mirror of
https://github.com/astaxie/beego.git
synced 2024-12-22 21:50:50 +00:00
AutoCert
This commit is contained in:
parent
f18283a517
commit
38f9a3c49e
31
app.go
31
app.go
@ -30,6 +30,7 @@ import (
|
||||
"github.com/astaxie/beego/grace"
|
||||
"github.com/astaxie/beego/logs"
|
||||
"github.com/astaxie/beego/utils"
|
||||
"golang.org/x/crypto/acme/autocert"
|
||||
)
|
||||
|
||||
var (
|
||||
@ -125,7 +126,18 @@ func (app *App) Run(mws ...MiddleWare) {
|
||||
server := grace.NewServer(httpsAddr, app.Handlers)
|
||||
server.Server.ReadTimeout = app.Server.ReadTimeout
|
||||
server.Server.WriteTimeout = app.Server.WriteTimeout
|
||||
if BConfig.Listen.EnableMutualHTTPS {
|
||||
if BConfig.Listen.AutoTLS {
|
||||
m := autocert.Manager{
|
||||
Prompt: autocert.AcceptTOS,
|
||||
HostPolicy: autocert.HostWhitelist(BConfig.Listen.Domains...),
|
||||
Cache: autocert.DirCache(BConfig.Listen.TLSCacheDir),
|
||||
}
|
||||
|
||||
app.Server.TLSConfig = &tls.Config{GetCertificate: m.GetCertificate}
|
||||
|
||||
BConfig.Listen.HTTPSCertFile, BConfig.Listen.HTTPSKeyFile = "", ""
|
||||
|
||||
} else if BConfig.Listen.EnableMutualHTTPS {
|
||||
|
||||
if err := server.ListenAndServeMutualTLS(BConfig.Listen.HTTPSCertFile, BConfig.Listen.HTTPSKeyFile, BConfig.Listen.TrustCaFile); err != nil {
|
||||
logs.Critical("ListenAndServeTLS: ", err, fmt.Sprintf("%d", os.Getpid()))
|
||||
@ -162,16 +174,28 @@ func (app *App) Run(mws ...MiddleWare) {
|
||||
|
||||
// run normal mode
|
||||
if BConfig.Listen.EnableHTTPS || BConfig.Listen.EnableMutualHTTPS {
|
||||
|
||||
go func() {
|
||||
time.Sleep(1000 * time.Microsecond)
|
||||
if BConfig.Listen.HTTPSPort != 0 {
|
||||
app.Server.Addr = fmt.Sprintf("%s:%d", BConfig.Listen.HTTPSAddr, BConfig.Listen.HTTPSPort)
|
||||
} else if BConfig.Listen.EnableHTTP {
|
||||
BeeLogger.Info("Start https server error, conflict with http.Please reset https port")
|
||||
BeeLogger.Info("Start https server error, conflict with http. Please reset https port")
|
||||
return
|
||||
}
|
||||
logs.Info("https server Running on https://%s", app.Server.Addr)
|
||||
if BConfig.Listen.EnableMutualHTTPS {
|
||||
if BConfig.Listen.AutoTLS {
|
||||
m := autocert.Manager{
|
||||
Prompt: autocert.AcceptTOS,
|
||||
HostPolicy: autocert.HostWhitelist(BConfig.Listen.Domains...),
|
||||
Cache: autocert.DirCache(BConfig.Listen.TLSCacheDir),
|
||||
}
|
||||
|
||||
app.Server.TLSConfig = &tls.Config{GetCertificate: m.GetCertificate}
|
||||
|
||||
BConfig.Listen.HTTPSCertFile, BConfig.Listen.HTTPSKeyFile = "", ""
|
||||
|
||||
} else if BConfig.Listen.EnableMutualHTTPS {
|
||||
pool := x509.NewCertPool()
|
||||
data, err := ioutil.ReadFile(BConfig.Listen.TrustCaFile)
|
||||
if err != nil {
|
