roadrunner

package
v0.0.0-...-7be871a Latest Latest
Warning

This package is not in the latest version of its module.

 Go to latest Published: Dec 18, 2022 License: MIT Imports: 25 Imported by: 0

Documentation

Index

Constants

View Source 
const (
	// DefaultWorkingDirectory is the default working directory for the application
	DefaultWorkingDirectory = "/etc/pki/roadrunner"

	// DefaultSaveType is the default save type for the certificates when created
	DefaultSaveType = "pem-pair"
)

Variables

This section is empty.

Functions

func CLIPreflightSetup 

func CLIPreflightSetup()

CLIPreflightSetup just makes sure the stage is set before starting the CLI applet

func CreateACMEClient 

func CreateACMEClient(cInfo ConnectionInfo, solvers map[string]acmez.Solver, logger *zap.Logger) acmez.Client

CreateACMEClient creates a new ACME client

func CreateACMEClientAccount 

func CreateACMEClientAccount(email string, client acmez.Client, logger *zap.Logger) (acme.Account, error)

CreateACMEClientAccount creates a new ACME client account An account is a combination of email address and private key that is used to identify you to the ACME CA. You only need to create an account once, and then you can use it to get as many certificates as you want. The files are stored in the working_directory/.acme/accounts/<endpoint-server-hostname>/<email>/ directories.

func CreateACMEClientAccountKeyFile 

func CreateACMEClientAccountKeyFile(email string, cInfo ConnectionInfo) (*ecdsa.PrivateKey, error)

CreateACMEClientAccountKeyFile creates a new ACME client account key file if needed or returns it if it already exists The account key files will be found in the working_directory/.acme/keys/<endpoint-server-hostname>/<emailAT>.key path.

func CreateDirectory 

func CreateDirectory(path string)

CreateDirectory is self explanitory

func DaemonPreflightSetup 

func DaemonPreflightSetup()

DaemonPreflightSetup just makes sure the stage is set before starting the daemon

func DecodeECDSAPrivateKeyPEM 

func DecodeECDSAPrivateKeyPEM(path string) *ecdsa.PrivateKey

DecodeECDSAPrivateKeyPEM takes a ecdsa.PrivateKey directly and encodes it to a PEM block

func DeleteFile 

func DeleteFile(path string)

DeleteFile deletes a file

func DirectoryExists 

func DirectoryExists(pathName string) (bool, error)

DirectoryExists checks if a file exists and returns a boolean or an erro

func EncodeECDSAPrivateKeyPEM 

func EncodeECDSAPrivateKeyPEM(privateKey *ecdsa.PrivateKey) (string, []byte)

EncodeECDSAPrivateKeyPEM takes a ecdsa.PrivateKey directly and encodes it to a PEM block

func Entrypoint 

func Entrypoint()

Entrypoint is the entry point for the roadrunner application, keeps things small and tidy

func FileExists 

func FileExists(fileName string) (bool, error)

FileExists checks if a file exists and returns a boolean or an erro

func HybridPreflightSetup 

func HybridPreflightSetup()

HybridPreflightSetup just makes sure the stage is set before starting each component

func IsWritable 

func IsWritable(path string) bool

IsWritable just checks if the path is writable

func LoadKeyFile 

func LoadKeyFile(fileName string) []byte

LoadKeyFile - loads a PEM key file

func PreflightSetup 

func PreflightSetup()

PreflightSetup just makes sure the stage is set before starting the application in general

func ReadCertFromFile 

func ReadCertFromFile(path string) (*x509.Certificate, error)

ReadCertFromFile wraps the needed functions to safely read a PEM certificate

func ReadFileToBytes 

func ReadFileToBytes(path string) ([]byte, error)

ReadFileToBytes will return the contents of a file

func TouchFile 

func TouchFile(fileName string, updateTime bool)

TouchFile just creates a file if it doesn't exist already

func ValidateConfigDirectory 

func ValidateConfigDirectory(path string) error

ValidateConfigDirectory just makes sure, that the path provided is a directory, or a place where we can create a diretory

func ValidateConfigPath 

func ValidateConfigPath(path string) error

ValidateConfigPath just makes sure, that the path provided is a file, that can be read

func WriteByteFile 

func WriteByteFile(path string, content []byte, mode int, overwrite bool) (bool, error)

WriteByteFile creates a file from a byte slice with an optional filemode, only if it's new, and populates it - can force overwrite optionally

Types

type AppConfig 

type AppConfig struct {
	// Mode is the mode to run the application in, options are "daemon" and "cli", defaulting to "cli"
	Mode string `yaml:"mode,omitempty"`
	// HTTPProxy is the HTTP proxy to use for outbound connections
	HTTPProxy string `yaml:"http_proxy,omitempty"`
	// HTTPSProxy is the HTTPS proxy to use for outbound connections
	HTTPSProxy string `yaml:"https_proxy,omitempty"`
	// NoProxy is the list of domains to not use the proxy for
	NoProxy []string `yaml:"no_proxy,omitempty"`
	// SkipTLSVerify is a global flag to enable/disable SSL verification
	SkipTLSVerify bool `yaml:"skip_tls_verify,omitempty"`
	// WorkingDir is the directory to use for storing generated files
	WorkingDir string `yaml:"working_dir,omitempty"`
}

