package main import ( "crypto/tls" "flag" "log" "math/rand" "net" "net/http" "time" "git.xeserv.us/xena/route/lib/routecrypto" "git.xeserv.us/xena/route/server" "github.com/facebookgo/flagenv" _ "github.com/joho/godotenv/autoload" "golang.org/x/crypto/acme/autocert" ) var ( rethinkDBHost = flag.String("rethink-host", "", "RethinkDB host") rethinkDBDatabase = flag.String("rethink-database", "", "RethinkDB database") controlKeyFile = flag.String("control-key-file", "", "Control host keyfile") controlHost = flag.String("control-host", "", "Control host onion hash") torDataDir = flag.String("tor-data-dir", "./var", "Tor data directory") torHashedPassword = flag.String("tor-hashed-password", "", "Tor hashed password") torPassword = flag.String("tor-password", "hunter2", "Tor clear password") webPort = flag.String("web-port", "9234", "HTTP ingress port for backends and users") sslPort = flag.String("ssl-port", "", "if set use this port for SSL HTTP requests (certs via LE, you agree to follow their TOS)") domainSuffix = flag.String("domain-suffix", ".apps.xeserv.us", "Domain name suffix associated with the load balancer") sslCertKey = flag.String("ssl-cert-key", "", "if set encrypt SSL certs with this key") ) func main() { flag.Parse() flagenv.Parse() rand.Seed(time.Now().Unix()) certKey, _ := routecrypto.ParseKey(*sslCertKey) s, err := server.New(server.Config{ ControlHost: *controlHost, ControlKeyFile: *controlKeyFile, RethinkDBHost: *rethinkDBHost, RethinkDBDatabase: *rethinkDBDatabase, TorDataDir: *torDataDir, TorHashedPassword: *torHashedPassword, TorPassword: *torPassword, WebPort: *webPort, SSLPort: *sslPort, DomainSuffix: *domainSuffix, CertKey: certKey, }) if err != nil { log.Fatal(err) } if *sslPort != "" { go setupACME(s) } l, err := net.Listen("tcp", "0.0.0.0:"+*webPort) if err != nil { log.Fatal(err) } defer l.Close() hs := &http.Server{ Handler: s, Addr: "0.0.0.0:" + *webPort, } hs.Serve(l) } func setupACME(s *server.Server) { m := autocert.Manager{ Prompt: autocert.AcceptTOS, Cache: s.CertCache, HostPolicy: nil, Email: "xena@yolo-swag.com", } hs := &http.Server{ Handler: s, Addr: "0.0.0.0:" + *sslPort, TLSConfig: &tls.Config{ GetCertificate: m.GetCertificate, }, } hs.ListenAndServeTLS("", "") }