mirror of
https://github.com/caddyserver/caddy.git
synced 2024-12-23 22:27:38 -05:00
Stubbed out basic code to obtain Let's Encrypt cert
This commit is contained in:
Matthew Holt
parent
ca1f1362cc
commit
79de2a5de2
1 changed files with 54 additions and 0 deletions
|
|
@ -1,6 +1,9 @@
|
|||
package config
|
||||
|
||||
import (
|
||||
"crypto/rand"
|
||||
"crypto/rsa"
|
||||
"errors"
|
||||
"fmt"
|
||||
"io"
|
||||
"log"
|
||||
|
|
@ -11,6 +14,7 @@ import (
|
|||
"github.com/mholt/caddy/config/setup"
|
||||
"github.com/mholt/caddy/middleware"
|
||||
"github.com/mholt/caddy/server"
|
||||
"github.com/xenolf/lego/acme"
|
||||
)
|
||||
|
||||
const (
|
||||
|
|
@ -73,10 +77,60 @@ func Load(filename string, input io.Reader) (Group, error) {
|
|||
// restore logging settings
|
||||
log.SetFlags(flags)
|
||||
|
||||
privateKey, err := rsa.GenerateKey(rand.Reader, 2048)
|
||||
if err != nil {
|
||||
return Group{}, errors.New("Error Generating Key:" + err.Error())
|
||||
}
|
||||
|
||||
for _, cfg := range configs {
|
||||
// TODO: && hostname does not resolve to localhost (?) && TLS is not force-disabled
|
||||
if !cfg.TLS.Enabled {
|
||||
// Initiate Let's Encrypt
|
||||
user := LetsEncryptUser{
|
||||
Email: "example@mail.com",
|
||||
Key: privateKey,
|
||||
}
|
||||
client := acme.NewClient("http://192.168.99.100:4000", &user, 2048, "5001")
|
||||
reg, err := client.Register()
|
||||
if err != nil {
|
||||
return Group{}, errors.New("Error Registering: " + err.Error())
|
||||
}
|
||||
user.Registration = reg
|
||||
|
||||
err = client.AgreeToTos()
|
||||
if err != nil {
|
||||
return Group{}, errors.New("Error Agreeing to ToS: " + err.Error())
|
||||
}
|
||||
|
||||
certs, err := client.ObtainCertificates([]string{"caddy.dev"})
|
||||
if err != nil {
|
||||
return Group{}, errors.New("Error Obtaining Certs: " + err.Error())
|
||||
}
|
||||
|
||||
fmt.Printf("%#v\n", certs)
|
||||
}
|
||||
}
|
||||
|
||||
// Group by address/virtualhosts
|
||||
return arrangeBindings(configs)
|
||||
}
|
||||
|
||||
type LetsEncryptUser struct {
|
||||
Email string
|
||||
Registration *acme.RegistrationResource
|
||||
Key *rsa.PrivateKey
|
||||
}
|
||||
|
||||
func (u LetsEncryptUser) GetEmail() string {
|
||||
return u.Email
|
||||
}
|
||||
func (u LetsEncryptUser) GetRegistration() *acme.RegistrationResource {
|
||||
return u.Registration
|
||||
}
|
||||
func (u LetsEncryptUser) GetPrivateKey() *rsa.PrivateKey {
|
||||
return u.Key
|
||||
}
|
||||
|
||||
// serverBlockToConfig makes a config for the server block
|
||||
// by executing the tokens that were parsed. The returned
|
||||
// config is shared among all hosts/addresses for the server
|
||||
|
|
|
|||
Loading…
Reference in a new issue