diff --git a/certinspector/inspector.go b/certinspector/inspector.go index f7047ecc6324b29e6b795ff103fb00d3b3403803..8010ef11bd62224ec258acd4523c6c322c039fc8 100644 --- a/certinspector/inspector.go +++ b/certinspector/inspector.go @@ -6,6 +6,7 @@ import ( "encoding/pem" "errors" "fmt" + "log" "os" "path/filepath" "sort" @@ -14,6 +15,21 @@ import ( "time" ) +var ( + DebugLogger *log.Logger + InfoLogger *log.Logger + WarningLogger *log.Logger + ErrorLogger *log.Logger + verboseBool bool +) + +func init() { + DebugLogger = log.New(os.Stdout, "DEBUG: ", log.Ldate|log.Ltime) + InfoLogger = log.New(os.Stdout, "INFO: ", log.Ldate|log.Ltime) + WarningLogger = log.New(os.Stdout, "WARNING: ", log.Ldate|log.Ltime) + ErrorLogger = log.New(os.Stdout, "ERROR: ", log.Ldate|log.Ltime) +} + type CertificateData struct { CertName string `json:"certname"` SerialNumber string `json:"serial_number"` @@ -22,7 +38,10 @@ type CertificateData struct { } // inspect certificate and return CertificateData -func InspectCertificate(certDir string) (CertificateData, error) { +func InspectCertificate(certDir string, verboseBool bool) (CertificateData, error) { + if verboseBool { + DebugLogger.Printf("running inspector/InspectCertificate for: %s", certDir) + } fullchainPath := filepath.Join(certDir, "fullchain.pem") data, err := os.ReadFile(fullchainPath) if err != nil { @@ -58,7 +77,10 @@ func InspectCertificate(certDir string) (CertificateData, error) { } // call writeJSON functio. Used by the API. -func ProcessCertificatesWrite(baseDir, provider string, outputDir string) error { +func ProcessCertificatesWrite(baseDir, provider string, outputDir string, verboseBool bool) error { + if verboseBool { + DebugLogger.Printf("Running inspector/ProcessCertificatesWrite function for provider: %s", provider) + } liveDir := filepath.Join(baseDir, provider, "live") dirs, err := os.ReadDir(liveDir) if err != nil { @@ -77,7 +99,7 @@ func ProcessCertificatesWrite(baseDir, provider string, outputDir string) error wg.Add(1) go func(certDir string) { defer wg.Done() - data, err := InspectCertificate(certDir) + data, err := InspectCertificate(certDir, verboseBool) if err == nil { mu.Lock() results = append(results, data) @@ -93,11 +115,14 @@ func ProcessCertificatesWrite(baseDir, provider string, outputDir string) error }) outputFile := filepath.Join(outputDir, provider+".json") - return writeJSON(outputFile, results) + return writeJSON(outputFile, results, verboseBool) } // write JSON to file. Used by the API. -func writeJSON(filename string, data interface{}) error { +func writeJSON(filename string, data interface{}, verboseBool bool) error { + if verboseBool { + DebugLogger.Printf("Running inspector/writeJSON function for file: %s", filename) + } file, err := os.Create(filename) if err != nil { return fmt.Errorf("failed to create JSON file: %w", err) @@ -110,7 +135,10 @@ func writeJSON(filename string, data interface{}) error { } // process certificates and return JSON data -func ProcessCertificates(baseDir, provider string) ([]byte, error) { +func ProcessCertificates(baseDir, provider string, verboseBool bool) ([]byte, error) { + if verboseBool { + DebugLogger.Printf("Running inspector/ProcessCertificates for provider: %s", provider) + } liveDir := filepath.Join(baseDir, provider, "live") dirs, err := os.ReadDir(liveDir) if err != nil { @@ -129,7 +157,7 @@ func ProcessCertificates(baseDir, provider string) ([]byte, error) { wg.Add(1) go func(certDir string) { defer wg.Done() - data, err := InspectCertificate(certDir) + data, err := InspectCertificate(certDir, verboseBool) if err == nil { mu.Lock() results = append(results, data) diff --git a/main.go b/main.go index