Skip to content
GitLab
Explore
Sign in
Primary navigation
Search or go to…
Project
A
Acme Web
Manage
Activity
Members
Labels
Plan
Issues
Issue boards
Milestones
Wiki
Code
Merge requests
Repository
Branches
Commits
Tags
Repository graph
Compare revisions
Snippets
Build
Pipelines
Jobs
Pipeline schedules
Artifacts
Deploy
Releases
Package registry
Container registry
Model registry
Operate
Environments
Terraform modules
Monitor
Incidents
Analyze
Value stream analytics
Contributor analytics
CI/CD analytics
Repository analytics
Model experiments
Help
Help
Support
GitLab documentation
Compare GitLab plans
Community forum
Contribute to GitLab
Provide feedback
Keyboard shortcuts
?
Snippets
Groups
Projects
Show more breadcrumbs
Geant DevOps
Acme Web
Commits
8139fdd3
Unverified
Commit
8139fdd3
authored
5 months ago
by
Max Adamo
Browse files
Options
Downloads
Patches
Plain Diff
fix: correct API URL paths for ACME providers
parent
f463794f
No related branches found
No related tags found
No related merge requests found
Changes
2
Hide whitespace changes
Inline
Side-by-side
Showing
2 changed files
certinspector/inspector.go
+35
-7
35 additions, 7 deletions
certinspector/inspector.go
main.go
+18
-7
18 additions, 7 deletions
main.go
with
53 additions
and
14 deletions
certinspector/inspector.go
+
35
−
7
View file @
8139fdd3
...
...
@@ -6,6 +6,7 @@ import (
"encoding/pem"
"errors"
"fmt"
"log"
"os"
"path/filepath"
"sort"
...
...
@@ -14,6 +15,21 @@ import (
"time"
)
var
(
DebugLogger
*
log
.
Logger
InfoLogger
*
log
.
Logger
WarningLogger
*
log
.
Logger
ErrorLogger
*
log
.
Logger
verboseBool
bool
)
func
init
()
{
DebugLogger
=
log
.
New
(
os
.
Stdout
,
"DEBUG: "
,
log
.
Ldate
|
log
.
Ltime
)
InfoLogger
=
log
.
New
(
os
.
Stdout
,
"INFO: "
,
log
.
Ldate
|
log
.
Ltime
)
WarningLogger
=
log
.
New
(
os
.
Stdout
,
"WARNING: "
,
log
.
Ldate
|
log
.
Ltime
)
ErrorLogger
=
log
.
New
(
os
.
Stdout
,
"ERROR: "
,
log
.
Ldate
|
log
.
Ltime
)
}
type
CertificateData
struct
{
CertName
string
`json:"certname"`
SerialNumber
string
`json:"serial_number"`
...
...
@@ -22,7 +38,10 @@ type CertificateData struct {
}
// inspect certificate and return CertificateData
func
InspectCertificate
(
certDir
string
)
(
CertificateData
,
error
)
{
func
InspectCertificate
(
certDir
string
,
verboseBool
bool
)
(
CertificateData
,
error
)
{
if
verboseBool
{
DebugLogger
.
Printf
(
"running inspector/InspectCertificate for: %s"
,
certDir
)
}
fullchainPath
:=
filepath
.
Join
(
certDir
,
"fullchain.pem"
)
data
,
err
:=
os
.
ReadFile
(
fullchainPath
)
if
err
!=
nil
{
...
...
@@ -58,7 +77,10 @@ func InspectCertificate(certDir string) (CertificateData, error) {
}
// call writeJSON functio. Used by the API.
func
ProcessCertificatesWrite
(
baseDir
,
provider
string
,
outputDir
string
)
error
{
func
ProcessCertificatesWrite
(
baseDir
,
provider
string
,
outputDir
string
,
verboseBool
bool
)
error
{
if
verboseBool
{
DebugLogger
.
Printf
(
"Running inspector/ProcessCertificatesWrite function for provider: %s"
,
provider
)
}
liveDir
:=
filepath
.
Join
(
baseDir
,
provider
,
"live"
)
dirs
,
err
:=
os
.
ReadDir
(
liveDir
)
if
err
!=
nil
{
...
...
@@ -77,7 +99,7 @@ func ProcessCertificatesWrite(baseDir, provider string, outputDir string) error
wg
.
Add
(
1
)
go
func
(
certDir
string
)
{
defer
wg
.
