Documentation ¶
Index ¶
- Constants
- func CLIPreflightSetup()
- func CreateACMEClient(cInfo ConnectionInfo, solvers map[string]acmez.Solver, logger *zap.Logger) acmez.Client
- func CreateACMEClientAccount(email string, client acmez.Client, logger *zap.Logger) (acme.Account, error)
- func CreateACMEClientAccountKeyFile(email string, cInfo ConnectionInfo) (*ecdsa.PrivateKey, error)
- func CreateDirectory(path string)
- func DaemonPreflightSetup()
- func DecodeECDSAPrivateKeyPEM(path string) *ecdsa.PrivateKey
- func DeleteFile(path string)
- func DirectoryExists(pathName string) (bool, error)
- func EncodeECDSAPrivateKeyPEM(privateKey *ecdsa.PrivateKey) (string, []byte)
- func Entrypoint()
- func FileExists(fileName string) (bool, error)
- func HybridPreflightSetup()
- func IsWritable(path string) bool
- func LoadKeyFile(fileName string) []byte
- func PreflightSetup()
- func ReadCertFromFile(path string) (*x509.Certificate, error)
- func ReadFileToBytes(path string) ([]byte, error)
- func TouchFile(fileName string, updateTime bool)
- func ValidateConfigDirectory(path string) error
- func ValidateConfigPath(path string) error
- func WriteByteFile(path string, content []byte, mode int, overwrite bool) (bool, error)
- type AppConfig
- type CLIOpts
- type Certificate
- type Config
- type ConnectionInfo
- type Issuer
- type Order
- type OrderResponse
- type RequestOptions
- type Roadrunner
- type SavePaths
Constants ¶
const ( // DefaultWorkingDirectory is the default working directory for the application DefaultWorkingDirectory = "/etc/pki/roadrunner" // DefaultSaveType is the default save type for the certificates when created DefaultSaveType = "pem-pair" )
Variables ¶
This section is empty.
Functions ¶
func CLIPreflightSetup ¶
func CLIPreflightSetup()
CLIPreflightSetup just makes sure the stage is set before starting the CLI applet
func CreateACMEClient ¶
func CreateACMEClient(cInfo ConnectionInfo, solvers map[string]acmez.Solver, logger *zap.Logger) acmez.Client
CreateACMEClient creates a new ACME client
func CreateACMEClientAccount ¶
func CreateACMEClientAccount(email string, client acmez.Client, logger *zap.Logger) (acme.Account, error)
CreateACMEClientAccount creates a new ACME client account An account is a combination of email address and private key that is used to identify you to the ACME CA. You only need to create an account once, and then you can use it to get as many certificates as you want. The files are stored in the working_directory/.acme/accounts/<endpoint-server-hostname>/<email>/ directories.
func CreateACMEClientAccountKeyFile ¶
func CreateACMEClientAccountKeyFile(email string, cInfo ConnectionInfo) (*ecdsa.PrivateKey, error)
CreateACMEClientAccountKeyFile creates a new ACME client account key file if needed or returns it if it already exists The account key files will be found in the working_directory/.acme/keys/<endpoint-server-hostname>/<emailAT>.key path.
func DaemonPreflightSetup ¶
func DaemonPreflightSetup()
DaemonPreflightSetup just makes sure the stage is set before starting the daemon
func DecodeECDSAPrivateKeyPEM ¶
func DecodeECDSAPrivateKeyPEM(path string) *ecdsa.PrivateKey
DecodeECDSAPrivateKeyPEM takes a ecdsa.PrivateKey directly and encodes it to a PEM block
func DirectoryExists ¶
DirectoryExists checks if a file exists and returns a boolean or an erro
func EncodeECDSAPrivateKeyPEM ¶
func EncodeECDSAPrivateKeyPEM(privateKey *ecdsa.PrivateKey) (string, []byte)
EncodeECDSAPrivateKeyPEM takes a ecdsa.PrivateKey directly and encodes it to a PEM block
func Entrypoint ¶
func Entrypoint()
Entrypoint is the entry point for the roadrunner application, keeps things small and tidy
func FileExists ¶
FileExists checks if a file exists and returns a boolean or an erro
func HybridPreflightSetup ¶
func HybridPreflightSetup()
HybridPreflightSetup just makes sure the stage is set before starting each component
func PreflightSetup ¶
func PreflightSetup()
PreflightSetup just makes sure the stage is set before starting the application in general
func ReadCertFromFile ¶
func ReadCertFromFile(path string) (*x509.Certificate, error)
ReadCertFromFile wraps the needed functions to safely read a PEM certificate
func ReadFileToBytes ¶
ReadFileToBytes will return the contents of a file
func ValidateConfigDirectory ¶
ValidateConfigDirectory just makes sure, that the path provided is a directory, or a place where we can create a diretory
func ValidateConfigPath ¶
