Beispiel #1
0
func cmdRegisterAcmeRun(cmd *cobra.Command, args []string) {
	if registerAcmeArgs.acmeEmail == "" {
		Exitf("Please specify --acme-email")
	}
	acmeService := acme.NewAcmeService(acme.AcmeServiceConfig{
		HttpProviderConfig: acme.HttpProviderConfig{},
		CADirectoryURL:     registerAcmeArgs.caDirURL,
		KeyBits:            registerAcmeArgs.keyBits,
		Email:              registerAcmeArgs.acmeEmail,
		PrivateKeyPath:     registerAcmeArgs.privateKeyPath,
		RegistrationPath:   registerAcmeArgs.registrationPath,
	}, acme.AcmeServiceDependencies{
		HttpProviderDependencies: acme.HttpProviderDependencies{
			Logger: log,
		},
	})

	// Perform registration
	if err := acmeService.Register(); err != nil {
		Exitf("Registration failed: %#v", err)
	}
}
Beispiel #2
0
func cmdRunRun(cmd *cobra.Command, args []string) {
	// Parse arguments
	if runArgs.etcdAddr != "" {
		etcdUrl, err := url.Parse(runArgs.etcdAddr)
		if err != nil {
			Exitf("--etcd-addr '%s' is not valid: %#v", runArgs.etcdAddr, err)
		}
		runArgs.etcdEndpoints = []string{fmt.Sprintf("%s://%s", etcdUrl.Scheme, etcdUrl.Host)}
		runArgs.etcdPath = etcdUrl.Path
	}
	etcdCfg := client.Config{
		Endpoints: runArgs.etcdEndpoints,
		Transport: client.DefaultTransport,
	}
	etcdClient, err := client.New(etcdCfg)
	if err != nil {
		Exitf("Failed to initialize ETCD client: %#v", err)
	}

	go etcdClient.AutoSync(context.Background(), time.Second*30)

	// Set log level
	level, err := logging.LogLevel(runArgs.logLevel)
	if err != nil {
		Exitf("Invalid log-level '%s': %#v", runArgs.logLevel, err)
	}
	logging.SetLevel(level, cmdMain.Use)

	// Prepare backend
	backend, err := backend.NewEtcdBackend(etcdBackendConfig, log, etcdClient, runArgs.etcdPath)
	if err != nil {
		Exitf("Failed to backend: %#v", err)
	}

	// Prepare global mutext service
	gmService := mutex.NewEtcdGlobalMutexService(etcdClient, path.Join(runArgs.etcdPath, etcdLocksFolder))

	// Prepare acme service
	acmeEtcdPrefix := path.Join(runArgs.etcdPath, etcdAcmeFolder)
	certsRepository := acme.NewEtcdCertificatesRepository(acmeEtcdPrefix, etcdClient)
	certsCache := acme.NewCertificatesFileCache(runArgs.tmpCertificatePath, certsRepository, log)
	certsRequester := acme.NewCertificateRequester(log, certsRepository, gmService)
	renewal := acme.NewRenewalMonitor(log, certsRepository, certsRequester)
	acmeServiceListener := &acmeServiceListener{}
	acmeService := acme.NewAcmeService(acme.AcmeServiceConfig{
		HttpProviderConfig: acme.HttpProviderConfig{
			EtcdPrefix: acmeEtcdPrefix,
			Port:       runArgs.acmeHttpPort,
		},
		EtcdPrefix:       acmeEtcdPrefix,
		CADirectoryURL:   runArgs.caDirURL,
		KeyBits:          runArgs.keyBits,
		Email:            runArgs.acmeEmail,
		PrivateKeyPath:   runArgs.privateKeyPath,
		RegistrationPath: runArgs.registrationPath,
	}, acme.AcmeServiceDependencies{
		HttpProviderDependencies: acme.HttpProviderDependencies{
			Logger:     log,
			EtcdClient: etcdClient,
		},
		Listener:   acmeServiceListener,
		Repository: certsRepository,
		Cache:      certsCache,
		Renewal:    renewal,
		Requester:  certsRequester,
	})

	// Prepare service
	if runArgs.haproxyConfPath == "" {
		Exitf("Please specify --haproxy-conf")
	}
	if runArgs.privateHost == "" {
		Exitf("Please specify --private-host")
	}
	service := service.NewService(service.ServiceConfig{
		HaproxyConfPath:   runArgs.haproxyConfPath,
		StatsPort:         runArgs.statsPort,
		StatsUser:         runArgs.statsUser,
		StatsPassword:     runArgs.statsPassword,
		StatsSslCert:      runArgs.statsSslCert,
		SslCertsFolder:    runArgs.sslCertsFolder,
		ForceSsl:          runArgs.forceSsl,
		PrivateHost:       runArgs.privateHost,
		PrivateTcpSslCert: runArgs.privateTcpSslCert,
		PrivateStatsPort:  runArgs.privateStatsPort,
		ExcludePrivate:    runArgs.excludePrivate,
		ExcludePublic:     runArgs.excludePublic,
	}, service.ServiceDependencies{
		Logger:      log,
		Backend:     backend,
		AcmeService: acmeService,
	})
	acmeServiceListener.service = service

	// Prepare and run middleware
	apiMiddleware := middleware.Middleware{
		Logger:  log,
		Service: backend,
	}
	apiAddr := fmt.Sprintf("%s:%d", runArgs.apiHost, runArgs.apiPort)
	apiHandler := apiMiddleware.SetupRoutes(projectName, projectVersion, projectBuild)
	log.Infof("Starting %s API (version %s build %s) on %s\n", projectName, projectVersion, projectBuild, apiAddr)
	go func() {
		if err := http.ListenAndServe(apiAddr, apiHandler); err != nil {
			log.Fatalf("API ListenAndServe failed: %#v", err)
		}
	}()

	// Start all services
	if err := acmeService.Start(); err != nil {
		Exitf("Failed to start ACME service: %#v", err)
	}
	metricsConfig := metrics.MetricsConfig{
		ProjectName:    projectName,
		ProjectVersion: projectVersion,
		ProjectBuild:   projectBuild,
		Host:           runArgs.metricsHost,
		Port:           runArgs.metricsPort,
		HaproxyCSVURI:  fmt.Sprintf("http://127.0.0.1:%d/;csv", runArgs.privateStatsPort),
	}
	if runArgs.privateStatsPort == 0 {
		metricsConfig.HaproxyCSVURI = ""
	}
	if err := metrics.StartMetricsListener(metricsConfig, log); err != nil {
		Exitf("Failed to start metrics: %#v", err)
	}
	service.Run()
}