cadey
/
route
1
0
Fork 0
Code Issues Pull Requests Releases Wiki Activity

main: clean up and use env

This commit is contained in:
Cadey Ratio 2017-04-28 16:28:03 -07:00
parent 30ebdbac7d
commit cc602bc7c5
1 changed files with 16 additions and 44 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

60
main.go
View File

@ -11,27 +11,13 @@ import (
"git.xeserv.us/xena/route/lib/routecrypto" "git.xeserv.us/xena/route/lib/routecrypto"
"git.xeserv.us/xena/route/server" "git.xeserv.us/xena/route/server"
"github.com/Xe/ln"
"github.com/caarlos0/env"
"github.com/facebookgo/flagenv" "github.com/facebookgo/flagenv"
_ "github.com/joho/godotenv/autoload" _ "github.com/joho/godotenv/autoload"
"golang.org/x/crypto/acme/autocert"
) )
var ( var (
rethinkDBHost = flag.String("rethink-host", "", "RethinkDB host")
rethinkDBDatabase = flag.String("rethink-database", "", "RethinkDB database")
torDataDir = flag.String("tor-data-dir", "./var", "Tor data directory")
torHashedPassword = flag.String("tor-hashed-password", "", "Tor hashed password")
torPassword = flag.String("tor-password", "hunter2", "Tor clear password")
webPort = flag.String("web-port", "9234", "HTTP ingress port for backends and users")
sslPort = flag.String("ssl-port", "", "if set use this port for SSL HTTP requests (certs via LE, you agree to follow their TOS)")
backendPort = flag.String("backend-port", "36971", "Port for TCP/TLS backends")
backendKCPPort = flag.String("backend-kcp-port", "23154", "Port for KCP/TLS backends")
domainSuffix = flag.String("domain-suffix", ".apps.xeserv.us", "Domain name suffix associated with the load balancer")
acmeEmail = flag.String("acme-email", "", "ACME email (must be set for SSL to work)")
sslCertKey = flag.String("ssl-cert-key", "", "if set encrypt SSL certs with this key") sslCertKey = flag.String("ssl-cert-key", "", "if set encrypt SSL certs with this key")
) )
@ -42,28 +28,21 @@ func main() {
certKey, _ := routecrypto.ParseKey(*sslCertKey) certKey, _ := routecrypto.ParseKey(*sslCertKey)
s, err := server.New(server.Config{ scfg := server.Config{}
RethinkDBHost: *rethinkDBHost, err := env.Parse(&scfg)
RethinkDBDatabase: *rethinkDBDatabase, if err != nil {
TorDataDir: *torDataDir, ln.Fatal(ln.F{"err": err, "action": "env.Parse()"})
TorHashedPassword: *torHashedPassword, }
TorPassword: *torPassword, scfg.CertKey = certKey
WebPort: *webPort,
SSLPort: *sslPort, s, err := server.New(scfg)
DomainSuffix: *domainSuffix,
CertKey: certKey,
BackendPort: ":" + *backendPort,
KCPPort: ":" + *backendKCPPort,
})
if err != nil { if err != nil {
log.Fatal(err) log.Fatal(err)
} }
if *sslPort != "" { go setupTLS(s, scfg)
go setupACME(s)
}
l, err := net.Listen("tcp", ":"+*webPort) l, err := net.Listen("tcp", scfg.WebAddr)
if err != nil { if err != nil {
log.Fatal(err) log.Fatal(err)
} }
@ -71,25 +50,18 @@ func main() {
hs := &http.Server{ hs := &http.Server{
Handler: s, Handler: s,
Addr: ":" + *webPort, Addr: scfg.WebAddr,
} }
hs.Serve(l) hs.Serve(l)
} }
func setupACME(s *server.Server) { func setupTLS(s *server.Server, scfg server.Config) {
m := autocert.Manager{
Prompt: autocert.AcceptTOS,
Cache: s.CertCache,
HostPolicy: nil,
Email: *acmeEmail,
}
hs := &http.Server{ hs := &http.Server{
Handler: s, Handler: s,
Addr: ":" + *sslPort, Addr: scfg.SSLAddr,
TLSConfig: &tls.Config{ TLSConfig: &tls.Config{
GetCertificate: m.GetCertificate, GetCertificate: s.GetCertificate,
}, },
} }