Config is the structure that houses the general configuration

type CLIOpts 

type CLIOpts struct {
	Config string
}

CLIOpts contains the CLI options

func ParseFlags 

func ParseFlags() (CLIOpts, error)

ParseFlags will define and parse the CLI flags and return the path to be used elsewhere

type Certificate 

type Certificate struct {
	// Issuer is the name of the ACME solver as an Issuer
	Issuer string `yaml:"issuer"`
	// Email is the email address used when registering with the ACME endpoint
	Email string `yaml:"email"`
	// Domains is a list of domains to generate a certificate for
	Domains []string `yaml:"domains"`
	// SaveType is the type of data that will be stored in the save path, options are "pem-pair" and "haproxy"
	SaveType string `yaml:"save_type"`
	// SavePath is the optional directory where the files generated will be COPIED to
	// If the directory does not exist, it will be created
	// The files saved will be named after the domain name and .crt and optionally the .key file as well if using pem-pair
	SavePaths SavePaths `yaml:"save_paths,omitempty"`
	// RestartCmd is the command that will be run after the certificate is generated or renewed
	RestartCmd string `yaml:"restart_cmd,omitempty"`
	// RenewDays is the number of days before the certificate expires that it will be renewed
	RenewDays int `yaml:"renew_days,omitempty"`
	// RequestOptions is the list of options that are used when requesting the certificate
	RequestOptions RequestOptions `yaml:"request_options,omitempty"`
}

Certificate is the struct for the ssl certificate to generate/renew

type Config 

type Config struct {
	Roadrunner Roadrunner `yaml:"roadrunner"`
}

Config struct for webapp config at the top level 

var (
	// RunningConfig is the current configuration
	RunningConfig *Config
)

func NewConfig 

func NewConfig(configPath CLIOpts) (*Config, error)

NewConfig returns a new decoded Config struct

func (Config) ProcessConfiguration 

func (config Config) ProcessConfiguration()

ProcessConfiguration will process the Roadrunner configuration

type ConnectionInfo 

type ConnectionInfo struct {
	DirectoryURL  string                  `yaml:"directory_url"`
	SkipTLSVerify bool                    `yaml:"skip_tls_verify,omitempty"`
	Solvers       map[string]acmez.Solver `yaml:"solvers,omitempty"`
}

ConnectionInfo is the information needed to connect to an ACME server

type Issuer 

type Issuer struct {
	// Name is the name of the solver to use
	Name string `yaml:"name"`
	// Type is the type of solver to use, options are "none", "http" and "dns-01"
	Type string `yaml:"type"`
	// Endpoint is the endpoint URL for the solver directory
	Endpoint string `yaml:"endpoint"`
	// CAFile is an optional path to a CA file to use for the solver
	CAFile string `yaml:"ca_file,omitempty"`
	// SkipTLSVerify is a flag to enable/disable SSL verification
	SkipTLSVerify bool `yaml:"skip_tls_verify,omitempty"`
}

Issuer provides the connection information for the ACME server solver

type Order 

type Order struct {
	Domains []string `yaml:"domains"`
	Email   string   `yaml:"email,omitempty"`
}

type OrderResponse 

type OrderResponse struct {
	Status         string `yaml:"status"`
	Expires        string `yaml:"expires"`
	CertificatePEM string `yaml:"certificate_pem"`
	PrivateKeyPEM  string `yaml:"private_key_pem"`
}

type RequestOptions 

type RequestOptions struct {
	// KeyType is the type of key to use, options are "rsa" and "ecdsa"
	KeyType string `yaml:"key_type,omitempty"`
	// KeySize is the size of the key to use, options are 2048, 4096, and 8192
	KeySize int `yaml:"key_size,omitempty"`
	// Expiration is the number of days the certificate will be valid for
	Expiration int `yaml:"expiration,omitempty"`
}

RequestOptions is the struct for the options used when requesting the certificate

type Roadrunner 

type Roadrunner struct {
	// Config is the configuration of this instance
	Config AppConfig `yaml:"config,omitempty"`
	// Certificates is the list of certificates to generate and/or renew
	Certificates []Certificate `yaml:"certificates"`
	// Issuers is the list of issuers to use for generating and/or renewing certificates
	Issuers []Issuer `yaml:"issuers"`
}

Roadrunner is the structure that houses the root of the configuration

type SavePaths 

type SavePaths struct {
	// Cert is the path to the certificate
	Cert string `yaml:"cert"`
	// Key is the path to the private key
	Key string `yaml:"key,omitempty"`
}

SavePaths is a grouping of the possible assets saved by the application

Source Files

View all Source files

Jump to

Keyboard shortcuts

? : This menu
/ : Search site
f or F : Jump to
y or Y : Canonical URL
go.dev uses cookies from Google to deliver and enhance the quality of its services and to analyze traffic. Learn more.