ValidateConfigPath just makes sure, that the path provided is a file, that can be read
Types ¶
type AppConfig ¶
type AppConfig struct { // Mode is the mode to run the application in, options are "daemon" and "cli", defaulting to "cli" Mode string `yaml:"mode,omitempty"` // HTTPProxy is the HTTP proxy to use for outbound connections HTTPProxy string `yaml:"http_proxy,omitempty"` // HTTPSProxy is the HTTPS proxy to use for outbound connections HTTPSProxy string `yaml:"https_proxy,omitempty"` // NoProxy is the list of domains to not use the proxy for NoProxy []string `yaml:"no_proxy,omitempty"` // SkipTLSVerify is a global flag to enable/disable SSL verification SkipTLSVerify bool `yaml:"skip_tls_verify,omitempty"` // WorkingDir is the directory to use for storing generated files WorkingDir string `yaml:"working_dir,omitempty"` }
Config is the structure that houses the general configuration
type CLIOpts ¶
type CLIOpts struct {
Config string
}
CLIOpts contains the CLI options
func ParseFlags ¶
ParseFlags will define and parse the CLI flags and return the path to be used elsewhere
type Certificate ¶
type Certificate struct { // Issuer is the name of the ACME solver as an Issuer Issuer string `yaml:"issuer"` // Email is the email address used when registering with the ACME endpoint Email string `yaml:"email"` // Domains is a list of domains to generate a certificate for Domains []string `yaml:"domains"` // SaveType is the type of data that will be stored in the save path, options are "pem-pair" and "haproxy" SaveType string `yaml:"save_type"` // SavePath is the optional directory where the files generated will be COPIED to // If the directory does not exist, it will be created // The files saved will be named after the domain name and .crt and optionally the .key file as well if using pem-pair SavePaths SavePaths `yaml:"save_paths,omitempty"` // RestartCmd is the command that will be run after the certificate is generated or renewed RestartCmd string `yaml:"restart_cmd,omitempty"` // RenewDays is the number of days before the certificate expires that it will be renewed RenewDays int `yaml:"renew_days,omitempty"` // RequestOptions is the list of options that are used when requesting the certificate RequestOptions RequestOptions `yaml:"request_options,omitempty"` }
Certificate is the struct for the ssl certificate to generate/renew
type Config ¶
type Config struct {
Roadrunner Roadrunner `yaml:"roadrunner"`
}
Config struct for webapp config at the top level
var ( // RunningConfig is the current configuration RunningConfig *Config )
func (Config) ProcessConfiguration ¶
func (config Config) ProcessConfiguration()
ProcessConfiguration will process the Roadrunner configuration
type ConnectionInfo ¶
type ConnectionInfo struct { DirectoryURL string `yaml:"directory_url"` SkipTLSVerify bool `yaml:"skip_tls_verify,omitempty"` Solvers map[string]acmez.Solver `yaml:"solvers,omitempty"` }
ConnectionInfo is the information needed to connect to an ACME server
type Issuer ¶
type Issuer struct { // Name is the name of the solver to use Name string `yaml:"name"` // Type is the type of solver to use, options are "none", "http" and "dns-01" Type string `yaml:"type"` // Endpoint is the endpoint URL for the solver directory Endpoint string `yaml:"endpoint"` // CAFile is an optional path to a CA file to use for the solver CAFile string `yaml:"ca_file,omitempty"` // SkipTLSVerify is a flag to enable/disable SSL verification SkipTLSVerify bool `yaml:"skip_tls_verify,omitempty"` }
Issuer provides the connection information for the ACME server solver
type OrderResponse ¶
type RequestOptions ¶
type RequestOptions struct { // KeyType is the type of key to use, options are "rsa" and "ecdsa" KeyType string `yaml:"key_type,omitempty"` // KeySize is the size of the key to use, options are 2048, 4096, and 8192 KeySize int `yaml:"key_size,omitempty"` // Expiration is the number of days the certificate will be valid for Expiration int `yaml:"expiration,omitempty"` }
RequestOptions is the struct for the options used when requesting the certificate
type Roadrunner ¶
type Roadrunner struct { // Config is the configuration of this instance Config AppConfig `yaml:"config,omitempty"` // Certificates is the list of certificates to generate and/or renew Certificates []Certificate `yaml:"certificates"` // Issuers is the list of issuers to use for generating and/or renewing certificates Issuers []Issuer `yaml:"issuers"` }
Roadrunner is the structure that houses the root of the configuration