2017-01-18 09:57:18 +00:00
|
|
|
package main
|
|
|
|
|
|
|
|
import (
|
2017-01-22 18:16:18 +00:00
|
|
|
"crypto/tls"
|
2017-01-18 09:57:18 +00:00
|
|
|
"flag"
|
|
|
|
"log"
|
|
|
|
"math/rand"
|
|
|
|
"net"
|
|
|
|
"net/http"
|
|
|
|
"time"
|
|
|
|
|
2017-01-26 04:22:27 +00:00
|
|
|
"git.xeserv.us/xena/route/lib/routecrypto"
|
2017-01-18 17:02:44 +00:00
|
|
|
"git.xeserv.us/xena/route/server"
|
2017-01-18 09:57:18 +00:00
|
|
|
"github.com/facebookgo/flagenv"
|
|
|
|
_ "github.com/joho/godotenv/autoload"
|
2017-01-22 18:16:18 +00:00
|
|
|
"golang.org/x/crypto/acme/autocert"
|
2017-01-18 09:57:18 +00:00
|
|
|
)
|
|
|
|
|
|
|
|
var (
|
|
|
|
rethinkDBHost = flag.String("rethink-host", "", "RethinkDB host")
|
|
|
|
rethinkDBDatabase = flag.String("rethink-database", "", "RethinkDB database")
|
|
|
|
controlKeyFile = flag.String("control-key-file", "", "Control host keyfile")
|
|
|
|
controlHost = flag.String("control-host", "", "Control host onion hash")
|
|
|
|
torDataDir = flag.String("tor-data-dir", "./var", "Tor data directory")
|
|
|
|
torHashedPassword = flag.String("tor-hashed-password", "", "Tor hashed password")
|
|
|
|
torPassword = flag.String("tor-password", "hunter2", "Tor clear password")
|
|
|
|
webPort = flag.String("web-port", "9234", "HTTP ingress port for backends and users")
|
2017-01-22 18:16:18 +00:00
|
|
|
sslPort = flag.String("ssl-port", "", "if set use this port for SSL HTTP requests (certs via LE, you agree to follow their TOS)")
|
2017-01-18 17:02:44 +00:00
|
|
|
domainSuffix = flag.String("domain-suffix", ".apps.xeserv.us", "Domain name suffix associated with the load balancer")
|
2017-01-26 04:22:27 +00:00
|
|
|
|
|
|
|
sslCertKey = flag.String("ssl-cert-key", "", "if set encrypt SSL certs with this key")
|
2017-01-18 09:57:18 +00:00
|
|
|
)
|
|
|
|
|
|
|
|
func main() {
|
|
|
|
flag.Parse()
|
|
|
|
flagenv.Parse()
|
|
|
|
rand.Seed(time.Now().Unix())
|
|
|
|
|
2017-01-26 04:22:27 +00:00
|
|
|
certKey, _ := routecrypto.ParseKey(*sslCertKey)
|
|
|
|
|
2017-01-20 00:31:22 +00:00
|
|
|
s, err := server.New(server.Config{
|
2017-01-18 09:57:18 +00:00
|
|
|
ControlHost: *controlHost,
|
|
|
|
ControlKeyFile: *controlKeyFile,
|
|
|
|
RethinkDBHost: *rethinkDBHost,
|
|
|
|
RethinkDBDatabase: *rethinkDBDatabase,
|
|
|
|
TorDataDir: *torDataDir,
|
|
|
|
TorHashedPassword: *torHashedPassword,
|
|
|
|
TorPassword: *torPassword,
|
2017-01-18 17:02:44 +00:00
|
|
|
WebPort: *webPort,
|
2017-01-22 18:16:18 +00:00
|
|
|
SSLPort: *sslPort,
|
2017-01-18 17:02:44 +00:00
|
|
|
DomainSuffix: *domainSuffix,
|
2017-01-26 04:22:27 +00:00
|
|
|
CertKey: certKey,
|
2017-01-18 09:57:18 +00:00
|
|
|
})
|
|
|
|
if err != nil {
|
|
|
|
log.Fatal(err)
|
|
|
|
}
|
|
|
|
|
2017-01-22 18:16:18 +00:00
|
|
|
if *sslPort != "" {
|
|
|
|
go setupACME(s)
|
|
|
|
}
|
|
|
|
|
2017-01-22 18:22:36 +00:00
|
|
|
l, err := net.Listen("tcp", "0.0.0.0:"+*webPort)
|
2017-01-18 09:57:18 +00:00
|
|
|
if err != nil {
|
|
|
|
log.Fatal(err)
|
|
|
|
}
|
|
|
|
defer l.Close()
|
|
|
|
|
|
|
|
hs := &http.Server{
|
|
|
|
Handler: s,
|
2017-01-22 18:22:36 +00:00
|
|
|
Addr: "0.0.0.0:" + *webPort,
|
2017-01-18 09:57:18 +00:00
|
|
|
}
|
|
|
|
|
|
|
|
hs.Serve(l)
|
|
|
|
}
|
2017-01-22 18:16:18 +00:00
|
|
|
|
|
|
|
func setupACME(s *server.Server) {
|
|
|
|
m := autocert.Manager{
|
|
|
|
Prompt: autocert.AcceptTOS,
|
2017-01-26 03:26:41 +00:00
|
|
|
Cache: s.CertCache,
|
2017-01-22 18:16:18 +00:00
|
|
|
HostPolicy: nil,
|
|
|
|
Email: "xena@yolo-swag.com",
|
|
|
|
}
|
|
|
|
|
|
|
|
hs := &http.Server{
|
|
|
|
Handler: s,
|
2017-01-22 18:22:36 +00:00
|
|
|
Addr: "0.0.0.0:" + *sslPort,
|
2017-01-22 18:16:18 +00:00
|
|
|
TLSConfig: &tls.Config{
|
|
|
|
GetCertificate: m.GetCertificate,
|
|
|
|
},
|
|
|
|
}
|
|
|
|
|
|
|
|
hs.ListenAndServeTLS("", "")
|
|
|
|
}
|