You can not select more than 25 topics
Topics must start with a letter or number, can include dashes ('-') and can be up to 35 characters long.
88 lines
2.4 KiB
88 lines
2.4 KiB
package main
|
|
|
|
import (
|
|
"crypto/tls"
|
|
"flag"
|
|
"fmt"
|
|
"net"
|
|
"net/http"
|
|
"os"
|
|
"path/filepath"
|
|
"strconv"
|
|
"strings"
|
|
)
|
|
|
|
func usage() {
|
|
fmt.Fprintf(os.Stderr, "\nusage: go run serve.go [optional flags]\n")
|
|
flag.PrintDefaults()
|
|
fmt.Println()
|
|
|
|
os.Exit(2)
|
|
}
|
|
|
|
type myHandler struct{}
|
|
|
|
func (m *myHandler) ServeHTTP(w http.ResponseWriter, r *http.Request) {
|
|
// Print debug info
|
|
fmt.Println(r.Host)
|
|
fmt.Println(r.Method)
|
|
fmt.Println(r.RequestURI)
|
|
fmt.Println(r.URL) // has many keys, such as Query
|
|
for k, v := range r.Header {
|
|
fmt.Println(k, v)
|
|
}
|
|
fmt.Println(r.Body)
|
|
|
|
// End the request
|
|
fmt.Fprintf(w, "Hi there, %s %q? Wow!\n\nWith Love,\n\t%s", r.Method, r.URL.Path[1:], r.Host)
|
|
}
|
|
|
|
func main() {
|
|
flag.Usage = usage
|
|
|
|
port := flag.Uint("port", 443, "https port")
|
|
certsPath := flag.String("letsencrypt-path", "/etc/letsencrypt/live", "path at which an 'xyz.example.com' containing 'fullchain.pem' and 'privkey.pem' can be found")
|
|
defaultHost := flag.String("default-hostname", "localhost.daplie.com", "the default folder to find certificates to use when no matches are found")
|
|
|
|
flag.Parse()
|
|
|
|
host := strings.ToLower(*defaultHost)
|
|
// See https://groups.google.com/a/letsencrypt.org/forum/#!topic/ca-dev/l1Dd6jzWeu8
|
|
/*
|
|
if strings.HasPrefix("www.", host) {
|
|
fmt.Println("TODO: 'www.' prefixed certs should be obtained for every 'example.com' domain.")
|
|
}
|
|
host = strings.TrimPrefix("www.", host)
|
|
*/
|
|
|
|
fmt.Printf("Loading Certificates %s/%s/{privkey.pem,fullchain.pem}\n", *certsPath, *defaultHost)
|
|
privkeyPath := filepath.Join(*certsPath, *defaultHost, "privkey.pem")
|
|
certPath := filepath.Join(*certsPath, *defaultHost, "fullchain.pem")
|
|
cert, err := tls.LoadX509KeyPair(certPath, privkeyPath)
|
|
if err != nil {
|
|
fmt.Fprintf(os.Stderr, "Couldn't load default certificates: %s\n", err)
|
|
os.Exit(1)
|
|
}
|
|
|
|
addr := ":" + strconv.Itoa(int(*port))
|
|
|
|
conn, err := net.Listen("tcp", addr)
|
|
if nil != err {
|
|
fmt.Fprintf(os.Stderr, "Couldn't bind to TCP socket %q: %s\n", addr, err)
|
|
os.Exit(1)
|
|
}
|
|
|
|
tlsConfig := new(tls.Config)
|
|
tlsConfig.Certificates = []tls.Certificate{cert}
|
|
tlsConfig.GetCertificate = func(clientHello *tls.ClientHelloInfo) (*tls.Certificate, error) {
|
|
return &cert, nil
|
|
}
|
|
tlsListener := tls.NewListener(conn, tlsConfig)
|
|
|
|
server := &http.Server{
|
|
Addr: addr,
|
|
Handler: &myHandler{},
|
|
}
|
|
fmt.Printf("Listening on https://%s:%d\n", host, *port)
|
|
server.Serve(tlsListener)
|
|
}
|
|
|