From 1d338e266441d64963d9ff93d343074f4d87bb15 Mon Sep 17 00:00:00 2001 From: Dimitri Sokolyuk Date: Tue, 15 Mar 2016 09:09:40 +0100 Subject: Flatten config tree --- cmd/acme/config.go | 79 ++++++++++++++++++++++++----------------------------- cmd/acme/docker.yml | 47 ++++++++++++++++--------------- cmd/acme/main.go | 24 ++++++---------- 3 files changed, 66 insertions(+), 84 deletions(-) diff --git a/cmd/acme/config.go b/cmd/acme/config.go index bec6a19..693f827 100644 --- a/cmd/acme/config.go +++ b/cmd/acme/config.go @@ -27,13 +27,9 @@ type Config struct { ListenTLS string BaseDir string KeySize int - Provider []provider - Hook map[string]string -} - -type provider struct { Directory string Account []account + Hook map[string]string } type account struct { @@ -92,52 +88,47 @@ func LoadConfig(fname string) (*Config, error) { if c.KeySize == 0 { c.KeySize = defKeySize } + if c.Directory == "" { + c.Directory = acme.LE1 + } - replace := func(s string) string { return strings.Replace(s, ".", "_", -1) } - - for i, pro := range c.Provider { - if pro.Directory == "" { - pro.Directory = acme.LE1 + for i, acc := range c.Account { + if acc.KeySize == 0 { + acc.KeySize = c.KeySize } - c.Provider[i] = pro - for i, acc := range pro.Account { - if acc.KeySize == 0 { - acc.KeySize = c.KeySize + if acc.Mail == "" { + return nil, errNoMail + } + if acc.KeyFile == "" { + return nil, errNoKey + } + if c.BaseDir != "" { + acc.KeyFile = path.Join(c.BaseDir, acc.KeyFile) + } + c.Account[i] = acc + for i, dom := range acc.Domain { + if dom.Gracetime != 0 { + dom.Gracetime = c.Gracetime } - if acc.Mail == "" { - return nil, errNoMail + if dom.KeySize == 0 { + dom.KeySize = c.KeySize } - if acc.KeyFile == "" { - return nil, errNoKey + if len(dom.Altnames) == 0 { + return nil, errNoAltNames } - if c.BaseDir != "" { - acc.KeyFile = path.Join(c.BaseDir, acc.KeyFile) + dom.Altnames = checkWWW(dom.Altnames) + d := dom.Altnames[0] + if dom.KeyFile == "" { + dom.KeyFile = path.Join(keyPath, d+".key") + } + if dom.CrtFile == "" { + dom.CrtFile = path.Join(crtPath, d+".pem") } - pro.Account[i] = acc - for i, dom := range acc.Domain { - if dom.Gracetime != 0 { - dom.Gracetime = c.Gracetime - } - if dom.KeySize == 0 { - dom.KeySize = c.KeySize - } - if len(dom.Altnames) == 0 { - return nil, errNoAltNames - } - dom.Altnames = checkWWW(dom.Altnames) - d := dom.Altnames[0] - if dom.KeyFile == "" { - dom.KeyFile = path.Join(keyPath, replace(d)+".key") - } - if dom.CrtFile == "" { - dom.CrtFile = path.Join(crtPath, replace(d)+".pem") - } - if c.BaseDir != "" { - dom.KeyFile = path.Join(c.BaseDir, dom.KeyFile) - dom.CrtFile = path.Join(c.BaseDir, dom.CrtFile) - } - acc.Domain[i] = dom + if c.BaseDir != "" { + dom.KeyFile = path.Join(c.BaseDir, dom.KeyFile) + dom.CrtFile = path.Join(c.BaseDir, dom.CrtFile) } + acc.Domain[i] = dom } } diff --git a/cmd/acme/docker.yml b/cmd/acme/docker.yml index bbf9a94..1c00937 100644 --- a/cmd/acme/docker.yml +++ b/cmd/acme/docker.yml @@ -2,31 +2,30 @@ gracetime: 168h listen: localhost:8080 listentls: localhost:8443 basedir: .acme +directory: https://acme-staging.api.letsencrypt.org/directory -provider: -- directory: https://acme-staging.api.letsencrypt.org/directory - account: - - mail: webmaster@docker.moccu.com - keyfile: private/webmaster.key - domain: - - altnames: [ docker.moccu.com, test.docker.moccu.com ] - keyfile: private/docker_moccu_com.key - crtfile: certs/docker_moccu_com.pem - - mail: webmaster2@docker.moccu.com - keyfile: private/webmaster2.key - domain: - - altnames: [ www.docker.moccu.com ] - keyfile: private/www_docker_moccu_com.key - crtfile: certs/www_docker_moccu_com.pem - - mail: mailmaster@docker.moccu.com - keyfile: private/mailmaster.key - domain: - - altnames: [ mail.docker.moccu.com ] - keyfile: private/mail_docker_moccu_com.key - crtfile: certs/mail_docker_moccu_com.pem - - altnames: [ test2.docker.moccu.com ] - keyfile: private/test2_docker_moccu_com.key - crtfile: certs/test2_docker_moccu_com.pem +account: +- mail: webmaster@docker.moccu.com + keyfile: private/webmaster.key + domain: + - altnames: [ docker.moccu.com, test.docker.moccu.com ] + keyfile: private/docker_moccu_com.key + crtfile: certs/docker_moccu_com.pem +- mail: webmaster2@docker.moccu.com + keyfile: private/webmaster2.key + domain: + - altnames: [ www.docker.moccu.com ] + keyfile: private/www_docker_moccu_com.key + crtfile: certs/www_docker_moccu_com.pem +- mail: mailmaster@docker.moccu.com + keyfile: private/mailmaster.key + domain: + - altnames: [ mail.docker.moccu.com ] + keyfile: private/mail_docker_moccu_com.key + crtfile: certs/mail_docker_moccu_com.pem + - altnames: [ test2.docker.moccu.com ] + keyfile: private/test2_docker_moccu_com.key + crtfile: certs/test2_docker_moccu_com.pem hook: nginx: sudo service nginx reload diff --git a/cmd/acme/main.go b/cmd/acme/main.go index 669aebc..050ee4c 100644 --- a/cmd/acme/main.go +++ b/cmd/acme/main.go @@ -15,20 +15,6 @@ var ( httpSol, tlsSol acme.Solver ) -func dialProvider(p provider) error { - log.Println("Dial", p.Directory) - prov, err := acme.DialProvider(p.Directory) - if err != nil { - return err - } - for _, a := range p.Account { - if err := loadAccount(prov, a); err != nil { - return err - } - } - return nil -} - func load(a account) (*acme.Signer, error) { key, err := a.Load() if err != nil { @@ -148,8 +134,14 @@ func main() { log.Println("TLS Solver", err) } - for _, p := range conf.Provider { - if err := dialProvider(p); err != nil { + log.Println("Dial", conf.Directory) + prov, err := acme.DialProvider(conf.Directory) + if err != nil { + log.Fatal(err) + } + + for _, a := range conf.Account { + if err := loadAccount(prov, a); err != nil { log.Fatal(err) } } -- cgit v1.2.3