1
0
mirror of https://github.com/astaxie/beego.git synced 2024-11-22 05:40:54 +00:00
This commit is contained in:
Ruben Cid 2018-07-20 18:53:57 +02:00
parent f18283a517
commit 38f9a3c49e
4 changed files with 152 additions and 4 deletions

31
app.go
View File

@ -30,6 +30,7 @@ import (
"github.com/astaxie/beego/grace"
"github.com/astaxie/beego/logs"
"github.com/astaxie/beego/utils"
"golang.org/x/crypto/acme/autocert"
)
var (
@ -125,7 +126,18 @@ func (app *App) Run(mws ...MiddleWare) {
server := grace.NewServer(httpsAddr, app.Handlers)
server.Server.ReadTimeout = app.Server.ReadTimeout
server.Server.WriteTimeout = app.Server.WriteTimeout
if BConfig.Listen.EnableMutualHTTPS {
if BConfig.Listen.AutoTLS {
m := autocert.Manager{
Prompt: autocert.AcceptTOS,
HostPolicy: autocert.HostWhitelist(BConfig.Listen.Domains...),
Cache: autocert.DirCache(BConfig.Listen.TLSCacheDir),
}
app.Server.TLSConfig = &tls.Config{GetCertificate: m.GetCertificate}
BConfig.Listen.HTTPSCertFile, BConfig.Listen.HTTPSKeyFile = "", ""
} else if BConfig.Listen.EnableMutualHTTPS {
if err := server.ListenAndServeMutualTLS(BConfig.Listen.HTTPSCertFile, BConfig.Listen.HTTPSKeyFile, BConfig.Listen.TrustCaFile); err != nil {
logs.Critical("ListenAndServeTLS: ", err, fmt.Sprintf("%d", os.Getpid()))
@ -162,16 +174,28 @@ func (app *App) Run(mws ...MiddleWare) {
// run normal mode
if BConfig.Listen.EnableHTTPS || BConfig.Listen.EnableMutualHTTPS {
go func() {
time.Sleep(1000 * time.Microsecond)
if BConfig.Listen.HTTPSPort != 0 {
app.Server.Addr = fmt.Sprintf("%s:%d", BConfig.Listen.HTTPSAddr, BConfig.Listen.HTTPSPort)
} else if BConfig.Listen.EnableHTTP {
BeeLogger.Info("Start https server error, conflict with http.Please reset https port")
BeeLogger.Info("Start https server error, conflict with http. Please reset https port")
return
}
logs.Info("https server Running on https://%s", app.Server.Addr)
if BConfig.Listen.EnableMutualHTTPS {
if BConfig.Listen.AutoTLS {
m := autocert.Manager{
Prompt: autocert.AcceptTOS,
HostPolicy: autocert.HostWhitelist(BConfig.Listen.Domains...),
Cache: autocert.DirCache(BConfig.Listen.TLSCacheDir),
}
app.Server.TLSConfig = &tls.Config{GetCertificate: m.GetCertificate}
BConfig.Listen.HTTPSCertFile, BConfig.Listen.HTTPSKeyFile = "", ""
} else if BConfig.Listen.EnableMutualHTTPS {
pool := x509.NewCertPool()
data, err := ioutil.ReadFile(BConfig.Listen.TrustCaFile)
if err != nil {
@ -190,6 +214,7 @@ func (app *App) Run(mws ...MiddleWare) {
endRunning <- true
}
}()
}
if BConfig.Listen.EnableHTTP {
go func() {

