epic/play-with-docker
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

Add let's encrypt support

Browse Source
This commit is contained in:
Jonathan Leibiusky @xetorthio
2017-08-30 10:31:26 -03:00
parent beec1628be
commit fc3dfa6844
2 changed files with 36 additions and 3 deletions
Download Patch File Download Diff File Expand all files Collapse all files

18
config/config.go
View File

@@ -2,6 +2,7 @@ package config
import ( import (
"flag" "flag"
"fmt"
"os" "os"
"regexp" "regexp"
"time" "time"
@@ -21,11 +22,26 @@ var NameFilter = regexp.MustCompile(PWDHostPortGroupRegex)
var AliasFilter = regexp.MustCompile(AliasPortGroupRegex) var AliasFilter = regexp.MustCompile(AliasPortGroupRegex)
var SSLPortNumber, PortNumber, Key, Cert, SessionsFile, PWDContainerName, L2ContainerName, L2Subdomain, PWDCName, HashKey, SSHKeyPath, L2RouterIP string var SSLPortNumber, PortNumber, Key, Cert, SessionsFile, PWDContainerName, L2ContainerName, L2Subdomain, PWDCName, HashKey, SSHKeyPath, L2RouterIP string
var UseLetsEncrypt bool
var LetsEncryptCertsDir string
var LetsEncryptDomains stringslice
var MaxLoadAvg float64 var MaxLoadAvg float64
type stringslice []string
func (i *stringslice) String() string {
return fmt.Sprintf("%s", *i)
}
func (i *stringslice) Set(value string) error {
*i = append(*i, value)
return nil
}
func ParseFlags() { func ParseFlags() {
flag.Var(&LetsEncryptDomains, "letsencrypt-domain", "List of domains to validate with let's encrypt")
flag.StringVar(&LetsEncryptCertsDir, "letsencrypt-certs-dir", "/certs", "Path where let's encrypt certs will be stored")
flag.BoolVar(&UseLetsEncrypt, "use-letsencrypt", false, "Enabled let's encrypt tls certificates")
flag.StringVar(&PortNumber, "port", "3000", "Give a TCP port to run the application") flag.StringVar(&PortNumber, "port", "3000", "Give a TCP port to run the application")
flag.StringVar(&SSLPortNumber, "sslPort", "3001", "Give a SSL TCP port")
flag.StringVar(&Key, "key", "./pwd/server-key.pem", "Server key for SSL") flag.StringVar(&Key, "key", "./pwd/server-key.pem", "Server key for SSL")
flag.StringVar(&Cert, "cert", "./pwd/server.pem", "Give a SSL cert") flag.StringVar(&Cert, "cert", "./pwd/server.pem", "Give a SSL cert")
flag.StringVar(&SessionsFile, "save", "./pwd/sessions", "Tell where to store sessions file") flag.StringVar(&SessionsFile, "save", "./pwd/sessions", "Tell where to store sessions file")

21
handlers/bootstrap.go
View File

@@ -1,11 +1,14 @@
package handlers package handlers
import ( import (
"crypto/tls"
"log" "log"
"net/http" "net/http"
"os" "os"
"time" "time"
"golang.org/x/crypto/acme/autocert"
"github.com/googollee/go-socket.io" "github.com/googollee/go-socket.io"
gh "github.com/gorilla/handlers" gh "github.com/gorilla/handlers"
"github.com/gorilla/mux" "github.com/gorilla/mux"
@@ -91,9 +94,23 @@ func Register() {
IdleTimeout: 30 * time.Second, IdleTimeout: 30 * time.Second,
ReadHeaderTimeout: 5 * time.Second, ReadHeaderTimeout: 5 * time.Second,
} }
if config.UseLetsEncrypt {
certManager := autocert.Manager{
Prompt: autocert.AcceptTOS,
HostPolicy: autocert.HostWhitelist(config.LetsEncryptDomains...),
Cache: autocert.DirCache(config.LetsEncryptCertsDir),
}
httpServer.TLSConfig = &tls.Config{
GetCertificate: certManager.GetCertificate,
}
log.Println("Listening on port " + config.PortNumber)
log.Fatal(httpServer.ListenAndServeTLS("", ""))
} else {
log.Println("Listening on port " + config.PortNumber)
log.Fatal(httpServer.ListenAndServe())
}
log.Println("Listening on port " + config.PortNumber)
log.Fatal(httpServer.ListenAndServe())
} }
func RegisterEvents(s *socketio.Server) { func RegisterEvents(s *socketio.Server) {