c712
package
config
import
(
"crypto/rand"
"crypto/rsa"
"errors"
"fmt"
"io"
...
...
@@ -77,25 +75,20 @@ func Load(filename string, input io.Reader) (Group, error) {
// restore logging settings
log
.
SetFlags
(
flags
)
privateKey
,
err
:=
rsa
.
GenerateKey
(
rand
.
Reader
,
2048
)
// Initiate Let's Encrypt
leUser
,
err
:=
NewLetsEncryptUser
(
"example1@mail.com"
)
if
err
!=
nil
{
return
Group
{},
err
ors
.
New
(
"Error Generating Key:"
+
err
.
Error
())
return
Group
{},
err
}
for
_
,
cfg
:=
range
configs
{
// TODO: && hostname does not resolve to localhost (?) && TLS is not force-disabled
if
!
cfg
.
TLS
.
Enabled
{
// Initiate Let's Encrypt
user
:=
LetsEncryptUser
{
Email
:
"example@mail.com"
,
Key
:
privateKey
,
}
client
:=
acme
.
NewClient
(
"http://192.168.99.100:4000"
,
&
user
,
2048
,
"5001"
)
// TODO: && !IsLoopback()
if
!
cfg
.
TLS
.
Enabled
&&
cfg
.
Port
!=
"http"
{
client
:=
acme
.
NewClient
(
"http://192.168.99.100:4000"
,
&
leUser
,
2048
,
"5001"
)
reg
,
err
:=
client
.
Register
()
if
err
!=
nil
{
return
Group
{},
errors
.
New
(
"Error Registering: "
+
err
.
Error
())
}
u
ser
.
Registration
=
reg
leU
ser
.
Registration
=
reg
err
=
client
.
AgreeToTos
()
if
err
!=
nil
{
...
...
@@ -106,8 +99,6 @@ func Load(filename string, input io.Reader) (Group, error) {
if
err
!=
nil
{
return
Group
{},
errors
.
New
(
"Error Obtaining Certs: "
+
err
.
Error
())
}
fmt
.
Printf
(
"%#v
\n
"
,
certs
)
}
}
...
...
@@ -115,22 +106,6 @@ func Load(filename string, input io.Reader) (Group, error) {
return
arrangeBindings
(
configs
)
}
type
LetsEncryptUser
struct
{
Email
string
Registration
*
acme
.
RegistrationResource
Key
*
rsa
.
PrivateKey
}
func
(
u
LetsEncryptUser
)
GetEmail
()
string
{
return
u
.
Email
}
func
(
u
LetsEncryptUser
)
GetRegistration
()
*
acme
.
RegistrationResource
{
return
u
.
Registration
}
func
(
u
LetsEncryptUser
)
GetPrivateKey
()
*
rsa
.
PrivateKey
{
return
u
.
Key
}
// serverBlockToConfig makes a config for the server block
// by executing the tokens that were parsed. The returned
// config is shared among all hosts/addresses for the server
...
...
@@ -303,11 +278,22 @@ func Default() (Group, error) {
return
arrangeBindings
([]
server
.
Config
{
NewDefault
()})
}
// These
three
defaults are configurable through the command line
// These defaults are configurable through the command line
var
(
// Site root
Root
=
DefaultRoot
// Site host
Host
=
DefaultHost
// Site port
Port
=
DefaultPort
// Let's Encrypt account email
LetsEncryptEmail
string
// Agreement to Let's Encrypt terms
LetsEncryptAgree
bool
)
type
Group
map
[
*
net
.
TCPAddr
][]
server
.
Config
config/letsencrypt.go
0 → 100644
View file @
4e92c712
package
config
import
(
"crypto/rand"
"crypto/rsa"
"errors"
"github.com/xenolf/lego/acme"
)
func
NewLetsEncryptUser
(
email
string
)
(
LetsEncryptUser
,
error
)
{
user
:=
LetsEncryptUser
{
Email
:
email
}
privateKey
,
err
:=
rsa
.
GenerateKey
(
rand
.
Reader
,
2048
)
if
err
!=
nil
{
return
user
,
errors
.
New
(
"error generating private key: "
+
err
.
Error
())
}
user
.
Key
=
privateKey
return
user
,
nil
}
type
LetsEncryptUser
struct
{
Email
string
Registration
*
acme
.
RegistrationResource
Key
*
rsa
.
PrivateKey
}
func
(
u
LetsEncryptUser
)
GetEmail
()
string
{
return
u
.
Email
}
func
(
u
LetsEncryptUser
)
GetRegistration
()
*
acme
.
RegistrationResource
{
return
u
.
Registration
}
func
(
u
LetsEncryptUser
)
GetPrivateKey
()
*
rsa
.
PrivateKey
{
return
u
.
Key
}
config/setup/tls.go
View file @
4e92c712
...
...
@@ -8,18 +8,21 @@ import (
)
func
TLS
(
c
*
Controller
)
(
middleware
.
Middleware
,
error
)
{
if
c
.
Port
!=
"http"
{
c
.
TLS
.
Enabled
=
true
for
c
.
Next
()
{
if
!
c
.
NextArg
()
{
return
nil
,
c
.
ArgErr
()
}
c
.
TLS
.
Certificate
=
c
.
Val
()
if
!
c
.
NextArg
()
{
for
c
.
Next
()
{
args
:=
c
.
RemainingArgs
()
switch
len
(
args
)
{
case
1
:
c
.
TLS
.
LetsEncryptEmail
=
args
[
0
]
case
2
:
c
.
TLS
.
Certificate
=
args
[
0
]
c
.
TLS
.
Key
=
args
[
1
]
default
:
return
nil
,
c
.
ArgErr
()
}
c
.
TLS
.
Key
=
c
.
Val
()
// Optional block
for
c
.
NextBlock
()
{
...
...
main.go
View file @
4e92c712
...
...
@@ -33,6 +33,8 @@ func init() {
flag
.
StringVar
(
&
config
.
Host
,
"host"
,
config
.
DefaultHost
,
"Default host"
)
flag
.
StringVar
(
&
config
.
Port
,
"port"
,
config
.
DefaultPort
,
"Default port"
)
flag
.
BoolVar
(
&
version
,
"version"
,
false
,
"Show version"
)
flag
.
BoolVar
(
&
config
.
LetsEncryptAgree
,
"agree"
,
false
,
"Agree to Let's Encrypt Subscriber Agreement"
)
flag
.
StringVar
(
&
config
.
LetsEncryptEmail
,
"email"
,
""
,
"Email address to use for Let's Encrypt account"
)
}
func
main
()
{
...
...
server/config.go
View file @
4e92c712
...
...
@@ -50,13 +50,12 @@ func (c Config) Address() string {
return
net
.
JoinHostPort
(
c
.
Host
,
c
.
Port
)
}
// TLSConfig describes how TLS should be configured and used,
// if at all. A certificate and key are both required.
// The rest is optional.
// TLSConfig describes how TLS should be configured and used.
type
TLSConfig
struct
{
Enabled
bool
Certificate
string
Key
string
LetsEncryptEmail
string
Ciphers
[]
uint16
ProtocolMinVersion
uint16
ProtocolMaxVersion
uint16
...
...
Write
Preview
Markdown
is supported
0%
Try again
or
attach a new file
Attach a file
Cancel
You are about to add
0
people
to the discussion. Proceed with caution.
Finish editing this message first!
Cancel
Please
register
or
sign in
to comment