Compare commits
2 commits
b62d5edef5
...
1c941679ba
Author | SHA1 | Date | |
---|---|---|---|
Felix Niederwanger | 1c941679ba | ||
Felix Niederwanger | e280f31495 |
|
@ -58,6 +58,8 @@ func sanityCheckHooks(hooks []Hook) error {
|
|||
}
|
||||
|
||||
func main() {
|
||||
var err error
|
||||
|
||||
cf.SetDefaults()
|
||||
if len(os.Args) < 2 {
|
||||
usage()
|
||||
|
@ -122,7 +124,6 @@ func main() {
|
|||
awaitTerminationSignal()
|
||||
|
||||
if cf.Settings.TLS.Enabled {
|
||||
// Note: Sanity check happens at program startup, here we assume all settings are good
|
||||
log.Printf("Launching tls webserver on %s", cf.Settings.BindAddress)
|
||||
server := &http.Server{
|
||||
Addr: cf.Settings.BindAddress,
|
||||
|
@ -134,7 +135,6 @@ func main() {
|
|||
MinVersion: tls.VersionTLS12,
|
||||
}
|
||||
if cf.Settings.TLS.MinVersion != "" {
|
||||
var err error
|
||||
tlsConfig.MinVersion, err = ParseTLSVersion(cf.Settings.TLS.MinVersion)
|
||||
if err != nil {
|
||||
fmt.Fprintf(os.Stderr, "error: tls min version invalid\n")
|
||||
|
@ -142,7 +142,6 @@ func main() {
|
|||
}
|
||||
}
|
||||
if cf.Settings.TLS.MaxVersion != "" {
|
||||
var err error
|
||||
tlsConfig.MaxVersion, err = ParseTLSVersion(cf.Settings.TLS.MinVersion)
|
||||
if err != nil {
|
||||
fmt.Fprintf(os.Stderr, "error: tls min version invalid\n")
|
||||
|
@ -152,14 +151,14 @@ func main() {
|
|||
if tlsConfig.MinVersion == tls.VersionTLS10 || tlsConfig.MinVersion == tls.VersionTLS11 {
|
||||
fmt.Fprintf(os.Stderr, "warning: using of a deprecated TLS version (< 1.2) is not recommended\n")
|
||||
}
|
||||
|
||||
// Create self-signed certificate, when no keyfile and no certificates are present
|
||||
if len(cf.Settings.TLS.Keypairs) == 0 {
|
||||
// TODO
|
||||
fmt.Fprintf(os.Stderr, "error: creating self-signed certificates is not yet implemented")
|
||||
fmt.Fprintf(os.Stderr, "error: creating self-signed certificates is not yet supported")
|
||||
os.Exit(1)
|
||||
} else {
|
||||
var err error
|
||||
// Load certificates
|
||||
// Load key/certificates keypairs
|
||||
tlsConfig.Certificates = make([]tls.Certificate, len(cf.Settings.TLS.Keypairs))
|
||||
for i, keypair := range cf.Settings.TLS.Keypairs {
|
||||
tlsConfig.Certificates[i], err = tls.LoadX509KeyPair(keypair.Certificate, keypair.Keyfile)
|
||||
|
@ -195,8 +194,10 @@ func main() {
|
|||
err := server.ListenAndServe()
|
||||
log.Fatal(err)
|
||||
}
|
||||
log.Printf("unexpected end of main loop")
|
||||
os.Exit(1)
|
||||
|
||||
// read guard, should never ever ever be called.
|
||||
// If we end up here, the only safe thing we can do is terminate the program
|
||||
panic("unexpected end of main loop")
|
||||
}
|
||||
|
||||
// create a http handler function from the given hook
|
||||
|
|
33
doc/weblug.8
33
doc/weblug.8
|
@ -50,6 +50,29 @@ See the following example configuration file:
|
|||
.br
|
||||
.B " gid: 0 # run under specified group id
|
||||
.br
|
||||
.B " # Enable TLS here here
|
||||
.br
|
||||
.B " tls:
|
||||
.br
|
||||
.B " enabled: true
|
||||
.br
|
||||
.B " # Minimum and maximum required TLS version. By default TLS1.2 is the minimum
|
||||
.br
|
||||
.B " minversion: '1.2'
|
||||
.br
|
||||
.B " maxversion: ''
|
||||
.br
|
||||
.B " keypairs:
|
||||
.br
|
||||
.B " - keyfile: 'weblug.key'
|
||||
.br
|
||||
.B " certificate: 'weblug1.pem'
|
||||
.br
|
||||
.B " - keyfile: 'weblug.key'
|
||||
.br
|
||||
.B " certificate: 'weblug2.pem'
|
||||
.br
|
||||
.br
|
||||
.B "# hook definitions. A hook needs to define the HTTP endpoint ("route") and the command
|
||||
.br
|
||||
.B "# See the following examples for more possible options.
|
||||
|
@ -60,6 +83,16 @@ See the following example configuration file:
|
|||
.br
|
||||
.B " route: "/webhooks/1"
|
||||
.br
|
||||
.B " # if hosts is present, then limit the incoming requests to the given remote host(s)
|
||||
.br
|
||||
.B " # Currently multiplexing the same route to different hosts does not work
|
||||
.br
|
||||
.B " hosts:
|
||||
.br
|
||||
.B " - example1.local
|
||||
.br
|
||||
.B " - example2.local
|
||||
.br
|
||||
.B " command: "sleep 5"
|
||||
.br
|
||||
.B " background: True # Terminate http request immediately
|
||||
|
|
|
@ -14,7 +14,7 @@ settings:
|
|||
# Enable TLS here here
|
||||
tls:
|
||||
enabled: true
|
||||
# Minimum and maximum requires TLS version. By default TLS1.2 is the minimum
|
||||
# Minimum and maximum required TLS version. By default TLS1.2 is the minimum
|
||||
minversion: '1.2'
|
||||
maxversion: ''
|
||||
keypairs:
|
||||
|
|
Loading…
Reference in a new issue