@@ -48,7 +48,7 @@ var denyHosts = flag.String("denyHosts", "", "comma separated list of denied rem
4848var referrers = flag .String ("referrers" , "" , "comma separated list of allowed referring hosts" )
4949var baseURL = flag .String ("baseURL" , "" , "default base URL for relative remote URLs" )
5050var cache tieredCache
51- var signatureKey = flag . String ( "signatureKey" , "" , "HMAC key used in calculating request signatures" )
51+ var signatureKeyList SignatureKeyList
5252var scaleUp = flag .Bool ("scaleUp" , false , "allow images to scale beyond their original dimensions" )
5353var timeout = flag .Duration ("timeout" , 0 , "time limit for requests served by this proxy" )
5454var verbose = flag .Bool ("verbose" , false , "print verbose logging messages" )
@@ -58,6 +58,7 @@ var userAgent = flag.String("userAgent", "willnorris/imageproxy", "specify the u
5858
5959func init () {
6060 flag .Var (& cache , "cache" , "location to cache images (see https://github.com/willnorris/imageproxy#cache)" )
61+ flag .Var (& signatureKeyList , "signatureKey" , "HMAC key used in calculating request signatures" )
6162}
6263
6364func main () {
@@ -77,18 +78,7 @@ func main() {
7778 if * contentTypes != "" {
7879 p .ContentTypes = strings .Split (* contentTypes , "," )
7980 }
80- if * signatureKey != "" {
81- key := []byte (* signatureKey )
82- if strings .HasPrefix (* signatureKey , "@" ) {
83- file := strings .TrimPrefix (* signatureKey , "@" )
84- var err error
85- key , err = ioutil .ReadFile (file )
86- if err != nil {
87- log .Fatalf ("error reading signature file: %v" , err )
88- }
89- }
90- p .SignatureKey = key
91- }
81+ p .SignatureKeys = signatureKeyList
9282 if * baseURL != "" {
9383 var err error
9484 p .DefaultBaseURL , err = url .Parse (* baseURL )
@@ -112,6 +102,27 @@ func main() {
112102 log .Fatal (http .ListenAndServe (* addr , nil ))
113103}
114104
105+ type SignatureKeyList [][]byte
106+
107+ func (skl * SignatureKeyList ) String () string {
108+ return fmt .Sprint (* skl )
109+ }
110+
111+ func (skl * SignatureKeyList ) Set (value string ) error {
112+ key := []byte (value )
113+ if strings .HasPrefix (value , "@" ) {
114+ file := strings .TrimPrefix (value , "@" )
115+ var err error
116+ key , err = ioutil .ReadFile (file )
117+ if err != nil {
118+ log .Fatalf ("error reading signature file: %v" , err )
119+ }
120+ }
121+
122+ * skl = append (* skl , key )
123+ return nil
124+ }
125+
115126// tieredCache allows specifying multiple caches via flags, which will create
116127// tiered caches using the twotier package.
117128type tieredCache struct {
0 commit comments