aboutsummaryrefslogtreecommitdiff
diff options
context:
space:
mode:
authorDimitri Sokolyuk <demon@dim13.org>2016-02-15 19:09:47 +0100
committerDimitri Sokolyuk <demon@dim13.org>2016-02-15 19:09:47 +0100
commit914e5a47b570fa4b8961ff849cbe669aee000f44 (patch)
tree3c73fe788f386303b5d00239b3a500c758bab7b8
parent57a3ec18dca79ab4e8d624694d010519c4aa3851 (diff)
Simplify config outline
-rw-r--r--cmd/acme/config.go68
-rw-r--r--cmd/acme/docker.yaml31
-rw-r--r--cmd/acme/main.go108
3 files changed, 83 insertions, 124 deletions
diff --git a/cmd/acme/config.go b/cmd/acme/config.go
index 0ff38e0..32a4451 100644
--- a/cmd/acme/config.go
+++ b/cmd/acme/config.go
@@ -7,40 +7,21 @@ import (
"strings"
"time"
- "dim13.org/acme"
"gopkg.in/yaml.v2"
)
const defKeySize = 2048
type Config struct {
- Defaults defaults
- Provider map[string]provider
- Account map[string]account
- Hook map[string]hook
- Desire map[string]desire
- Flow []flow
-}
-
-type flow struct {
- Provider string
- Account string
- Desire string
-}
-
-type defaults struct {
Gracetime time.Duration
Listen string
ListenTLS string
- Provider string
- Account string
Basedir string
KeySize int
-}
-
-type provider struct {
- Directory string
- *acme.Provider
+ Provider map[string]string
+ Account map[string]account
+ Desire map[string]desire
+ Hook map[string]string
}
type account struct {
@@ -49,12 +30,6 @@ type account struct {
KeySize int
Key string
registered bool
- *acme.Account
- acme.Contacts
-}
-
-type hook struct {
- CMD string
}
type desire struct {
@@ -65,10 +40,7 @@ type desire struct {
Key string
Cert string
Webroot string
- Hooks []string
- provider *provider
- account *account
- *acme.Desire
+ Hook []string
}
var (
@@ -91,12 +63,12 @@ func LoadConfig(fname string) (*Config, error) {
return nil, err
}
// apply defaults
- if c.Defaults.KeySize == 0 {
- c.Defaults.KeySize = defKeySize
+ if c.KeySize == 0 {
+ c.KeySize = defKeySize
}
for k, v := range c.Account {
if v.KeySize == 0 {
- v.KeySize = c.Defaults.KeySize
+ v.KeySize = c.KeySize
}
if v.Mail == "" {
return nil, errNoMail
@@ -104,30 +76,22 @@ func LoadConfig(fname string) (*Config, error) {
if v.Key == "" {
return nil, errNoKey
}
- if c.Defaults.Basedir != "" {
- v.Key = path.Join(c.Defaults.Basedir, v.Key)
+ if c.Basedir != "" {
+ v.Key = path.Join(c.Basedir, v.Key)
}
c.Account[k] = v
}
for k, v := range c.Desire {
if v.Provider == "" {
- if c.Defaults.Provider != "" {
- v.Provider = c.Defaults.Provider
- } else {
- return nil, errNoProvider
- }
+ return nil, errNoProvider
}
//v.provider = c.Provider[v.Provider]
if v.Account == "" {
- if c.Defaults.Account != "" {
- v.Account = c.Defaults.Account
- } else {
- return nil, errNoAccount
- }
+ return nil, errNoAccount
}
//v.account = c.Account[v.Account]
if v.KeySize == 0 {
- v.KeySize = c.Defaults.KeySize
+ v.KeySize = c.KeySize
}
if v.Key == "" {
return nil, errNoKey
@@ -135,9 +99,9 @@ func LoadConfig(fname string) (*Config, error) {
if v.Cert == "" {
return nil, errNoCert
}
- if c.Defaults.Basedir != "" {
- v.Key = path.Join(c.Defaults.Basedir, v.Key)
- v.Cert = path.Join(c.Defaults.Basedir, v.Cert)
+ if c.Basedir != "" {
+ v.Key = path.Join(c.Basedir, v.Key)
+ v.Cert = path.Join(c.Basedir, v.Cert)
}
switch len(v.Altnames) {
case 0:
diff --git a/cmd/acme/docker.yaml b/cmd/acme/docker.yaml
index 5715918..5a7f813 100644
--- a/cmd/acme/docker.yaml
+++ b/cmd/acme/docker.yaml
@@ -1,14 +1,11 @@
-defaults:
- gracetime: 168h0m0s
- listen: localhost:8080
- listentls: localhost:8443
- provider: les
- account: webmaster
- basedir: .acme
- keysize: 2048
+gracetime: 168h
+listen: localhost:8080
+listentls: localhost:8443
+basedir: .acme
+keysize: 2048
provider:
- les:
- directory: https://acme-staging.api.letsencrypt.org/directory
+ les: https://acme-staging.api.letsencrypt.org/directory
