summary refs log tree commit diff stats
diff options
context:
space:
mode:
authorBen Morrison <ben@gbmor.dev>2020-03-16 02:42:35 -0400
committerBen Morrison <ben@gbmor.dev>2020-03-16 02:42:35 -0400
commit31c992e6eaa8f4afe90ec95c5c778412fb887146 (patch)
treedfbbc9651772c51fa4bb74bef03ea37de9d27380
parent271ba7ca8dc513ba240c0b0290efd0957a16125a (diff)
downloadgetwtxt-31c992e6eaa8f4afe90ec95c5c778412fb887146.tar.gz
removed experimental host matching and tls support
-rw-r--r--README.md12
-rw-r--r--getwtxt.yml17
-rw-r--r--svc/conf.go31
-rw-r--r--svc/svc.go31
4 files changed, 9 insertions, 82 deletions
diff --git a/README.md b/README.md
index 7ea08e6..be4c751 100644
--- a/README.md
+++ b/README.md
@@ -3,7 +3,7 @@
 twtxt registry written in Go!
 
 [twtxt](https://github.com/buckket/twtxt) is a decentralized microblogging platform
-"for hackers" based on text files. The user is "followed" and "mentioned" by referencing
+for hackers based on text files. The user is "followed" and "mentioned" by referencing
 the URL to their `twtxt.txt` file and a nickname.
 Registries are designed to aggregate several users' statuses into a single location,
 facilitating the discovery of new users to follow and allowing the search of statuses
@@ -21,15 +21,13 @@ for tags and key words.
 ## Features
 &nbsp;[![GitHub release](https://img.shields.io/github/release/getwtxt/getwtxt.svg)](https://github.com/getwtxt/getwtxt/releases/latest)
 
-* Easy to set up and maintain
+* Easy to set up
 * Uses an in-memory cache to serve requests
 * Pushes to a database at a configurable interval for persistent storage
   * `leveldb (default)`
   * `sqlite3`
 * More database support is in development
-* Run directly facing the internet or behind `Caddy` / `nginx`
-* Optional `TLS` support
-* Optional hostname matching (serve requests for eg. `twtxt.example.com` without a reverse proxy)
+* Easily run behind `nginx`, `Caddy` or another HTTP server.
 
 ## Public Instances
 
@@ -132,7 +130,7 @@ the template.
 ### Proxying
 
 Though getwtxt will run perfectly fine facing the internet directly, it does not
-understand virtual hosts, nor does it use TLS (yet). You'll probably want to proxy it behind
+understand virtual hosts, nor does it use TLS. You'll probably want to proxy it behind
 `Caddy` or `nginx` for this reason.
 
 `Caddy` is ludicrously easy to set up, and automatically handles `TLS` certificates. Here's the config:
@@ -144,7 +142,7 @@ proxy / example.com:9001
 
 If you're using `nginx`, here's a skeleton config to get you started. Don't forget to change
 the 5 instances of `twtxt.example.com` to the (sub)domain you'll be using to access the registry,
-generate SSL/TLS certificates using `letsencrypt`, and change the port in `proxy_pass` to whichever
+generate SSL/TLS certificates using LetsEncrypt, and change the port in `proxy_pass` to whichever
 port you specified when modifying the configuration file. Currently, it's set to the default port `9001`
 
 ```nginx
diff --git a/getwtxt.yml b/getwtxt.yml
index 817040d..5fd4edb 100644
--- a/getwtxt.yml
+++ b/getwtxt.yml
@@ -16,27 +16,14 @@
 #############################################################
 
 #############################################################
-##  Changing the following options requires a restart.     ##
+##  Changing the following option requires a restart.      ##
 #############################################################
 
-# Set to true if getwtxt will be behind a reverse
-# proxy server, such as Caddy or nginx
-BehindProxy: true
-
 # This is the port that getwtxt will bind to.
 # If BehindProxy is false, you should probably
 # set this to 80 or 443
 ListenPort: 9001
 
-# Determines whether we're using SSL/TLS. If so,
-# you should set the Cert and Key files.
-# Don't use TLS if you're setting up getwtxt
-# behind a reverse proxy - just let the proxy
-# handle the connection.
-UseTLS: false
-TLSCert: "/etc/ssl/getwtxt.pem"
-TLSKey: "/etc/ssl/private/getwtxt.pem"
-
 #############################################################
 ##  The following options may be changed at any time.      ##
 ##  getwtxt will automatically reload the config when      ##
@@ -102,5 +89,3 @@ Instance:
   # This is shown at the top of the default web page
   # below your instance's name.
   Description: "A fast, resilient twtxt registry server written in Go!"
-
-
diff --git a/svc/conf.go b/svc/conf.go
index f3797c6..ae52219 100644
--- a/svc/conf.go
+++ b/svc/conf.go
@@ -36,7 +36,6 @@ var reqLog *log.Logger
 // this struct.
 type Configuration struct {
 	Mu            sync.RWMutex
-	IsProxied     bool          `yaml:"BehindProxy"`
 	Port          int           `yaml:"ListenPort"`
 	MsgLog        string        `yaml:"MessageLog"`
 	ReqLog        string        `yaml:"RequestLog"`
@@ -47,7 +46,6 @@ type Configuration struct {
 	CacheInterval time.Duration `yaml:"StatusFetchInterval"`
 	DBInterval    time.Duration `yaml:"DatabasePushInterval"`
 	Instance      `yaml:"Instance"`
-	TLS
 }
 
 // Instance refers to meta data about
@@ -61,14 +59,6 @@ type Instance struct {
 	Desc  string `yaml:"Instance.Description"`
 }
 
-// TLS holds the tls config from the
-// config file
-type TLS struct {
-	Use  bool   `yaml:"UseTLS"`
-	Cert string `yaml:"TLSCert"`
-	Key  string `yaml:"TLSKey"`
-}
-
 // Called on start-up. Initializes everything
 // related to configuration values.
 func initConfig() {
@@ -125,10 +115,6 @@ func initLogging() {
 // Default values should a config file
 // not be available.
 func setConfigDefaults() {
-	viper.SetDefault("BehindProxy", true)
-	viper.SetDefault("UseTLS", false)
-	viper.SetDefault("TLSCert", "cert.pem")
-	viper.SetDefault("TLSKey", "key.pem")
 	viper.SetDefault("ListenPort", 9001)
 	viper.SetDefault("MessageLog", "logs/message.log")
 	viper.SetDefault("RequestLog", "logs/request.log")
@@ -175,7 +161,6 @@ func parseConfigFlag() {
 func bindConfig() {
 	confObj.Mu.Lock()
 
-	confObj.IsProxied = viper.GetBool("BehindProxy")
 	confObj.Port = viper.GetInt("ListenPort")
 	confObj.MsgLog = viper.GetString("MessageLog")
 	confObj.ReqLog = viper.GetString("RequestLog")
@@ -193,12 +178,6 @@ func bindConfig() {
 	confObj.Instance.Mail = viper.GetString("Instance.Email")
 	confObj.Instance.Desc = viper.GetString("Instance.Description")
 
-	confObj.TLS.Use = viper.GetBool("UseTLS")
-	if confObj.TLS.Use {
-		confObj.TLS.Cert = viper.GetString("TLSCert")
-		confObj.TLS.Key = viper.GetString("TLSKey")
-	}
-
 	if *flagDBType != "" {
 		confObj.DBType = *flagDBType
 	}
@@ -219,16 +198,6 @@ func announceConfig() {
 	confObj.Mu.RLock()
 	defer confObj.Mu.RUnlock()
 
-	if confObj.IsProxied {
-		log.Printf("Behind reverse proxy, not using host matching\n")
-	} else {
-		log.Printf("Matching host: %v\n", confObj.Instance.URL)
-	}
-	if confObj.TLS.Use {
-		log.Printf("Using TLS\n")
-		log.Printf("Cert: %v\n", confObj.TLS.Cert)
-		log.Printf("Key: %v\n", confObj.TLS.Key)
-	}
 	if confObj.StdoutLogging {
 		log.Printf("Logging to: stdout\n")
 	} else {
diff --git a/svc/svc.go b/svc/svc.go
index 01dd0d7..4e98c94 100644
--- a/svc/svc.go
+++ b/svc/svc.go
@@ -20,7 +20,6 @@ along with Getwtxt.  If not, see <https://www.gnu.org/licenses/>.
 package svc // import "github.com/getwtxt/getwtxt/svc"
 
 import (
-	"crypto/tls"
 	"fmt"
 	"log"
 	"net/http"
@@ -45,32 +44,13 @@ func Start() {
 
 	confObj.Mu.RLock()
 	portnum := fmt.Sprintf(":%v", confObj.Port)
-	if !confObj.IsProxied {
-		index.Host(confObj.Instance.URL)
-	}
-	TLS := confObj.TLS.Use
-	TLSCert := confObj.TLS.Cert
-	TLSKey := confObj.TLS.Key
 	confObj.Mu.RUnlock()
 
 	server := newServer(portnum, index)
 
-	if TLS {
-		cert, err := tls.LoadX509KeyPair(TLSCert, TLSKey)
-		errFatal("", err)
-
-		cfg := &tls.Config{Certificates: []tls.Certificate{cert}}
-		lstnr, err := tls.Listen("tcp", portnum, cfg)
-		errFatal("", err)
-
-		server.TLSConfig = cfg
-		startAnnounce(portnum, before)
-		errLog("", server.ServeTLS(lstnr, "", ""))
-
-	} else {
-		startAnnounce(portnum, before)
-		errLog("", server.ListenAndServe())
-	}
+	log.Printf("*** Listening on %v\n", portnum)
+	log.Printf("*** getwtxt %v Startup finished at %v, took %v\n\n", Vers, time.Now().Format(time.RFC3339), time.Since(before))
+	errLog("", server.ListenAndServe())
 
 	closeLog <- struct{}{}
 	killTickers()
@@ -79,11 +59,6 @@ func Start() {
 	close(closeLog)
 }
 
-func startAnnounce(portnum string, before time.Time) {
-	log.Printf("*** Listening on %v\n", portnum)
-	log.Printf("*** getwtxt %v Startup finished at %v, took %v\n\n", Vers, time.Now().Format(time.RFC3339), time.Since(before))
-}
-
 func newServer(port string, index *mux.Router) *http.Server {
 	// handlers.CompressHandler gzips all responses.
 	// ipMiddleware passes the request IP along.