boulder: github.com/letsencrypt/boulder/cmd Index | Files | Directories

package cmd

import "github.com/letsencrypt/boulder/cmd"

This package provides utilities that underlie the specific commands.

Index

Package Files

clock_generic.go config.go shell.go

Variables

var ErrDurationMustBeString = errors.New("cannot JSON unmarshal something other than a string into a ConfigDuration")

ErrDurationMustBeString is returned when a non-string value is presented to be deserialized as a ConfigDuration

func CatchSignals Uses

func CatchSignals(logger blog.Logger, callback func())

CatchSignals catches SIGTERM, SIGINT, SIGHUP and executes a callback method before exiting

func Clock Uses

func Clock() clock.Clock

Clock functions similarly to clock.Default(), but the returned value can be changed using the FAKECLOCK environment variable if the 'integration' build flag is set.

This function returns the default Clock.

func Fail Uses

func Fail(msg string)

Fail exits and prints an error message to stderr and the logger audit log.

func FailOnError Uses

func FailOnError(err error, msg string)

FailOnError exits and prints an error message, but only if we encountered a problem and err != nil

func FilterShutdownErrors Uses

func FilterShutdownErrors(err error) error

FilterShutdownErrors returns the input error, with the exception of "use of closed network connection," on which it returns nil Per https://github.com/grpc/grpc-go/issues/1017, a gRPC server's `Serve()` will always return an error, even when GracefulStop() is called. We don't want to log graceful stops as errors, so we filter out the meaningless error we get in that situation.

func LoadCert Uses

func LoadCert(path string) (cert []byte, err error)

LoadCert loads a PEM-formatted certificate from the provided path, returning it as a byte array, or an error if it couldn't be decoded.

func NewLogger Uses

func NewLogger(logConf SyslogConfig) blog.Logger

func ReadConfigFile Uses

func ReadConfigFile(filename string, out interface{}) error

ReadConfigFile takes a file path as an argument and attempts to unmarshal the content of the file into a struct containing a configuration of a boulder component.

func StatsAndLogging Uses

func StatsAndLogging(logConf SyslogConfig, addr string) (metrics.Scope, blog.Logger)

StatsAndLogging constructs a metrics.Scope and an AuditLogger based on its config parameters, and return them both. It also spawns off an HTTP server on the provided port to report the stats and provide pprof profiling handlers. Crashes if any setup fails. Also sets the constructed AuditLogger as the default logger, and configures the cfssl, mysql, and grpc packages to use our logger. This must be called before any gRPC code is called, because gRPC's SetLogger doesn't use any locking.

func VersionString Uses

func VersionString() string

VersionString produces a friendly Application version string.

type ConfigDuration Uses

type ConfigDuration struct {
    time.Duration
}

ConfigDuration is just an alias for time.Duration that allows serialization to YAML as well as JSON.

func (ConfigDuration) MarshalJSON Uses

func (d ConfigDuration) MarshalJSON() ([]byte, error)

MarshalJSON returns the string form of the duration, as a byte array.

func (*ConfigDuration) UnmarshalJSON Uses

func (d *ConfigDuration) UnmarshalJSON(b []byte) error

UnmarshalJSON parses a string into a ConfigDuration using time.ParseDuration. If the input does not unmarshal as a string, then UnmarshalJSON returns ErrDurationMustBeString.

func (*ConfigDuration) UnmarshalYAML Uses

func (d *ConfigDuration) UnmarshalYAML(unmarshal func(interface{}) error) error

UnmarshalYAML uses the same frmat as JSON, but is called by the YAML parser (vs. the JSON parser).

type DBConfig Uses

type DBConfig struct {
    DBConnect string
    // A file containing a connect URL for the DB.
    DBConnectFile string
    MaxDBConns    int
}

DBConfig defines how to connect to a database. The connect string may be stored in a file separate from the config, because it can contain a password, which we want to keep out of configs.