||||
@ -190,6 +214,7 @@ func (app *App) Run(mws ...MiddleWare) {
|
||||
endRunning <- true
|
||||
}
|
||||
}()
|
||||
|
||||
}
|
||||
if BConfig.Listen.EnableHTTP {
|
||||
go func() {
|
||||
|
117
auto_TLS.patch
Normal file
117
auto_TLS.patch
Normal file
@ -0,0 +1,117 @@
|
||||
Index: app.go
|
||||
IDEA additional info:
|
||||
Subsystem: com.intellij.openapi.diff.impl.patch.CharsetEP
|
||||
<+>UTF-8
|
||||
===================================================================
|
||||
--- app.go (date 1532101275000)
|
||||
+++ app.go (date 1532105406000)
|
||||
@@ -30,6 +30,7 @@
|
||||
"github.com/astaxie/beego/grace"
|
||||
"github.com/astaxie/beego/logs"
|
||||
"github.com/astaxie/beego/utils"
|
||||
+ "golang.org/x/crypto/acme/autocert"
|
||||
)
|
||||
|
||||
var (
|
||||
@@ -125,7 +126,18 @@
|
||||
server := grace.NewServer(httpsAddr, app.Handlers)
|
||||
server.Server.ReadTimeout = app.Server.ReadTimeout
|
||||
server.Server.WriteTimeout = app.Server.WriteTimeout
|
||||
- if BConfig.Listen.EnableMutualHTTPS {
|
||||
+ if BConfig.Listen.AutoTLS {
|
||||
+ m := autocert.Manager{
|
||||
+ Prompt: autocert.AcceptTOS,
|
||||
+ HostPolicy: autocert.HostWhitelist(BConfig.Listen.Domains...),
|
||||
+ Cache: autocert.DirCache(BConfig.Listen.TLSCacheDir),
|
||||
+ }
|
||||
+
|
||||
+ app.Server.TLSConfig = &tls.Config{GetCertificate: m.GetCertificate}
|
||||
+
|
||||
+ BConfig.Listen.HTTPSCertFile, BConfig.Listen.HTTPSKeyFile = "", ""
|
||||
+
|
||||
+ } else if BConfig.Listen.EnableMutualHTTPS {
|
||||
|
||||
if err := server.ListenAndServeMutualTLS(BConfig.Listen.HTTPSCertFile, BConfig.Listen.HTTPSKeyFile, BConfig.Listen.TrustCaFile); err != nil {
|
||||
logs.Critical("ListenAndServeTLS: ", err, fmt.Sprintf("%d", os.Getpid()))
|
||||
@@ -162,16 +174,28 @@
|
||||
|
||||
// run normal mode
|
||||
if BConfig.Listen.EnableHTTPS || BConfig.Listen.EnableMutualHTTPS {
|
||||
+
|
||||
go func() {
|
||||
time.Sleep(1000 * time.Microsecond)
|
||||
if BConfig.Listen.HTTPSPort != 0 {
|
||||
app.Server.Addr = fmt.Sprintf("%s:%d", BConfig.Listen.HTTPSAddr, BConfig.Listen.HTTPSPort)
|
||||
} else if BConfig.Listen.EnableHTTP {
|
||||
- BeeLogger.Info("Start https server error, conflict with http.Please reset https port")
|
||||
+ BeeLogger.Info("Start https server error, conflict with http. Please reset https port")
|
||||
return
|
||||
}
|
||||
logs.Info("https server Running on https://%s", app.Server.Addr)
|
||||
- if BConfig.Listen.EnableMutualHTTPS {
|
||||
+ if BConfig.Listen.AutoTLS {
|
||||
+ m := autocert.Manager{
|
||||
+ Prompt: autocert.AcceptTOS,
|
||||
+ HostPolicy: autocert.HostWhitelist(BConfig.Listen.Domains...),
|
||||
+ Cache: autocert.DirCache(BConfig.Listen.TLSCacheDir),
|
||||
