diff options
author | Christopher Speller <crspeller@gmail.com> | 2018-01-30 10:12:42 -0800 |
---|---|---|
committer | GitHub <noreply@github.com> | 2018-01-30 10:12:42 -0800 |
commit | ac2e42a480c5bba2e5128017218b0fa1bed8e836 (patch) | |
tree | fb154e7ec87cc609d25234e977fccb9a8161d24e /app | |
parent | 8ca8e71fddf6027672938a26f9cc0494bbc5a2bd (diff) | |
download | chat-ac2e42a480c5bba2e5128017218b0fa1bed8e836.tar.gz chat-ac2e42a480c5bba2e5128017218b0fa1bed8e836.tar.bz2 chat-ac2e42a480c5bba2e5128017218b0fa1bed8e836.zip |
Moving to golang.org/x/crypto/acme/autocert for Let's Encrypt functionality. (#8165)
Diffstat (limited to 'app')
-rw-r--r-- | app/server.go | 41 |
1 files changed, 28 insertions, 13 deletions
diff --git a/app/server.go b/app/server.go index eb2fa9b32..c008da3a1 100644 --- a/app/server.go +++ b/app/server.go @@ -10,13 +10,14 @@ import ( "io/ioutil" "net" "net/http" + "os" "strings" "time" l4g "github.com/alecthomas/log4go" "github.com/gorilla/handlers" "github.com/gorilla/mux" - "github.com/rsc/letsencrypt" + "golang.org/x/crypto/acme/autocert" "gopkg.in/throttled/throttled.v2" "gopkg.in/throttled/throttled.v2/store/memstore" @@ -161,18 +162,34 @@ func (a *App) StartServer() { l4g.Info(utils.T("api.server.start_server.listening.info"), listener.Addr().String()) + // Migration from old let's encrypt library + if *a.Config().ServiceSettings.UseLetsEncrypt { + if stat, err := os.Stat(*a.Config().ServiceSettings.LetsEncryptCertificateCacheFile); err == nil && !stat.IsDir() { + os.Remove(*a.Config().ServiceSettings.LetsEncryptCertificateCacheFile) + } + } + + m := &autocert.Manager{ + Cache: autocert.DirCache(*a.Config().ServiceSettings.LetsEncryptCertificateCacheFile), + Prompt: autocert.AcceptTOS, + } + if *a.Config().ServiceSettings.Forward80To443 { - go func() { - redirectListener, err := net.Listen("tcp", ":80") - if err != nil { - listener.Close() - l4g.Error("Unable to setup forwarding: " + err.Error()) - return - } - defer redirectListener.Close() + if *a.Config().ServiceSettings.UseLetsEncrypt { + go http.ListenAndServe(":http", m.HTTPHandler(nil)) + } else { + go func() { + redirectListener, err := net.Listen("tcp", ":80") + if err != nil { + listener.Close() + l4g.Error("Unable to setup forwarding: " + err.Error()) + return + } + defer redirectListener.Close() - http.Serve(redirectListener, http.HandlerFunc(redirectHTTPToHTTPS)) - }() + http.Serve(redirectListener, http.HandlerFunc(redirectHTTPToHTTPS)) + }() + } } a.Srv.didFinishListen = make(chan struct{}) @@ -180,8 +197,6 @@ func (a *App) StartServer() { var err error if *a.Config().ServiceSettings.ConnectionSecurity == model.CONN_SECURITY_TLS { if *a.Config().ServiceSettings.UseLetsEncrypt { - var m letsencrypt.Manager - m.CacheFile(*a.Config().ServiceSettings.LetsEncryptCertificateCacheFile) tlsConfig := &tls.Config{ GetCertificate: m.GetCertificate, |