Esempio n. 1
0
func serveTLS(addr, keyFile, certFile, vaultFile string) {
	salt, err := keyvault.GetSalt(vaultFile)
	if err != nil {
		fmt.Fprintf(os.Stderr, "Failed to extract salt from vault file: %v\n", err)
		os.Exit(1)
	}

	vaultKey := deriveKey(salt)
	vault, err = keyvault.Open(vaultFile, *vaultKey)
	if err != nil {
		fmt.Fprintf(os.Stderr, "Failed to open vault file: %v\n", err)
		os.Exit(1)
	}

	errChan := vault.AutoSync(nil)
	go func() {
		for {
			err := <-errChan
			log.Printf("vault autosync error: %v", err)
		}
	}()
	log.Println("vault opened")
	defer vault.Close()

	initRouter()
	log.Println("starting server on", addr)
	go log.Fatal(http.ListenAndServeTLS(addr, certFile, keyFile, router))
	sigc := make(chan os.Signal, 1)
	signal.Notify(sigc, os.Kill, os.Interrupt, syscall.SIGTERM)
	<-sigc
}
Esempio n. 2
0
func dumpVaultLog(vaultFile, logFileOut string) {
	salt, err := keyvault.GetSalt(vaultFile)
	if err != nil {
		fmt.Fprintf(os.Stderr, "Failed to extract salt from vault file: %v\n", err)
		os.Exit(1)
	}

	vaultKey := deriveKey(salt)
	vault, err := keyvault.Open(vaultFile, *vaultKey)
	if err != nil {
		fmt.Fprintf(os.Stderr, "Failed to open vault file: %v\n", err)
		os.Exit(1)
	}

	password, err := readpass.PasswordPrompt("Admin password: "******"Failed to read password: %v\n", err)
		os.Exit(1)
	}

	logOut := vault.LogDump(checkPassword, password)
	vault.Close()
	err = ioutil.WriteFile(logFileOut, []byte(logOut), 0644)
	if err != nil {
		fmt.Fprintf(os.Stderr, "Failed to write log file: %v\n", err)
		os.Exit(1)
	}
	fmt.Println("Log file dumped to", logFileOut)
	os.Exit(0)
}