+ le: https://acme-v1.api.letsencrypt.org/directory
account:
webmaster:
mail: webmaster@docker.moccu.com
@@ -17,21 +14,17 @@ account:
mail: webmaster@docker.moccu.com
key: private/webmaster2.key
hook:
- nginx:
- cmd: sudo service nginx reload
+ nginx: sudo service nginx reload
desire:
docker:
+ provider: les
+ account: webmaster
altnames: [ docker.moccu.com, test.docker.moccu.com ]
key: private/docker_moccu_com.key
cert: certs/docker_moccu_com.pem
www:
+ provider: les
+ account: webmaster2
altnames: [ www.docker.moccu.com, docker.moccu.com ]
key: private/www_docker_moccu_com.key
cert: certs/www_docker_moccu_com.pem
-flow:
- - desire: docker
- account: webmaster
- provider: les
- - desire: www
- account: webmaster2
- provider: les
diff --git a/cmd/acme/main.go b/cmd/acme/main.go
index 48b9ba0..c483434 100644
--- a/cmd/acme/main.go
+++ b/cmd/acme/main.go
@@ -7,8 +7,6 @@ import (
"log"
"os"
"runtime/trace"
-
- "dim13.org/acme"
)
var (
@@ -16,6 +14,7 @@ var (
tracing = flag.String("trace", "", "trace output file")
)
+/*
func prepare(conf *Config) error {
var err error
@@ -57,6 +56,7 @@ func prepare(conf *Config) error {
return nil
}
+*/
func main() {
flag.Parse()
@@ -76,60 +76,62 @@ func main() {
fmt.Printf("%+v\n", conf)
return
- var httpSol, tlsSol acme.Solver
- if conf.Defaults.Listen != "" {
- httpSol, err = acme.NewHTTPSolver(conf.Defaults.Listen)
- if err != nil {
- log.Println(err)
+ /*
+ var httpSol, tlsSol acme.Solver
+ if conf.Defaults.Listen != "" {
+ httpSol, err = acme.NewHTTPSolver(conf.Defaults.Listen)
+ if err != nil {
+ log.Println(err)
+ }
}
- }
- if conf.Defaults.ListenTLS != "" {
- tlsSol, err = acme.NewTLSSolver(conf.Defaults.ListenTLS)
- if err != nil {
- log.Println(err)
+ if conf.Defaults.ListenTLS != "" {
+ tlsSol, err = acme.NewTLSSolver(conf.Defaults.ListenTLS)
+ if err != nil {
+ log.Println(err)
+ }
}
- }
- if err := prepare(conf); err != nil {
- log.Fatal(err)
- }
+ if err := prepare(conf); err != nil {
+ log.Fatal(err)
+ }
- // register accs first
- for k, des := range conf.Desire {
- if des.account.registered {
- continue
- }
- log.Println("register", k)
- err := des.provider.Register(des.account, des.account.Contacts)
- if err != nil {
- log.Fatal(err)
- }
- des.account.registered = true
- }
+ // register accs first
+ for k, des := range conf.Desire {
+ if des.account.registered {
+ continue
+ }
+ log.Println("register", k)
+ err := des.provider.Register(des.account, des.account.Contacts)
+ if err != nil {
+ log.Fatal(err)
+ }
+ des.account.registered = true
+ }
- // satisfice
- for k, des := range conf.Desire {
- log.Println("satisfice", k)
- if des.Webroot != "" {
- wrSol := acme.NewWebrootSolver(des.Webroot)
- des.RegisterSolver(wrSol)
- } else if httpSol != nil {
- des.RegisterSolver(httpSol)
- }
- if tlsSol != nil {
- des.RegisterSolver(tlsSol)
- }
- if !des.HasSolver() {
- log.Fatal("no Solver available")
- }
+ // satisfice
+ for k, des := range conf.Desire {
+ log.Println("satisfice", k)
+ if des.Webroot != "" {
+ wrSol := acme.NewWebrootSolver(des.Webroot)
+ des.RegisterSolver(wrSol)
+ } else if httpSol != nil {
+ des.RegisterSolver(httpSol)
+ }
+ if tlsSol != nil {
+ des.RegisterSolver(tlsSol)
+ }
+ if !des.HasSolver() {
+ log.Fatal("no Solver available")
+ }
- if err := des.provider.Authorize(des.account, des.Desire); err != nil {
- log.Fatal(err)
- }
- if err := des.provider.Bundle(des.account, des.Desire); err != nil {
- log.Fatal(err)
- }
- if err := des.Save(des.Cert, des.Key); err != nil {
- log.Fatal(err)
- }
- }
+ if err := des.provider.Authorize(des.account, des.Desire); err != nil {
+ log.Fatal(err)
+ }
+ if err := des.provider.Bundle(des.account, des.Desire); err != nil {
+ log.Fatal(err)
+ }
+ if err := des.Save(des.Cert, des.Key); err != nil {
+ log.Fatal(err)
+ }
+ }
+ */
}