Done
()
data
,
err
:=
InspectCertificate
(
certDir
)
data
,
err
:=
InspectCertificate
(
certDir
,
verboseBool
)
if
err
==
nil
{
mu
.
Lock
()
results
=
append
(
results
,
data
)
...
...
@@ -93,11 +115,14 @@ func ProcessCertificatesWrite(baseDir, provider string, outputDir string) error
})
outputFile
:=
filepath
.
Join
(
outputDir
,
provider
+
".json"
)
return
writeJSON
(
outputFile
,
results
)
return
writeJSON
(
outputFile
,
results
,
verboseBool
)
}
// write JSON to file. Used by the API.
func
writeJSON
(
filename
string
,
data
interface
{})
error
{
func
writeJSON
(
filename
string
,
data
interface
{},
verboseBool
bool
)
error
{
if
verboseBool
{
DebugLogger
.
Printf
(
"Running inspector/writeJSON function for file: %s"
,
filename
)
}
file
,
err
:=
os
.
Create
(
filename
)
if
err
!=
nil
{
return
fmt
.
Errorf
(
"failed to create JSON file: %w"
,
err
)
...
...
@@ -110,7 +135,10 @@ func writeJSON(filename string, data interface{}) error {
}
// process certificates and return JSON data
func
ProcessCertificates
(
baseDir
,
provider
string
)
([]
byte
,
error
)
{
func
ProcessCertificates
(
baseDir
,
provider
string
,
verboseBool
bool
)
([]
byte
,
error
)
{
if
verboseBool
{
DebugLogger
.
Printf
(
"Running inspector/ProcessCertificates for provider: %s"
,
provider
)
}
liveDir
:=
filepath
.
Join
(
baseDir
,
provider
,
"live"
)
dirs
,
err
:=
os
.
ReadDir
(
liveDir
)
if
err
!=
nil
{
...
...
@@ -129,7 +157,7 @@ func ProcessCertificates(baseDir, provider string) ([]byte, error) {
wg
.
Add
(
1
)
go
func
(
certDir
string
)
{
defer
wg
.
Done
()
data
,
err
:=
InspectCertificate
(
certDir
)
data
,
err
:=
InspectCertificate
(
certDir
,
verboseBool
)
if
err
==
nil
{
mu
.
Lock
()
results
=
append
(
results
,
data
)
...
...
This diff is collapsed.
Click to expand it.
main.go
+
18
−
7
View file @
8139fdd3
...
...
@@ -20,8 +20,9 @@ var (
baseDir
string
webDir
string
bearerToken
string
Warnin
gLogger
*
log
.
Logger
Debu
gLogger
*
log
.
Logger
InfoLogger
*
log
.
Logger
WarningLogger
*
log
.
Logger
ErrorLogger
*
log
.
Logger
verboseBool
bool
baseURLs
[]
string
...
...
@@ -30,6 +31,7 @@ var (
)
func
init
()
{
DebugLogger
=
log
.
New
(
os
.
Stdout
,
"DEBUG: "
,
log
.
Ldate
|
log
.
Ltime
)
InfoLogger
=
log
.
New
(
os
.
Stdout
,
"INFO: "
,
log
.
Ldate
|
log
.
Ltime
)
WarningLogger
=
log
.
New
(
os
.
Stdout
,
"WARNING: "
,
log
.
Ldate
|
log
.
Ltime
)
ErrorLogger
=
log
.
New
(
os
.
Stdout
,
"ERROR: "
,
log
.
Ldate
|
log
.
Ltime
)
...
...
@@ -38,14 +40,16 @@ func init() {
// serve certificates JSON
func
renderJSON
(
w
http
.
ResponseWriter
,
req
*
http
.
Request
)
{
provider
:=
strings
.
Split
(
req
.
URL
.
Path
,
"/"
)[
2
]
jsonData
,
err
:=
certinspector
.
ProcessCertificates
(
baseDir
,
provider
)
jsonData
,
err
:=
certinspector
.
ProcessCertificates
(
baseDir
,
provider
,
verboseBool
)
if
err
!=
nil
{
WarningLogger
.
Println
(
err
)
http
.
Error
(
w
,
"Failed to process certificates"
,
http
.
StatusServiceUnavailable
)
return
}
// Write JSON response
if
verboseBool
{
DebugLogger
.
Printf
(
"Serving JSON for provider: %s"
,
provider
)
}
w
.
Header
()
.
Set
(
"Content-Type"
,
"application/json"
)
w
.
