From b38218d7d0cd043e95de6ccd85b46e63aebee22b Mon Sep 17 00:00:00 2001 From: Dimitri Sokolyuk Date: Tue, 15 Mar 2016 12:23:13 +0100 Subject: Restructure config --- cmd/acme/config.go | 24 ++++++++++++------------ cmd/acme/dim13.yml | 37 ++++++++++++++++++------------------- cmd/acme/docker.yml | 13 +------------ cmd/acme/file.go | 10 +++++----- cmd/acme/main.go | 26 +++++++++++++------------- 5 files changed, 49 insertions(+), 61 deletions(-) (limited to 'cmd') diff --git a/cmd/acme/config.go b/cmd/acme/config.go index 91320e7..3e3cf40 100644 --- a/cmd/acme/config.go +++ b/cmd/acme/config.go @@ -28,11 +28,11 @@ type Config struct { BaseDir string KeySize int Directory string - Account []account + Desire []desire Hook map[string]string } -type account struct { +type desire struct { Mail string Phone string KeySize int @@ -92,19 +92,19 @@ func LoadConfig(fname string) (*Config, error) { c.Directory = acme.LE1 } - for i, acc := range c.Account { - if acc.KeySize == 0 { - acc.KeySize = c.KeySize + for i, des := range c.Desire { + if des.KeySize == 0 { + des.KeySize = c.KeySize } - if acc.Mail == "" { + if des.Mail == "" { return nil, errNoMail } - if acc.KeyFile == "" { - acc.KeyFile = acc.Mail + ".key" + if des.KeyFile == "" { + des.KeyFile = des.Mail + ".key" } - acc.KeyFile = path.Join(c.BaseDir, keyPath, acc.KeyFile) - c.Account[i] = acc - for i, dom := range acc.Domain { + des.KeyFile = path.Join(c.BaseDir, keyPath, des.KeyFile) + c.Desire[i] = des + for i, dom := range des.Domain { if dom.Gracetime != 0 { dom.Gracetime = c.Gracetime } @@ -123,7 +123,7 @@ func LoadConfig(fname string) (*Config, error) { } dom.KeyFile = path.Join(c.BaseDir, keyPath, dom.KeyFile) dom.CrtFile = path.Join(c.BaseDir, crtPath, dom.CrtFile) - acc.Domain[i] = dom + des.Domain[i] = dom } } diff --git a/cmd/acme/dim13.yml b/cmd/acme/dim13.yml index 7dc80a4..3124ba3 100644 --- a/cmd/acme/dim13.yml +++ b/cmd/acme/dim13.yml @@ -2,25 +2,24 @@ listen: localhost:8080 listentls: localhost:8443 basedir: ~/.acme -provider: -- account: - - mail: postmaster@dim13.org - keyfile: postmaster.key - domain: - - altnames: - - mail.dim13.org - - smtp.dim13.org - - imap.dim13.org - hook: [ dovecot, smtpd ] - - mail: webmaster@dim13.org - keyfile: webmaster.key - domain: - - altnames: - - www.dim13.org - hook: [ nginx ] - - altnames: - - git.dim13.org - - cvs.dim13.org +desire: +- mail: postmaster@dim13.org + keyfile: postmaster.key + domain: + - altnames: + - mail.dim13.org + - smtp.dim13.org + - imap.dim13.org + hook: [ dovecot, smtpd ] +- mail: webmaster@dim13.org + keyfile: webmaster.key + domain: + - altnames: + - www.dim13.org + hook: [ nginx ] + - altnames: + - git.dim13.org + - cvs.dim13.org hook: nginx: /etc/rc.d/nginx restart diff --git a/cmd/acme/docker.yml b/cmd/acme/docker.yml index 1c00937..9206d37 100644 --- a/cmd/acme/docker.yml +++ b/cmd/acme/docker.yml @@ -4,28 +4,17 @@ listentls: localhost:8443 basedir: .acme directory: https://acme-staging.api.letsencrypt.org/directory -account: +desire: - mail: webmaster@docker.moccu.com - keyfile: private/webmaster.key domain: - altnames: [ docker.moccu.com, test.docker.moccu.com ] - keyfile: private/docker_moccu_com.key - crtfile: certs/docker_moccu_com.pem - mail: webmaster2@docker.moccu.com - keyfile: private/webmaster2.key domain: - altnames: [ www.docker.moccu.com ] - keyfile: private/www_docker_moccu_com.key - crtfile: certs/www_docker_moccu_com.pem - mail: mailmaster@docker.moccu.com - keyfile: private/mailmaster.key domain: - altnames: [ mail.docker.moccu.com ] - keyfile: private/mail_docker_moccu_com.key - crtfile: certs/mail_docker_moccu_com.pem - altnames: [ test2.docker.moccu.com ] - keyfile: private/test2_docker_moccu_com.key - crtfile: certs/test2_docker_moccu_com.pem hook: nginx: sudo service nginx reload diff --git a/cmd/acme/file.go b/cmd/acme/file.go index 8b6b1a4..b54246b 100644 --- a/cmd/acme/file.go +++ b/cmd/acme/file.go @@ -65,11 +65,11 @@ func (d domain) Load() (tls.Certificate, error) { return crt, err } -func (a account) Save(key crypto.PrivateKey) error { - if err := os.MkdirAll(path.Dir(a.KeyFile), 0700); err != nil { +func (d desire) Save(key crypto.PrivateKey) error { + if err := os.MkdirAll(path.Dir(d.KeyFile), 0700); err != nil { return err } - fd, err := NewFile(a.KeyFile, 0600) + fd, err := NewFile(d.KeyFile, 0600) if err != nil { return err } @@ -77,8 +77,8 @@ func (a account) Save(key crypto.PrivateKey) error { return acme.SaveKey(fd, key) } -func (a account) Load() (crypto.PrivateKey, error) { - fd, err := os.Open(a.KeyFile) +func (d desire) Load() (crypto.PrivateKey, error) { + fd, err := os.Open(d.KeyFile) if err != nil { return nil, err } diff --git a/cmd/acme/main.go b/cmd/acme/main.go index 050ee4c..4155404 100644 --- a/cmd/acme/main.go +++ b/cmd/acme/main.go @@ -15,28 +15,28 @@ var ( httpSol, tlsSol acme.Solver ) -func load(a account) (*acme.Signer, error) { - key, err := a.Load() +func load(d desire) (*acme.Signer, error) { + key, err := d.Load() if err != nil { return nil, err } - log.Println("Load", a.KeyFile) + log.Println("Load", d.KeyFile) return acme.NewSigner(key) } -func register(prov *acme.Provider, a account) (*acme.Signer, error) { - key, err := acme.NewKey(a.KeySize) +func register(prov *acme.Provider, d desire) (*acme.Signer, error) { + key, err := acme.NewKey(d.KeySize) if err != nil { return nil, err } - defer a.Save(key) + defer d.Save(key) sig, err := acme.NewSigner(key) if err != nil { return nil, err } - con, err := acme.NewContacts(a.Mail, a.Phone) + con, err := acme.NewContacts(d.Mail, d.Phone) if err != nil { return nil, err } @@ -53,15 +53,15 @@ func register(prov *acme.Provider, a account) (*acme.Signer, error) { return sig, nil } -func loadAccount(prov *acme.Provider, a account) error { - sig, err := load(a) +func loadAccount(prov *acme.Provider, d desire) error { + sig, err := load(d) if err != nil { - sig, err = register(prov, a) + sig, err = register(prov, d) if err != nil { return err } } - for _, d := range a.Domain { + for _, d := range d.Domain { if err := requestCert(prov, sig, d); err != nil { return err } @@ -140,8 +140,8 @@ func main() { log.Fatal(err) } - for _, a := range conf.Account { - if err := loadAccount(prov, a); err != nil { + for _, d := range conf.Desire { + if err := loadAccount(prov, d); err != nil { log.Fatal(err) } } -- cgit v1.2.3