telebit/cmd/mgmt/mgmt.go

120 lines
3.0 KiB
Go
Raw Normal View History

2020-05-26 07:47:22 +00:00
//go:generate go run -mod=vendor git.rootprojects.org/root/go-gitver
package main
import (
"flag"
"fmt"
2020-05-30 23:14:40 +00:00
"log"
2020-05-26 07:47:22 +00:00
"net/http"
"os"
2020-05-26 09:05:39 +00:00
"strings"
2020-05-26 07:47:22 +00:00
2020-07-20 22:20:59 +00:00
"git.rootprojects.org/root/telebit/mgmt/authstore"
2020-05-30 23:14:40 +00:00
2020-05-26 07:47:22 +00:00
"github.com/go-acme/lego/v3/challenge"
"github.com/go-acme/lego/v3/providers/dns/duckdns"
"github.com/go-acme/lego/v3/providers/dns/godaddy"
_ "github.com/joho/godotenv/autoload"
)
var (
// GitRev refers to the abbreviated commit hash
GitRev = "0000000"
// GitVersion refers to the most recent tag, plus any commits made since then
GitVersion = "v0.0.0-pre0+0000000"
// GitTimestamp refers to the timestamp of the most recent commit
GitTimestamp = "0000-00-00T00:00:00+0000"
)
2020-05-26 09:05:39 +00:00
type MWKey string
2020-05-30 23:14:40 +00:00
var store authstore.Store
var provider challenge.Provider = nil // TODO is this concurrency-safe?
var secret *string
2020-05-31 13:02:46 +00:00
var primaryDomain string
func help() {
fmt.Fprintf(os.Stderr, "Usage: mgmt --domain <example.com> --secret <128-bit secret>\n")
}
2020-05-30 23:14:40 +00:00
2020-05-26 07:47:22 +00:00
func main() {
var err error
addr := flag.String("address", "", "IPv4 or IPv6 bind address")
port := flag.String("port", "3000", "port to listen to")
2020-05-30 23:14:40 +00:00
dbURL := flag.String(
"db-url",
"postgres://postgres:postgres@localhost/postgres",
"database (postgres) connection url",
)
secret = flag.String("secret", "", "a >= 16-character random string for JWT key signing")
2020-05-31 13:02:46 +00:00
domain := flag.String("domain", "", "the base domain to use for all clients")
2020-05-26 07:47:22 +00:00
flag.Parse()
2020-05-31 13:02:46 +00:00
primaryDomain = *domain
if "" == primaryDomain {
help()
os.Exit(1)
}
2020-05-26 07:47:22 +00:00
if "" != os.Getenv("GODADDY_API_KEY") {
id := os.Getenv("GODADDY_API_KEY")
2020-05-26 09:05:39 +00:00
apiSecret := os.Getenv("GODADDY_API_SECRET")
if provider, err = newGoDaddyDNSProvider(id, apiSecret); nil != err {
2020-05-26 07:47:22 +00:00
panic(err)
}
} else if "" != os.Getenv("DUCKDNS_TOKEN") {
if provider, err = newDuckDNSProvider(os.Getenv("DUCKDNS_TOKEN")); nil != err {
panic(err)
}
} else {
panic("Must provide either DUCKDNS or GODADDY credentials")
}
2020-05-26 09:05:39 +00:00
if "" == *secret {
*secret = os.Getenv("SECRET")
}
if "" == *secret {
2020-05-31 13:02:46 +00:00
help()
2020-05-26 09:05:39 +00:00
os.Exit(1)
return
}
2020-05-30 23:14:40 +00:00
connStr := *dbURL
// TODO url.Parse
2020-06-03 06:17:30 +00:00
if strings.Contains(connStr, "@localhost/") || strings.Contains(connStr, "@localhost:") {
2020-05-30 23:14:40 +00:00
connStr += "?sslmode=disable"
} else {
connStr += "?sslmode=required"
}
initSQL := "./init.sql"
store, err = authstore.NewStore(connStr, initSQL)
if nil != err {
log.Fatal("connection error", err)
return
}
2020-05-30 23:45:36 +00:00
_ = store.SetMaster(*secret)
2020-05-30 23:14:40 +00:00
defer store.Close()
2020-05-26 07:47:22 +00:00
bind := *addr + ":" + *port
fmt.Println("Listening on", bind)
2020-06-03 06:17:30 +00:00
fmt.Fprintf(os.Stderr, "failed: %s", http.ListenAndServe(bind, routeAll()))
2020-05-26 07:47:22 +00:00
}
// newDuckDNSProvider is for the sake of demoing the tunnel
func newDuckDNSProvider(token string) (*duckdns.DNSProvider, error) {
config := duckdns.NewDefaultConfig()
config.Token = token
return duckdns.NewDNSProviderConfig(config)
}
// newGoDaddyDNSProvider is for the sake of demoing the tunnel
func newGoDaddyDNSProvider(id, secret string) (*godaddy.DNSProvider, error) {
config := godaddy.NewDefaultConfig()
config.APIKey = id
config.APISecret = secret
return godaddy.NewDNSProviderConfig(config)
}