From 914e5a47b570fa4b8961ff849cbe669aee000f44 Mon Sep 17 00:00:00 2001 From: Dimitri Sokolyuk Date: Mon, 15 Feb 2016 19:09:47 +0100 Subject: Simplify config outline --- cmd/acme/config.go | 68 ++++++++------------------------ cmd/acme/docker.yaml | 31 ++++++--------- cmd/acme/main.go | 108 ++++++++++++++++++++++++++------------------------- 3 files changed, 83 insertions(+), 124 deletions(-) diff --git a/cmd/acme/config.go b/cmd/acme/config.go index 0ff38e0..32a4451 100644 --- a/cmd/acme/config.go +++ b/cmd/acme/config.go @@ -7,40 +7,21 @@ import ( "strings" "time" - "dim13.org/acme" "gopkg.in/yaml.v2" ) const defKeySize = 2048 type Config struct { - Defaults defaults - Provider map[string]provider - Account map[string]account - Hook map[string]hook - Desire map[string]desire - Flow []flow -} - -type flow struct { - Provider string - Account string - Desire string -} - -type defaults struct { Gracetime time.Duration Listen string ListenTLS string - Provider string - Account string Basedir string KeySize int -} - -type provider struct { - Directory string - *acme.Provider + Provider map[string]string + Account map[string]account + Desire map[string]desire + Hook map[string]string } type account struct { @@ -49,12 +30,6 @@ type account struct { KeySize int Key string registered bool - *acme.Account - acme.Contacts -} - -type hook struct { - CMD string } type desire struct { @@ -65,10 +40,7 @@ type desire struct { Key string Cert string Webroot string - Hooks []string - provider *provider - account *account - *acme.Desire + Hook []string } var ( @@ -91,12 +63,12 @@ func LoadConfig(fname string) (*Config, error) { return nil, err } // apply defaults - if c.Defaults.KeySize == 0 { - c.Defaults.KeySize = defKeySize + if c.KeySize == 0 { + c.KeySize = defKeySize } for k, v := range c.Account { if v.KeySize == 0 { - v.KeySize = c.Defaults.KeySize + v.KeySize = c.KeySize } if v.Mail == "" { return nil, errNoMail @@ -104,30 +76,22 @@ func LoadConfig(fname string) (*Config, error) { if v.Key == "" { return nil, errNoKey } - if c.Defaults.Basedir != "" { - v.Key = path.Join(c.Defaults.Basedir, v.Key) + if c.Basedir != "" { + v.Key = path.Join(c.Basedir, v.Key) } c.Account[k] = v } for k, v := range c.Desire { if v.Provider == "" { - if c.Defaults.Provider != "" { - v.Provider = c.Defaults.Provider - } else { - return nil, errNoProvider - } + return nil, errNoProvider } //v.provider = c.Provider[v.Provider] if v.Account == "" { - if c.Defaults.Account != "" { - v.Account = c.Defaults.Account - } else { - return nil, errNoAccount - } + return nil, errNoAccount } //v.account = c.Account[v.Account] if v.KeySize == 0 { - v.KeySize = c.Defaults.KeySize + v.KeySize = c.KeySize } if v.Key == "" { return nil, errNoKey @@ -135,9 +99,9 @@ func LoadConfig(fname string) (*Config, error) { if v.Cert == "" { return nil, errNoCert } - if c.Defaults.Basedir != "" { - v.Key = path.Join(c.Defaults.Basedir, v.Key) - v.Cert = path.Join(c.Defaults.Basedir, v.Cert) + if c.Basedir != "" { + v.Key = path.Join(c.Basedir, v.Key) + v.Cert = path.Join(c.Basedir, v.Cert) } switch len(v.Altnames) { case 0: diff --git a/cmd/acme/docker.yaml b/cmd/acme/docker.yaml index 5715918..5a7f813 100644 --- a/cmd/acme/docker.yaml +++ b/cmd/acme/docker.yaml @@ -1,14 +1,11 @@ -defaults: - gracetime: 168h0m0s - listen: localhost:8080 - listentls: localhost:8443 - provider: les - account: webmaster - basedir: .acme - keysize: 2048 +gracetime: 168h +listen: localhost:8080 +listentls: localhost:8443 +basedir: .acme +keysize: 2048 provider: - les: - directory: https://acme-staging.api.letsencrypt.org/directory + les: https://acme-staging.api.letsencrypt.org/directory + le: https://acme-v1.api.letsencrypt.org/directory account: webmaster: