func serveTLS(addr, keyFile, certFile, vaultFile string) {
salt, err := keyvault.GetSalt(vaultFile)
if err != nil {
fmt.Fprintf(os.Stderr, "Failed to extract salt from vault file: %v\n", err)
os.Exit(1)
}
vaultKey := deriveKey(salt)
vault, err = keyvault.Open(vaultFile, *vaultKey)
if err != nil {
fmt.Fprintf(os.Stderr, "Failed to open vault file: %v\n", err)
os.Exit(1)
}
errChan := vault.AutoSync(nil)
go func() {
for {
err := <-errChan
log.Printf("vault autosync error: %v", err)
}
}()
log.Println("vault opened")
defer vault.Close()
initRouter()
log.Println("starting server on", addr)
go log.Fatal(http.ListenAndServeTLS(addr, certFile, keyFile, router))
sigc := make(chan os.Signal, 1)
signal.Notify(sigc, os.Kill, os.Interrupt, syscall.SIGTERM)
<-sigc
}
func dumpVaultLog(vaultFile, logFileOut string) {
salt, err := keyvault.GetSalt(vaultFile)
if err != nil {
fmt.Fprintf(os.Stderr, "Failed to extract salt from vault file: %v\n", err)
os.Exit(1)
}
vaultKey := deriveKey(salt)
vault, err := keyvault.Open(vaultFile, *vaultKey)
if err != nil {
fmt.Fprintf(os.Stderr, "Failed to open vault file: %v\n", err)
os.Exit(1)
}
password, err := readpass.PasswordPrompt("Admin password: "******"Failed to read password: %v\n", err)
os.Exit(1)
}
logOut := vault.LogDump(checkPassword, password)
vault.Close()
err = ioutil.WriteFile(logFileOut, []byte(logOut), 0644)
if err != nil {
fmt.Fprintf(os.Stderr, "Failed to write log file: %v\n", err)
os.Exit(1)
}
fmt.Println("Log file dumped to", logFileOut)
os.Exit(0)
}