117
auto_TLS.patch Normal file
View File

@ -0,0 +1,117 @@
Index: app.go
IDEA additional info:
Subsystem: com.intellij.openapi.diff.impl.patch.CharsetEP
<+>UTF-8
===================================================================
--- app.go (date 1532101275000)
+++ app.go (date 1532105406000)
@@ -30,6 +30,7 @@
"github.com/astaxie/beego/grace"
"github.com/astaxie/beego/logs"
"github.com/astaxie/beego/utils"
+ "golang.org/x/crypto/acme/autocert"
)
var (
@@ -125,7 +126,18 @@
server := grace.NewServer(httpsAddr, app.Handlers)
server.Server.ReadTimeout = app.Server.ReadTimeout
server.Server.WriteTimeout = app.Server.WriteTimeout
- if BConfig.Listen.EnableMutualHTTPS {
+ if BConfig.Listen.AutoTLS {
+ m := autocert.Manager{
+ Prompt: autocert.AcceptTOS,
+ HostPolicy: autocert.HostWhitelist(BConfig.Listen.Domains...),
+ Cache: autocert.DirCache(BConfig.Listen.TLSCacheDir),
+ }
+
+ app.Server.TLSConfig = &tls.Config{GetCertificate: m.GetCertificate}
+
+ BConfig.Listen.HTTPSCertFile, BConfig.Listen.HTTPSKeyFile = "", ""
+
+ } else if BConfig.Listen.EnableMutualHTTPS {
if err := server.ListenAndServeMutualTLS(BConfig.Listen.HTTPSCertFile, BConfig.Listen.HTTPSKeyFile, BConfig.Listen.TrustCaFile); err != nil {
logs.Critical("ListenAndServeTLS: ", err, fmt.Sprintf("%d", os.Getpid()))
@@ -162,16 +174,28 @@
// run normal mode
if BConfig.Listen.EnableHTTPS || BConfig.Listen.EnableMutualHTTPS {
+
go func() {
time.Sleep(1000 * time.Microsecond)
if BConfig.Listen.HTTPSPort != 0 {
app.Server.Addr = fmt.Sprintf("%s:%d", BConfig.Listen.HTTPSAddr, BConfig.Listen.HTTPSPort)
} else if BConfig.Listen.EnableHTTP {
- BeeLogger.Info("Start https server error, conflict with http.Please reset https port")
+ BeeLogger.Info("Start https server error, conflict with http. Please reset https port")
return
}
logs.Info("https server Running on https://%s", app.Server.Addr)
- if BConfig.Listen.EnableMutualHTTPS {
+ if BConfig.Listen.AutoTLS {
+ m := autocert.Manager{
+ Prompt: autocert.AcceptTOS,
+ HostPolicy: autocert.HostWhitelist(BConfig.Listen.Domains...),
+ Cache: autocert.DirCache(BConfig.Listen.TLSCacheDir),
+ }
+
+ app.Server.TLSConfig = &tls.Config{GetCertificate: m.GetCertificate}
+
+ BConfig.Listen.HTTPSCertFile, BConfig.Listen.HTTPSKeyFile = "", ""
+
+ } else if BConfig.Listen.EnableMutualHTTPS {
pool := x509.NewCertPool()
data, err := ioutil.ReadFile(BConfig.Listen.TrustCaFile)
if err != nil {
@@ -190,6 +214,7 @@
endRunning <- true
}
}()
+
}
if BConfig.Listen.EnableHTTP {
go func() {
Index: controller.go
IDEA additional info:
Subsystem: com.intellij.openapi.diff.impl.patch.CharsetEP
<+>UTF-8
===================================================================
--- controller.go (date 1532101275000)
+++ controller.go (date 1532105474000)
@@ -36,7 +36,7 @@
const (
applicationJSON = "application/json"
applicationXML = "application/xml"
- applicationYAML = "application/x-yaml"
+ applicationYAML = "application/x-yaml"
textXML = "text/xml"
)
Index: config.go
IDEA additional info:
Subsystem: com.intellij.openapi.diff.impl.patch.CharsetEP
<+>UTF-8
===================================================================
--- config.go (date 1532101275000)
+++ config.go (date 1532105364000)
@@ -55,6 +55,9 @@
EnableHTTP bool
HTTPAddr string
HTTPPort int
+ AutoTLS bool
+ Domains []string
+ TLSCacheDir string
EnableHTTPS bool
EnableMutualHTTPS bool
HTTPSAddr string
@@ -209,6 +212,9 @@
ServerTimeOut: 0,
ListenTCP4: false,
EnableHTTP: true,
+ AutoTLS: false,
+ Domains: []string{},
+ TLSCacheDir: ".",
HTTPAddr: "",
HTTPPort: 8080,
EnableHTTPS: false,

View File

@ -55,6 +55,9 @@ type Listen struct {
EnableHTTP bool
HTTPAddr string
HTTPPort int
AutoTLS bool
Domains []string
TLSCacheDir string
EnableHTTPS bool
EnableMutualHTTPS bool
HTTPSAddr string
@ -209,6 +212,9 @@ func newBConfig() *Config {
ServerTimeOut: 0,
ListenTCP4: false,
EnableHTTP: true,
AutoTLS: false,
Domains: []string{},
TLSCacheDir: ".",
HTTPAddr: "",
HTTPPort: 8080,
EnableHTTPS: false,

View File

@ -36,7 +36,7 @@ import (
const (
applicationJSON = "application/json"
applicationXML = "application/xml"
applicationYAML = "application/x-yaml"
applicationYAML = "application/x-yaml"
textXML = "text/xml"
)