-
Notifications
You must be signed in to change notification settings - Fork 0
/
acmeproxy.go
87 lines (77 loc) · 2.09 KB
/
acmeproxy.go
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
package main
import "golang.org/x/crypto/acme"
import "golang.org/x/crypto/acme/autocert"
import "context"
import "fmt"
import "log"
import "net"
import "net/http"
import "net/http/httputil"
import "os"
import "os/signal"
import "sync"
import "syscall"
func die(status int, format string, args ...interface {}) {
fmt.Fprintf(os.Stderr, format + "\n", args...)
os.Exit(status)
}
func main() {
if len(os.Args) < 2 {
die(64, "Usage: %s HOSTNAME...", os.Args[0])
}
manager := &autocert.Manager {
Cache: autocert.DirCache("."),
HostPolicy: autocert.HostWhitelist(os.Args[1:]...),
Prompt: autocert.AcceptTOS,
}
server := &http.Server {
ErrorLog: log.New(os.Stdout, "", 0),
Handler: &httputil.ReverseProxy {
Director: func(request *http.Request) {
if host, _, err := net.SplitHostPort(request.Host); err == nil {
request.Host = host
}
request.URL.Scheme, request.URL.Host = "http", request.Host
if _, ok := request.Header["User-Agent"]; ok == false {
request.Header.Set("User-Agent", "")
}
},
ErrorLog: log.New(os.Stdout, "", 0),
},
TLSConfig: manager.TLSConfig(),
}
if url := os.Getenv("ACMEURL"); url != "" {
manager.Client = &acme.Client {
DirectoryURL: url,
}
}
terminate := make(chan os.Signal, 1)
signal.Notify(terminate, syscall.SIGHUP, syscall.SIGINT, syscall.SIGTERM)
hosts := make(map[string]string)
for _, name := range os.Args[1:] {
addresses, err := net.LookupHost(name)
if err != nil {
die(1, "Failed to resolve hostname %s", name)
}
for _, host := range addresses {
hosts[host] = host
}
}
wait := new(sync.WaitGroup)
for host := range hosts {
listener, err := net.Listen("tcp", net.JoinHostPort(host, "https"))
if err != nil {
server.Shutdown(context.Background())
wait.Wait()
die(1, "Failed to listen for https on %s", host)
}
wait.Add(1)
go func() {
server.ServeTLS(listener, "", "")
wait.Done()
}()
}
<-terminate
server.Shutdown(context.Background())
wait.Wait()
}