+ }
|
||||
+
|
||||
+ app.Server.TLSConfig = &tls.Config{GetCertificate: m.GetCertificate}
|
||||
+
|
||||
+ BConfig.Listen.HTTPSCertFile, BConfig.Listen.HTTPSKeyFile = "", ""
|
||||
+
|
||||
+ } else if BConfig.Listen.EnableMutualHTTPS {
|
||||
pool := x509.NewCertPool()
|
||||
data, err := ioutil.ReadFile(BConfig.Listen.TrustCaFile)
|
||||
if err != nil {
|
||||
@@ -190,6 +214,7 @@
|
||||
endRunning <- true
|
||||
}
|
||||
}()
|
||||
+
|
||||
}
|
||||
if BConfig.Listen.EnableHTTP {
|
||||
go func() {
|
||||
Index: controller.go
|
||||
IDEA additional info:
|
||||
Subsystem: com.intellij.openapi.diff.impl.patch.CharsetEP
|
||||
<+>UTF-8
|
||||
===================================================================
|
||||
--- controller.go (date 1532101275000)
|
||||
+++ controller.go (date 1532105474000)
|
||||
@@ -36,7 +36,7 @@
|
||||
const (
|
||||
applicationJSON = "application/json"
|
||||
applicationXML = "application/xml"
|
||||
- applicationYAML = "application/x-yaml"
|
||||
+ applicationYAML = "application/x-yaml"
|
||||
textXML = "text/xml"
|
||||
)
|
||||
|
||||
Index: config.go
|
||||
IDEA additional info:
|
||||
Subsystem: com.intellij.openapi.diff.impl.patch.CharsetEP
|
||||
<+>UTF-8
|
||||
===================================================================
|
||||
--- config.go (date 1532101275000)
|
||||
+++ config.go (date 1532105364000)
|
||||
@@ -55,6 +55,9 @@
|
||||
EnableHTTP bool
|
||||
HTTPAddr string
|
||||
HTTPPort int
|
||||
+ AutoTLS bool
|
||||
+ Domains []string
|
||||
+ TLSCacheDir string
|
||||
EnableHTTPS bool
|
||||
EnableMutualHTTPS bool
|
||||
HTTPSAddr string
|
||||
@@ -209,6 +212,9 @@
|
||||
ServerTimeOut: 0,
|
||||
ListenTCP4: false,
|
||||
EnableHTTP: true,
|
||||
+ AutoTLS: false,
|
||||
+ Domains: []string{},
|
||||
+ TLSCacheDir: ".",
|
||||
HTTPAddr: "",
|
||||
HTTPPort: 8080,
|
||||
EnableHTTPS: false,
|
@ -55,6 +55,9 @@ type Listen struct {
|
||||
EnableHTTP bool
|
||||
HTTPAddr string
|
||||
HTTPPort int
|
||||
AutoTLS bool
|
||||
Domains []string
|
||||
TLSCacheDir string
|
||||
EnableHTTPS bool
|
||||
EnableMutualHTTPS bool
|
||||
HTTPSAddr string
|
||||
@ -209,6 +212,9 @@ func newBConfig() *Config {
|
||||
ServerTimeOut: 0,
|
||||
ListenTCP4: false,
|
||||
EnableHTTP: true,
|
||||
AutoTLS: false,
|
||||
Domains: []string{},
|
||||
TLSCacheDir: ".",
|
||||
HTTPAddr: "",
|
||||
HTTPPort: 8080,
|
||||
EnableHTTPS: false,
|
||||
|
@ -36,7 +36,7 @@ import (
|
||||
const (
|
||||
applicationJSON = "application/json"
|
||||
applicationXML = "application/xml"
|
||||
applicationYAML = "application/x-yaml"
|
||||
applicationYAML = "application/x-yaml"
|
||||
textXML = "text/xml"
|
||||
)
|
||||
|
||||
|
Loading…
Reference in New Issue
Block a user