mirror of
https://github.com/yusing/godoxy.git
synced 2025-05-20 12:42:34 +02:00
75 lines
1.5 KiB
Go
75 lines
1.5 KiB
Go
package autocert
|
|
|
|
import (
|
|
"crypto/ecdsa"
|
|
"crypto/elliptic"
|
|
"crypto/rand"
|
|
|
|
"github.com/go-acme/lego/v4/certcrypto"
|
|
"github.com/go-acme/lego/v4/lego"
|
|
E "github.com/yusing/go-proxy/internal/error"
|
|
M "github.com/yusing/go-proxy/internal/models"
|
|
)
|
|
|
|
type Config M.AutoCertConfig
|
|
|
|
func NewConfig(cfg *M.AutoCertConfig) *Config {
|
|
if cfg.CertPath == "" {
|
|
cfg.CertPath = CertFileDefault
|
|
}
|
|
if cfg.KeyPath == "" {
|
|
cfg.KeyPath = KeyFileDefault
|
|
}
|
|
if cfg.Provider == "" {
|
|
cfg.Provider = ProviderLocal
|
|
}
|
|
return (*Config)(cfg)
|
|
}
|
|
|
|
func (cfg *Config) GetProvider() (provider *Provider, res E.NestedError) {
|
|
b := E.NewBuilder("unable to initialize autocert")
|
|
defer b.To(&res)
|
|
|
|
if cfg.Provider != ProviderLocal {
|
|
if len(cfg.Domains) == 0 {
|
|
b.Addf("%s", "no domains specified")
|
|
}
|
|
if cfg.Provider == "" {
|
|
b.Addf("%s", "no provider specified")
|
|
}
|
|
if cfg.Email == "" {
|
|
b.Addf("%s", "no email specified")
|
|
}
|
|
// check if provider is implemented
|
|
_, ok := providersGenMap[cfg.Provider]
|
|
if !ok {
|
|
b.Addf("unknown provider: %q", cfg.Provider)
|
|
}
|
|
}
|
|
|
|
if b.HasError() {
|
|
return
|
|
}
|
|
|
|
privKey, err := E.Check(ecdsa.GenerateKey(elliptic.P256(), rand.Reader))
|
|
if err.HasError() {
|
|
b.Add(E.FailWith("generate private key", err))
|
|
return
|
|
}
|
|
|
|
user := &User{
|
|
Email: cfg.Email,
|
|
key: privKey,
|
|
}
|
|
|
|
legoCfg := lego.NewConfig(user)
|
|
legoCfg.Certificate.KeyType = certcrypto.RSA2048
|
|
|
|
provider = &Provider{
|
|
cfg: cfg,
|
|
user: user,
|
|
legoCfg: legoCfg,
|
|
}
|
|
|
|
return
|
|
}
|