caddy/config/config.go

314 lines
8.8 KiB
Go
Raw Normal View History

2015-01-13 22:43:45 +03:00
package config
import (
"crypto/rand"
"crypto/rsa"
"errors"
"fmt"
"io"
"log"
"net"
"github.com/mholt/caddy/app"
"github.com/mholt/caddy/config/parse"
"github.com/mholt/caddy/config/setup"
"github.com/mholt/caddy/middleware"
"github.com/mholt/caddy/server"
"github.com/xenolf/lego/acme"
)
const (
DefaultHost = "0.0.0.0"
DefaultPort = "2015"
DefaultRoot = "."
2015-04-15 23:11:32 +03:00
2015-05-25 05:52:34 +03:00
// DefaultConfigFile is the name of the configuration file that is loaded
// by default if no other file is specified.
2015-04-15 23:11:32 +03:00
DefaultConfigFile = "Caddyfile"
)
2015-01-13 22:43:45 +03:00
// Load reads input (named filename) and parses it, returning server
// configurations grouped by listening address.
func Load(filename string, input io.Reader) (Group, error) {
var configs []server.Config
// turn off timestamp for parsing
flags := log.Flags()
log.SetFlags(0)
serverBlocks, err := parse.ServerBlocks(filename, input)
if err != nil {
return nil, err
}
if len(serverBlocks) == 0 {
return Default()
}
// Each server block represents one or more servers/addresses.
// Iterate each server block and make a config for each one,
// executing the directives that were parsed.
for _, sb := range serverBlocks {
sharedConfig, err := serverBlockToConfig(filename, sb)
if err != nil {
return nil, err
}
// Now share the config with as many hosts as share the server block
for i, addr := range sb.Addresses {
config := sharedConfig
config.Host = addr.Host
config.Port = addr.Port
if config.Port == "" {
config.Port = Port
}
if config.Port == "http" {
config.TLS.Enabled = false
log.Printf("Warning: TLS disabled for %s://%s. To force TLS over the plaintext HTTP port, "+
"specify port 80 explicitly (https://%s:80).", config.Port, config.Host, config.Host)
}
if i == 0 {
sharedConfig.Startup = []func() error{}
sharedConfig.Shutdown = []func() error{}
}
configs = append(configs, config)
}
}
// restore logging settings
log.SetFlags(flags)
privateKey, err := rsa.GenerateKey(rand.Reader, 2048)
if err != nil {
return Group{}, errors.New("Error Generating Key:" + err.Error())
}
for _, cfg := range configs {
// TODO: && hostname does not resolve to localhost (?) && TLS is not force-disabled
if !cfg.TLS.Enabled {
// Initiate Let's Encrypt
user := LetsEncryptUser{
Email: "example@mail.com",
Key: privateKey,
}
client := acme.NewClient("http://192.168.99.100:4000", &user, 2048, "5001")
reg, err := client.Register()
if err != nil {
return Group{}, errors.New("Error Registering: " + err.Error())
}
user.Registration = reg
err = client.AgreeToTos()
if err != nil {
return Group{}, errors.New("Error Agreeing to ToS: " + err.Error())
}
certs, err := client.ObtainCertificates([]string{"caddy.dev"})
if err != nil {
return Group{}, errors.New("Error Obtaining Certs: " + err.Error())
}
fmt.Printf("%#v\n", certs)
}
}
// Group by address/virtualhosts
return arrangeBindings(configs)
2015-01-13 22:43:45 +03:00
}
type LetsEncryptUser struct {
Email string
Registration *acme.RegistrationResource
Key *rsa.PrivateKey
}
func (u LetsEncryptUser) GetEmail() string {
return u.Email
}
func (u LetsEncryptUser) GetRegistration() *acme.RegistrationResource {
return u.Registration
}
func (u LetsEncryptUser) GetPrivateKey() *rsa.PrivateKey {
return u.Key
}
// serverBlockToConfig makes a config for the server block
// by executing the tokens that were parsed. The returned
// config is shared among all hosts/addresses for the server
// block, so Host and Port information is not filled out
// here.
