Update manpage

cmd/weblug/weblug.go

@@ -58,6 +58,8 @@ func sanityCheckHooks(hooks []Hook) error {
 }
 
 func main() {
+	var err error
+
 	cf.SetDefaults()
 	if len(os.Args) < 2 {
 		usage()
@@ -122,7 +124,6 @@ func main() {
 	awaitTerminationSignal()
 
 	if cf.Settings.TLS.Enabled {
-		// Note: Sanity check happens at program startup, here we assume all settings are good
 		log.Printf("Launching tls webserver on %s", cf.Settings.BindAddress)
 		server := &http.Server{
 			Addr:           cf.Settings.BindAddress,
@@ -134,7 +135,6 @@ func main() {
 			MinVersion: tls.VersionTLS12,
 		}
 		if cf.Settings.TLS.MinVersion != "" {
-			var err error
 			tlsConfig.MinVersion, err = ParseTLSVersion(cf.Settings.TLS.MinVersion)
 			if err != nil {
 				fmt.Fprintf(os.Stderr, "error: tls min version invalid\n")
@@ -142,7 +142,6 @@ func main() {
 			}
 		}
 		if cf.Settings.TLS.MaxVersion != "" {
-			var err error
 			tlsConfig.MaxVersion, err = ParseTLSVersion(cf.Settings.TLS.MinVersion)
 			if err != nil {
 				fmt.Fprintf(os.Stderr, "error: tls min version invalid\n")
@@ -152,14 +151,14 @@ func main() {
 		if tlsConfig.MinVersion == tls.VersionTLS10 || tlsConfig.MinVersion == tls.VersionTLS11 {
 			fmt.Fprintf(os.Stderr, "warning: using of a deprecated TLS version (< 1.2) is not recommended\n")
 		}
+
 		// Create self-signed certificate, when no keyfile and no certificates are present
 		if len(cf.Settings.TLS.Keypairs) == 0 {
 			// TODO
-			fmt.Fprintf(os.Stderr, "error: creating self-signed certificates is not yet implemented")
+			fmt.Fprintf(os.Stderr, "error: creating self-signed certificates is not yet supported")
 			os.Exit(1)
 		} else {
-			var err error
-			// Load certificates
+			// Load key/certificates keypairs
 			tlsConfig.Certificates = make([]tls.Certificate, len(cf.Settings.TLS.Keypairs))
 			for i, keypair := range cf.Settings.TLS.Keypairs {
 				tlsConfig.Certificates[i], err = tls.LoadX509KeyPair(keypair.Certificate, keypair.Keyfile)
@@ -195,8 +194,10 @@ func main() {
 		err := server.ListenAndServe()
 		log.Fatal(err)
 	}
-	log.Printf("unexpected end of main loop")
-	os.Exit(1)
+
+	// read guard, should never ever ever be called.
+	// If we end up here, the only safe thing we can do is terminate the program
+	panic("unexpected end of main loop")
 }
 
 // create a http handler function from the given hook

doc/weblug.8

@@ -50,6 +50,29 @@ See the following example configuration file:
 .br
 .B "  gid: 0                     # run under specified group id
 .br
+.B "  # Enable TLS here here
+.br
+.B "  tls:
+.br
+.B "    enabled: true
+.br
+.B "    # Minimum and maximum required TLS version. By default TLS1.2 is the minimum
+.br
+.B "    minversion: '1.2'
+.br
+.B "    maxversion: ''
+.br
+.B "    keypairs:
+.br
+.B "      - keyfile: 'weblug.key'
+.br
+.B "        certificate: 'weblug1.pem'
+.br
+.B "      - keyfile: 'weblug.key'
+.br
+.B "        certificate: 'weblug2.pem'
+.br
+.br
 .B "# hook definitions. A hook needs to define the HTTP endpoint ("route") and the command
 .br
 .B "# See the following examples for more possible options.
@@ -60,6 +83,16 @@ See the following example configuration file:
 .br
 .B "    route: "/webhooks/1"
 .br
+.B "    # if hosts is present, then limit the incoming requests to the given remote host(s)
+.br
+.B "    # Currently multiplexing the same route to different hosts does not work
+.br
+.B "    hosts:
+.br
+.B "      - example1.local
+.br
+.B "      - example2.local
+.br
 .B "    command: "sleep 5"
 .br
 .B "    background: True         # Terminate http request immediately

weblug.yml

@@ -14,7 +14,7 @@ settings:
   # Enable TLS here here
   tls:
     enabled: true
-    # Minimum and maximum requires TLS version. By default TLS1.2 is the minimum
+    # Minimum and maximum required TLS version. By default TLS1.2 is the minimum
     minversion: '1.2'
     maxversion: ''
     keypairs: