diff options
-rw-r--r-- | getwtxt.yml | 15 | ||||
-rw-r--r-- | svc/conf.go | 41 | ||||
-rw-r--r-- | svc/handlers.go | 2 | ||||
-rw-r--r-- | svc/init.go | 6 | ||||
-rw-r--r-- | svc/svc.go | 28 |
5 files changed, 79 insertions, 13 deletions
diff --git a/getwtxt.yml b/getwtxt.yml index 6d17b95..d9f5c90 100644 --- a/getwtxt.yml +++ b/getwtxt.yml @@ -19,9 +19,24 @@ ## Changing the following options requires a restart. ## ############################################################# +# Set to true if getwtxt will be behind a reverse +# proxy server, such as Caddy or nginx +BehindProxy: true + # This is the port that getwtxt will bind to. +# If BehindProxy is false, you should probably +# set this to 80 or 443 ListenPort: 9001 +# Determines whether we're using SSL/TLS. If so, +# you should set the Cert and Key files. +# Don't use TLS if you're setting up getwtxt +# behind a reverse proxy - just let the proxy +# handle the connection. +UseTLS: false +TLSCert: "/etc/ssl/getwtxt.pem" +TLSKey: "/etc/ssl/private/getwtxt.pem" + # The type of database you want to use. Currently, # the following are supported: # leveldb (default) diff --git a/svc/conf.go b/svc/conf.go index 90cac6a..538b701 100644 --- a/svc/conf.go +++ b/svc/conf.go @@ -15,6 +15,7 @@ import ( // this struct. type Configuration struct { Mu sync.RWMutex + IsProxied bool `yaml:"BehindProxy"` Port int `yaml:"ListenPort"` LogFile string `yaml:"LogFile"` DBType string `yaml:"DatabaseType"` @@ -24,6 +25,7 @@ type Configuration struct { CacheInterval time.Duration `yaml:"StatusFetchInterval"` DBInterval time.Duration `yaml:"DatabasePushInterval"` Instance `yaml:"Instance"` + TLS } // Instance refers to meta data about @@ -37,6 +39,14 @@ type Instance struct { Desc string `yaml:"Instance.Description"` } +// TLS holds the tls config from the +// config file +type TLS struct { + Use bool `yaml:"UseTLS"` + Cert string `yaml:"TLSCert"` + Key string `yaml:"TLSKey"` +} + // Called on start-up. Initializes everything // related to configuration values. func initConfig() { @@ -87,6 +97,10 @@ func initLogging() { // Default values should a config file // not be available. func setConfigDefaults() { + viper.SetDefault("BehindProxy", true) + viper.SetDefault("UseTLS", false) + viper.SetDefault("TLSCert", "cert.pem") + viper.SetDefault("TLSKey", "key.pem") viper.SetDefault("ListenPort", 9001) viper.SetDefault("LogFile", "getwtxt.log") viper.SetDefault("DatabasePath", "getwtxt.db") @@ -132,6 +146,7 @@ func parseConfigFlag() { func bindConfig() { confObj.Mu.Lock() + confObj.IsProxied = viper.GetBool("BehindProxy") confObj.Port = viper.GetInt("ListenPort") confObj.LogFile = viper.GetString("LogFile") confObj.DBType = strings.ToLower(viper.GetString("DatabaseType")) @@ -148,6 +163,12 @@ func bindConfig() { confObj.Instance.Mail = viper.GetString("Instance.Email") confObj.Instance.Desc = viper.GetString("Instance.Description") + confObj.TLS.Use = viper.GetBool("UseTLS") + if confObj.TLS.Use { + confObj.TLS.Cert = viper.GetString("TLSCert") + confObj.TLS.Key = viper.GetString("TLSKey") + } + if *flagDBType != "" { confObj.DBType = *flagDBType } @@ -157,7 +178,24 @@ func bindConfig() { if *flagAssets != "" { confObj.AssetsDir = *flagAssets } + confObj.Mu.Unlock() + + announceConfig() + +} +func announceConfig() { + confObj.Mu.RLock() + if confObj.IsProxied { + log.Printf("Behind reverse proxy, not using host matching\n") + } else { + log.Printf("Matching host: %v\n", confObj.Instance.URL) + } + if confObj.TLS.Use { + log.Printf("Using TLS\n") + log.Printf("Cert: %v\n", confObj.TLS.Cert) + log.Printf("Key: %v\n", confObj.TLS.Key) + } if confObj.StdoutLogging { log.Printf("Logging to: stdout\n") } else { @@ -166,6 +204,5 @@ func bindConfig() { log.Printf("Using %v database: %v\n", confObj.DBType, confObj.DBPath) log.Printf("Database push interval: %v\n", confObj.DBInterval) log.Printf("User status fetch interval: %v\n", confObj.CacheInterval) - - confObj.Mu.Unlock() + confObj.Mu.RUnlock() } diff --git a/svc/handlers.go b/svc/handlers.go index d3b8d8a..73ef869 100644 --- a/svc/handlers.go +++ b/svc/handlers.go @@ -21,7 +21,7 @@ func sendStaticEtag(w http.ResponseWriter, isCSS bool) { if isCSS { etag := getEtag(staticCache.cssMod) w.Header().Set("ETag", "\""+etag+"\"") - w.Header().Set("Content-Time", txtutf8) + w.Header().Set("Content-Time", cssutf8) return } etag := getEtag(staticCache.indexMod) diff --git a/svc/init.go b/svc/init.go index d7419de..fe83145 100644 --- a/svc/init.go +++ b/svc/init.go @@ -19,9 +19,9 @@ var ( flagHelp *bool = pflag.BoolP("help", "h", false, "Display the quick-help screen.") flagMan *bool = pflag.BoolP("manual", "m", false, "Display the configuration manual.") flagConfFile *string = pflag.StringP("config", "c", "", "The name/path of the configuration file you wish to use.") - flagAssets *string = pflag.StringP("assets", "a", "", "The location of the getwtxt assets directory") - flagDBPath *string = pflag.StringP("db", "d", "", "Path to the getwtxt database") - flagDBType *string = pflag.StringP("dbtype", "t", "", "Type of database being used") + flagAssets *string = pflag.StringP("assets", "a", "", "The location of the getwtxt assets directory.") + flagDBPath *string = pflag.StringP("db", "d", "", "Path to the getwtxt database.") + flagDBType *string = pflag.StringP("dbtype", "t", "", "Type of database being used.") ) // Holds the global configuration diff --git a/svc/svc.go b/svc/svc.go index 6284239..1748bf0 100644 --- a/svc/svc.go +++ b/svc/svc.go @@ -12,28 +12,42 @@ import ( // Start is the initialization function for getwtxt func Start() { + before := time.Now() initSvc() // StrictSlash(true) allows /api and /api/ // to serve the same content without duplicating // handlers/paths index := mux.NewRouter().StrictSlash(true) - api := index.PathPrefix("/api").Subrouter() - - setIndexRouting(index) - setEndpointRouting(api) confObj.Mu.RLock() portnum := fmt.Sprintf(":%v", confObj.Port) + if !confObj.IsProxied { + index.Host(confObj.Instance.URL) + } + TLS := confObj.TLS.Use + TLSCert := confObj.TLS.Cert + TLSKey := confObj.TLS.Key confObj.Mu.RUnlock() - server := newServer(portnum, index) + setIndexRouting(index) + api := index.PathPrefix("/api").Subrouter() + setEndpointRouting(api) + server := newServer(portnum, index) log.Printf("*** Listening on %v\n", portnum) - log.Printf("*** getwtxt %v Started :: %v ::\n\n", Vers, time.Now().Format(time.RFC3339)) - errLog("", server.ListenAndServe()) + log.Printf("*** getwtxt %v Startup finished at %v, took %v\n\n", Vers, time.Now().Format(time.RFC3339), time.Since(before)) + if TLS { + errLog("", server.ListenAndServeTLS(TLSCert, TLSKey)) + } else { + errLog("", server.ListenAndServe()) + } closeLog <- true + killTickers() + killDB() + close(dbChan) + close(closeLog) } func newServer(port string, index *mux.Router) *http.Server { |