cf061fcd5f26a88f5a02c1559e8108374b806bc4..1d63690824ee338a38249f2c4c8333948f7db232 100644 --- a/main.go +++ b/main.go @@ -20,8 +20,9 @@ var ( baseDir string webDir string bearerToken string - WarningLogger *log.Logger + DebugLogger *log.Logger InfoLogger *log.Logger + WarningLogger *log.Logger ErrorLogger *log.Logger verboseBool bool baseURLs []string @@ -30,6 +31,7 @@ var ( ) func init() { + DebugLogger = log.New(os.Stdout, "DEBUG: ", log.Ldate|log.Ltime) InfoLogger = log.New(os.Stdout, "INFO: ", log.Ldate|log.Ltime) WarningLogger = log.New(os.Stdout, "WARNING: ", log.Ldate|log.Ltime) ErrorLogger = log.New(os.Stdout, "ERROR: ", log.Ldate|log.Ltime) @@ -38,14 +40,16 @@ func init() { // serve certificates JSON func renderJSON(w http.ResponseWriter, req *http.Request) { provider := strings.Split(req.URL.Path, "/")[2] - jsonData, err := certinspector.ProcessCertificates(baseDir, provider) + jsonData, err := certinspector.ProcessCertificates(baseDir, provider, verboseBool) if err != nil { WarningLogger.Println(err) http.Error(w, "Failed to process certificates", http.StatusServiceUnavailable) return } - // Write JSON response + if verboseBool { + DebugLogger.Printf("Serving JSON for provider: %s", provider) + } w.Header().Set("Content-Type", "application/json") w.WriteHeader(http.StatusOK) _, err = w.Write(jsonData) @@ -60,7 +64,7 @@ func renderPage(w http.ResponseWriter, req *http.Request) { outputDir := filepath.Join(webDir, provider) serveFile := filepath.Join(webDir, req.URL.Path) - err := certinspector.ProcessCertificatesWrite(baseDir, provider, outputDir) + err := certinspector.ProcessCertificatesWrite(baseDir, provider, outputDir, verboseBool) if err != nil { WarningLogger.Println(err) http.Error(w, "Failed to process certificates", http.StatusServiceUnavailable) @@ -69,13 +73,14 @@ func renderPage(w http.ResponseWriter, req *http.Request) { w.Header().Set("Content-Type", "text/html") if verboseBool { - InfoLogger.Printf("Serving file: %s", serveFile) + DebugLogger.Printf("Serving file: %s", serveFile) } http.ServeFile(w, req, serveFile) } // trigger puppet func triggerPuppet(w http.ResponseWriter, req *http.Request) { + fmt.Printf("triggerPuppet function\n") // content-type currently not working cmd := exec.Command("/usr/bin/pkill", "-f", "/opt/puppetlabs/puppet/bin/puppet", "--signal", "SIGUSR1") authToken := "BOFH" @@ -97,7 +102,7 @@ func triggerPuppet(w http.ResponseWriter, req *http.Request) { http.Error(w, unavailableMsg, http.StatusServiceUnavailable) } else { if verboseBool { - InfoLogger.Printf("HTTP Status %v", http.StatusOK) + DebugLogger.Printf("HTTP Status %v", http.StatusOK) } http.Error(w, okMsg, http.StatusOK) } @@ -106,6 +111,7 @@ func triggerPuppet(w http.ResponseWriter, req *http.Request) { // redirect to /by_name.html func redirect(w http.ResponseWriter, req *http.Request) { + fmt.Printf("redirect function\n") redirectURL := filepath.Join(req.URL.Path, "/by_name.html") http.Redirect(w, req, redirectURL, http.StatusMovedPermanently) } @@ -158,6 +164,11 @@ Options: verboseBool = arguments["--verbose"].(bool) listenAddress := arguments["--listen-address"].(string) listenPort := arguments["--listen-port"].(string) + if verboseBool { + DebugLogger.Printf("Starting ACME Web server in debug mode") + } else { + InfoLogger.Printf("Starting ACME Web server") + } for _, provider := range acmeProviders { baseURLs = append(baseURLs, "/"+provider, "/"+provider+"/") @@ -166,7 +177,7 @@ Options: for _, provider := range acmeProviders { apiURLs = append( apiURLs, "/api/"+provider, "/api/"+provider+"/", - "/"+provider+"/"+provider+".json", "/"+provider+"/"+provider+"_expired.json", + "/api/"+provider+"/"+provider+".json", "/api/"+provider+"/"+provider+"_expired.json", ) }