route/main.go

94 lines
2.4 KiB
Go
Raw Normal View History

2017-01-18 09:57:18 +00:00
package main
import (
2017-01-22 18:16:18 +00:00
"crypto/tls"
2017-01-18 09:57:18 +00:00
"flag"
"log"
"math/rand"
"net"
"net/http"
"time"
2017-01-26 04:22:27 +00:00
"git.xeserv.us/xena/route/lib/routecrypto"
"git.xeserv.us/xena/route/server"
2017-01-18 09:57:18 +00:00
"github.com/facebookgo/flagenv"
_ "github.com/joho/godotenv/autoload"
2017-01-22 18:16:18 +00:00
"golang.org/x/crypto/acme/autocert"
2017-01-18 09:57:18 +00:00
)
var (
rethinkDBHost = flag.String("rethink-host", "", "RethinkDB host")
rethinkDBDatabase = flag.String("rethink-database", "", "RethinkDB database")
controlKeyFile = flag.String("control-key-file", "", "Control host keyfile")
controlHost = flag.String("control-host", "", "Control host onion hash")
torDataDir = flag.String("tor-data-dir", "./var", "Tor data directory")
torHashedPassword = flag.String("tor-hashed-password", "", "Tor hashed password")
torPassword = flag.String("tor-password", "hunter2", "Tor clear password")
webPort = flag.String("web-port", "9234", "HTTP ingress port for backends and users")
2017-01-22 18:16:18 +00:00
sslPort = flag.String("ssl-port", "", "if set use this port for SSL HTTP requests (certs via LE, you agree to follow their TOS)")
domainSuffix = flag.String("domain-suffix", ".apps.xeserv.us", "Domain name suffix associated with the load balancer")
2017-01-26 04:22:27 +00:00
sslCertKey = flag.String("ssl-cert-key", "", "if set encrypt SSL certs with this key")
2017-01-18 09:57:18 +00:00
)
func main() {
flag.Parse()
flagenv.Parse()
rand.Seed(time.Now().Unix())
2017-01-26 04:22:27 +00:00
certKey, _ := routecrypto.ParseKey(*sslCertKey)
2017-01-20 00:31:22 +00:00
s, err := server.New(server.Config{
2017-01-18 09:57:18 +00:00
ControlHost: *controlHost,
ControlKeyFile: *controlKeyFile,
RethinkDBHost: *rethinkDBHost,
RethinkDBDatabase: *rethinkDBDatabase,
TorDataDir: *torDataDir,
TorHashedPassword: *torHashedPassword,
TorPassword: *torPassword,
WebPort: *webPort,
2017-01-22 18:16:18 +00:00
SSLPort: *sslPort,
DomainSuffix: *domainSuffix,
2017-01-26 04:22:27 +00:00
CertKey: certKey,
2017-01-18 09:57:18 +00:00
})
if err != nil {
log.Fatal(err)
}
2017-01-22 18:16:18 +00:00
if *sslPort != "" {
go setupACME(s)
}
2017-01-22 18:22:36 +00:00
l, err := net.Listen("tcp", "0.0.0.0:"+*webPort)
2017-01-18 09:57:18 +00:00
if err != nil {
log.Fatal(err)
}
defer l.Close()
hs := &http.Server{
Handler: s,
2017-01-22 18:22:36 +00:00
Addr: "0.0.0.0:" + *webPort,
2017-01-18 09:57:18 +00:00
}
hs.Serve(l)
}
2017-01-22 18:16:18 +00:00
func setupACME(s *server.Server) {
m := autocert.Manager{
Prompt: autocert.AcceptTOS,
2017-01-26 03:26:41 +00:00
Cache: s.CertCache,
2017-01-22 18:16:18 +00:00
HostPolicy: nil,
Email: "xena@yolo-swag.com",
}
hs := &http.Server{
Handler: s,
2017-01-22 18:22:36 +00:00
Addr: "0.0.0.0:" + *sslPort,
2017-01-22 18:16:18 +00:00
TLSConfig: &tls.Config{
GetCertificate: m.GetCertificate,
},
}
hs.ListenAndServeTLS("", "")
}