mail: webmaster@docker.moccu.com @@ -17,21 +14,17 @@ account: mail: webmaster@docker.moccu.com key: private/webmaster2.key hook: - nginx: - cmd: sudo service nginx reload + nginx: sudo service nginx reload desire: docker: + provider: les + account: webmaster altnames: [ docker.moccu.com, test.docker.moccu.com ] key: private/docker_moccu_com.key cert: certs/docker_moccu_com.pem www: + provider: les + account: webmaster2 altnames: [ www.docker.moccu.com, docker.moccu.com ] key: private/www_docker_moccu_com.key cert: certs/www_docker_moccu_com.pem -flow: - - desire: docker - account: webmaster - provider: les - - desire: www - account: webmaster2 - provider: les diff --git a/cmd/acme/main.go b/cmd/acme/main.go index 48b9ba0..c483434 100644 --- a/cmd/acme/main.go +++ b/cmd/acme/main.go @@ -7,8 +7,6 @@ import ( "log" "os" "runtime/trace" - - "dim13.org/acme" ) var ( @@ -16,6 +14,7 @@ var ( tracing = flag.String("trace", "", "trace output file") ) +/* func prepare(conf *Config) error { var err error @@ -57,6 +56,7 @@ func prepare(conf *Config) error { return nil } +*/ func main() { flag.Parse() @@ -76,60 +76,62 @@ func main() { fmt.Printf("%+v\n", conf) return - var httpSol, tlsSol acme.Solver - if conf.Defaults.Listen != "" { - httpSol, err = acme.NewHTTPSolver(conf.Defaults.Listen) - if err != nil { - log.Println(err) + /* + var httpSol, tlsSol acme.Solver + if conf.Defaults.Listen != "" { + httpSol, err = acme.NewHTTPSolver(conf.Defaults.Listen) + if err != nil { + log.Println(err) + } } - } - if conf.Defaults.ListenTLS != "" { - tlsSol, err = acme.NewTLSSolver(conf.Defaults.ListenTLS) - if err != nil { - log.Println(err) + if conf.Defaults.ListenTLS != "" { + tlsSol, err = acme.NewTLSSolver(conf.Defaults.ListenTLS) + if err != nil { + log.Println(err) + } } - } - if err := prepare(conf); err != nil { - log.Fatal(err) - } + if err := prepare(conf); err != nil { + log.Fatal(err) + } - // register accs first - for k, des := range conf.Desire { - if des.account.registered { - continue - } - log.Println("register", k) - err := des.provider.Register(des.account, des.account.Contacts) - if err != nil { - log.Fatal(err) - } - des.account.registered = true - } + // register accs first + for k, des := range conf.Desire { + if des.account.registered { + continue + } + log.Println("register", k) + err := des.provider.Register(des.account, des.account.Contacts) + if err != nil { + log.Fatal(err) + } + des.account.registered = true + } - // satisfice - for k, des := range conf.Desire { - log.Println("satisfice", k) - if des.Webroot != "" { - wrSol := acme.NewWebrootSolver(des.Webroot) - des.RegisterSolver(wrSol) - } else if httpSol != nil { - des.RegisterSolver(httpSol) - } - if tlsSol != nil { - des.RegisterSolver(tlsSol) - } - if !des.HasSolver() { - log.Fatal("no Solver available") - } + // satisfice + for k, des := range conf.Desire { + log.Println("satisfice", k) + if des.Webroot != "" { + wrSol := acme.NewWebrootSolver(des.Webroot) + des.RegisterSolver(wrSol) + } else if httpSol != nil { + des.RegisterSolver(httpSol) + } + if tlsSol != nil { + des.RegisterSolver(tlsSol) + } + if !des.HasSolver() { + log.Fatal("no Solver available") + } - if err := des.provider.Authorize(des.account, des.Desire); err != nil { - log.Fatal(err) - } - if err := des.provider.Bundle(des.account, des.Desire); err != nil { - log.Fatal(err) - } - if err := des.Save(des.Cert, des.Key); err != nil { - log.Fatal(err) - } - } + if err := des.provider.Authorize(des.account, des.Desire); err != nil { + log.Fatal(err) + } + if err := des.provider.Bundle(des.account, des.Desire); err != nil { + log.Fatal(err) + } + if err := des.Save(des.Cert, des.Key); err != nil { + log.Fatal(err) + } + } + */ } -- cgit v1.2.3