func (*DBConfig) URL Uses

func (d *DBConfig) URL() (string, error)

URL returns the DBConnect URL represented by this DBConfig object, either loading it from disk or returning a default value. Leading and trailing whitespace is stripped.

type GRPCClientConfig Uses

type GRPCClientConfig struct {
    ServerAddress string
    Timeout       ConfigDuration
}

GRPCClientConfig contains the information needed to talk to the gRPC service

type GRPCServerConfig Uses

type GRPCServerConfig struct {
    Address string `json:"address"`
    // ClientNames is a list of allowed client certificate subject alternate names
    // (SANs). The server will reject clients that do not present a certificate
    // with a SAN present on the `ClientNames` list.
    ClientNames []string `json:"clientNames"`
}

GRPCServerConfig contains the information needed to run a gRPC service

type HostnamePolicyConfig Uses

type HostnamePolicyConfig struct {
    HostnamePolicyFile string
}

HostnamePolicyConfig specifies a file from which to load a policy regarding what hostnames to issue for.

type PAConfig Uses

type PAConfig struct {
    DBConfig
    Challenges map[string]bool
}

PAConfig specifies how a policy authority should connect to its database, what policies it should enforce, and what challenges it should offer.

func (PAConfig) CheckChallenges Uses

func (pc PAConfig) CheckChallenges() error

CheckChallenges checks whether the list of challenges in the PA config actually contains valid challenge names

type PasswordConfig Uses

type PasswordConfig struct {
    Password     string
    PasswordFile string
}

PasswordConfig either contains a password or the path to a file containing a password

func (*PasswordConfig) Pass Uses

func (pc *PasswordConfig) Pass() (string, error)

Pass returns a password, either directly from the configuration struct or by reading from a specified file

type PortConfig Uses

type PortConfig struct {
    HTTPPort  int
    HTTPSPort int
    TLSPort   int
}

PortConfig specifies what ports the VA should call to on the remote host when performing its checks.

type RPCServerConfig Uses

type RPCServerConfig struct {
    Server     string // Queue name where the server receives requests
    RPCTimeout ConfigDuration
}

RPCServerConfig contains configuration particular to a specific RPC server type (e.g. RA, SA, etc)

type SMTPConfig Uses

type SMTPConfig struct {
    PasswordConfig
    Server   string
    Port     string
    Username string
}

type ServiceConfig Uses

type ServiceConfig struct {
    // DebugAddr is the address to run the /debug handlers on.
    DebugAddr string
    GRPC      *GRPCServerConfig
    TLS       TLSConfig
}

ServiceConfig contains config items that are common to all our services, to be embedded in other config structs.

type SyslogConfig Uses

type SyslogConfig struct {
    StdoutLevel int
    SyslogLevel int
}

SyslogConfig defines the config for syslogging.

type TLSConfig Uses

type TLSConfig struct {
    CertFile   *string
    KeyFile    *string
    CACertFile *string
}

TLSConfig represents certificates and a key for authenticated TLS.

func (*TLSConfig) Load Uses

func (t *TLSConfig) Load() (*tls.Config, error)

Load reads and parses the certificates and key listed in the TLSConfig, and returns a *tls.Config suitable for either client or server use.

Directories

PathSynopsis
admin-revoker
akamai-purger
boulder-ca
boulder-janitor
boulder-publisher
boulder-ra
boulder-sa
boulder-va
boulder-wfe
boulder-wfe2
cert-checker
expiration-mailer
expired-authz-purger
expired-authz-purger2
gen-ca
gen-keygen-key is a tool for generating RSA or ECDSA keys on a HSM using PKCS#11.
id-exporter
log-validator
nonce-service
notify-mailer
ocsp-responder
ocsp-updater
orphan-finder
single-ocsp
weak-key-flatten
weak-key-search

Package cmd imports 28 packages (graph) and is imported by 607 packages. Updated 2019-11-11. Refresh now. Tools for package owners.