WriteHeader
(
http
.
StatusOK
)
_
,
err
=
w
.
Write
(
jsonData
)
...
...
@@ -60,7 +64,7 @@ func renderPage(w http.ResponseWriter, req *http.Request) {
outputDir
:=
filepath
.
Join
(
webDir
,
provider
)
serveFile
:=
filepath
.
Join
(
webDir
,
req
.
URL
.
Path
)
err
:=
certinspector
.
ProcessCertificatesWrite
(
baseDir
,
provider
,
outputDir
)
err
:=
certinspector
.
ProcessCertificatesWrite
(
baseDir
,
provider
,
outputDir
,
verboseBool
)
if
err
!=
nil
{
WarningLogger
.
Println
(
err
)
http
.
Error
(
w
,
"Failed to process certificates"
,
http
.
StatusServiceUnavailable
)
...
...
@@ -69,13 +73,14 @@ func renderPage(w http.ResponseWriter, req *http.Request) {
w
.
Header
()
.
Set
(
"Content-Type"
,
"text/html"
)
if
verboseBool
{
Info
Logger
.
Printf
(
"Serving file: %s"
,
serveFile
)
Debug
Logger
.
Printf
(
"Serving file: %s"
,
serveFile
)
}
http
.
ServeFile
(
w
,
req
,
serveFile
)
}
// trigger puppet
func
triggerPuppet
(
w
http
.
ResponseWriter
,
req
*
http
.
Request
)
{
fmt
.
Printf
(
"triggerPuppet function
\n
"
)
// content-type currently not working
cmd
:=
exec
.
Command
(
"/usr/bin/pkill"
,
"-f"
,
"/opt/puppetlabs/puppet/bin/puppet"
,
"--signal"
,
"SIGUSR1"
)
authToken
:=
"BOFH"
...
...
@@ -97,7 +102,7 @@ func triggerPuppet(w http.ResponseWriter, req *http.Request) {
http
.
Error
(
w
,
unavailableMsg
,
http
.
StatusServiceUnavailable
)
}
else
{
if
verboseBool
{
Info
Logger
.
Printf
(
"HTTP Status %v"
,
http
.
StatusOK
)
Debug
Logger
.
Printf
(
"HTTP Status %v"
,
http
.
StatusOK
)
}
http
.
Error
(
w
,
okMsg
,
http
.
StatusOK
)
}
...
...
@@ -106,6 +111,7 @@ func triggerPuppet(w http.ResponseWriter, req *http.Request) {
// redirect to /by_name.html
func
redirect
(
w
http
.
ResponseWriter
,
req
*
http
.
Request
)
{
fmt
.
Printf
(
"redirect function
\n
"
)
redirectURL
:=
filepath
.
Join
(
req
.
URL
.
Path
,
"/by_name.html"
)
http
.
Redirect
(
w
,
req
,
redirectURL
,
http
.
StatusMovedPermanently
)
}
...
...
@@ -158,6 +164,11 @@ Options:
verboseBool
=
arguments
[
"--verbose"
]
.
(
bool
)
listenAddress
:=
arguments
[
"--listen-address"
]
.
(
string
)
listenPort
:=
arguments
[
"--listen-port"
]
.
(
string
)
if
verboseBool
{
DebugLogger
.
Printf
(
"Starting ACME Web server in debug mode"
)
}
else
{
InfoLogger
.
Printf
(
"Starting ACME Web server"
)
}
for
_
,
provider
:=
range
acmeProviders
{
baseURLs
=
append
(
baseURLs
,
"/"
+
provider
,
"/"
+
provider
+
"/"
)
...
...
@@ -166,7 +177,7 @@ Options:
for
_
,
provider
:=
range
acmeProviders
{
apiURLs
=
append
(
apiURLs
,
"/api/"
+
provider
,
"/api/"
+
provider
+
"/"
,
"/"
+
provider
+
"/"
+
provider
+
".json"
,
"/"
+
provider
+
"/"
+
provider
+
"_expired.json"
,
"/
api/
"
+
provider
+
"/"
+
provider
+
".json"
,
"/
api/
"
+
provider
+
"/"
+
provider
+
"_expired.json"
,
)
}
...
...
This diff is collapsed.
Click to expand it.
Preview
0%
Loading
Try again
or
attach a new file
.
Cancel
You are about to add
0
people
to the discussion. Proceed with caution.
Finish editing this message first!
Save comment
Cancel
Please
register
or
sign in
to comment