diff options
Diffstat (limited to 'pkg/cfg')
| -rw-r--r-- | pkg/cfg/cfg.go | 34 | ||||
| -rw-r--r-- | pkg/cfg/mux.go | 11 | ||||
| -rw-r--r-- | pkg/cfg/option.go | 3 | ||||
| -rw-r--r-- | pkg/cfg/tls.go | 75 |
4 files changed, 0 insertions, 123 deletions
diff --git a/pkg/cfg/cfg.go b/pkg/cfg/cfg.go deleted file mode 100644 index 0d7a6427..00000000 --- a/pkg/cfg/cfg.go +++ /dev/null @@ -1,34 +0,0 @@ -package cfg - -import ( - "crypto/tls" - "net/http" -) - -type Config struct { - BindAddress string - Mux http.Handler - TLS *tls.Config -} - -func New(addr string, options ...Option) *Config { - if addr == "" { - addr = ":0" - } - - c := &Config{ - BindAddress: addr, - Mux: http.DefaultServeMux, - } - for _, option := range options { - option(c) - } - return c -} - -func (c *Config) Run(server *http.Server) error { - if c.TLS != nil { - return server.ListenAndServeTLS("", "") - } - return server.ListenAndServe() -} diff --git a/pkg/cfg/mux.go b/pkg/cfg/mux.go deleted file mode 100644 index 6c6f4375..00000000 --- a/pkg/cfg/mux.go +++ /dev/null @@ -1,11 +0,0 @@ -package cfg - -import ( - "net/http" -) - -func WithMux(mux http.Handler) Option { - return func(config *Config) { - config.Mux = mux - } -} diff --git a/pkg/cfg/option.go b/pkg/cfg/option.go deleted file mode 100644 index 0f3e87d8..00000000 --- a/pkg/cfg/option.go +++ /dev/null @@ -1,3 +0,0 @@ -package cfg - -type Option func(*Config) diff --git a/pkg/cfg/tls.go b/pkg/cfg/tls.go deleted file mode 100644 index bce6e186..00000000 --- a/pkg/cfg/tls.go +++ /dev/null @@ -1,75 +0,0 @@ -package cfg - -import ( - "context" - "crypto/tls" - "crypto/x509" - "encoding/pem" - "io/ioutil" - "net/http" - "os" - "path/filepath" - - "github.com/caddyserver/certmagic" - "github.com/xlgmokha/x/pkg/x" - "go.uber.org/zap" -) - -func WithSelfSigned(cert, key string) Option { - certificate := x.Must(tls.LoadX509KeyPair(cert, key)) - - return func(config *Config) { - config.TLS = &tls.Config{ - MinVersion: tls.VersionTLS13, - Certificates: []tls.Certificate{certificate}, - } - } -} - -func WithTLS(domainNames []string) Option { - directoryURL := "https://localhost:8081/acme/acme/directory" - storage := &certmagic.FileStorage{ - Path: filepath.Join(x.Must(os.Getwd()), "/tmp/cache"), - } - var cache *certmagic.Cache - cache = certmagic.NewCache(certmagic.CacheOptions{ - GetConfigForCert: func(cert certmagic.Certificate) (*certmagic.Config, error) { - return certmagic.New(cache, certmagic.Config{ - Logger: x.Must(zap.NewProduction()), - OnDemand: new(certmagic.OnDemandConfig), - Storage: storage, - }), nil - }, - }) - roots := x.Must(x509.SystemCertPool()) - roots.AddCert(func() *x509.Certificate { - block, _ := pem.Decode(x.Must(ioutil.ReadFile( - filepath.Join(x.Must(os.Getwd()), "/tmp/step/certs/root_ca.crt"), - ))) - return x.Must(x509.ParseCertificate(block.Bytes)) - }()) - magic := certmagic.New(cache, certmagic.Config{ - Logger: x.Must(zap.NewProduction()), - OnDemand: new(certmagic.OnDemandConfig), - Storage: storage, - }) - issuer := certmagic.NewACMEIssuer(magic, certmagic.ACMEIssuer{ - Agreed: true, - Email: "email@example.com", - CA: directoryURL, - TestCA: directoryURL, - TrustedRoots: roots, - }) - magic.Issuers = []certmagic.Issuer{issuer} - - if err := http.ListenAndServe(":80", issuer.HTTPChallengeHandler(http.DefaultServeMux)); err != nil { - return func(*Config) {} - } - - x.Check(magic.ManageSync(context.Background(), domainNames)) - - return func(config *Config) { - config.TLS = magic.TLSConfig() - config.TLS.NextProtos = append([]string{"h2", "http/1.1"}, config.TLS.NextProtos...) - } -} |