func serverBlockToConfig(filename string, sb parse.ServerBlock) (server.Config, error) {
sharedConfig := server.Config{
Root: Root,
Middleware: make(map[string][]middleware.Middleware),
ConfigFile: filename,
AppName: app.Name,
AppVersion: app.Version,
}
// It is crucial that directives are executed in the proper order.
for _, dir := range directiveOrder {
// Execute directive if it is in the server block
if tokens, ok := sb.Tokens[dir.name]; ok {
// Each setup function gets a controller, which is the
// server config and the dispenser containing only
// this directive's tokens.
controller := &setup.Controller{
Config: &sharedConfig,
Dispenser: parse.NewDispenserTokens(filename, tokens),
}
midware, err := dir.setup(controller)
if err != nil {
return sharedConfig, err
}
if midware != nil {
// TODO: For now, we only support the default path scope /
sharedConfig.Middleware["/"] = append(sharedConfig.Middleware["/"], midware)
}
}
}
return sharedConfig, nil
}
// arrangeBindings groups configurations by their bind address. For example,
// a server that should listen on localhost and another on 127.0.0.1 will
// be grouped into the same address: 127.0.0.1. It will return an error
// if an address is malformed or a TLS listener is configured on the
// same address as a plaintext HTTP listener. The return value is a map of
// bind address to list of configs that would become VirtualHosts on that
// server. Use the keys of the returned map to create listeners, and use
// the associated values to set up the virtualhosts.
func arrangeBindings(allConfigs []server.Config) (Group, error) {
addresses := make(Group)
// Group configs by bind address
for _, conf := range allConfigs {
newAddr, warnErr, fatalErr := resolveAddr(conf)
if fatalErr != nil {
return addresses, fatalErr
}
if warnErr != nil {
log.Println("[Warning]", warnErr)
}
2015-05-21 09:40:05 +03:00
// Make sure to compare the string representation of the address,
// not the pointer, since a new *TCPAddr is created each time.
var existing bool
for addr := range addresses {
if addr.String() == newAddr.String() {
addresses[addr] = append(addresses[addr], conf)
existing = true
break
}
}
if !existing {
addresses[newAddr] = append(addresses[newAddr], conf)
}
}
// Don't allow HTTP and HTTPS to be served on the same address
for _, configs := range addresses {
isTLS := configs[0].TLS.Enabled
for _, config := range configs {
if config.TLS.Enabled != isTLS {
thisConfigProto, otherConfigProto := "HTTP", "HTTP"
if config.TLS.Enabled {
thisConfigProto = "HTTPS"
}
if configs[0].TLS.Enabled {
otherConfigProto = "HTTPS"
}
return addresses, fmt.Errorf("configuration error: Cannot multiplex %s (%s) and %s (%s) on same address",
configs[0].Address(), otherConfigProto, config.Address(), thisConfigProto)
}
}
}
return addresses, nil
}
// resolveAddr determines the address (host and port) that a config will
// bind to. The returned address, resolvAddr, should be used to bind the
// listener or group the config with other configs using the same address.
// The first error, if not nil, is just a warning and should be reported
// but execution may continue. The second error, if not nil, is a real
// problem and the server should not be started.
//
// This function handles edge cases gracefully. If a port name like
// "http" or "https" is unknown to the system, this function will
// change them to 80 or 443 respectively. If a hostname fails to
// resolve, that host can still be served but will be listening on
// the wildcard host instead. This function takes care of this for you.
func resolveAddr(conf server.Config) (resolvAddr *net.TCPAddr, warnErr error, fatalErr error) {
bindHost := conf.BindHost
resolvAddr, warnErr = net.ResolveTCPAddr("tcp", net.JoinHostPort(bindHost, conf.Port))
if warnErr != nil {
// Most likely the host lookup failed or the port is unknown
tryPort := conf.Port
switch errVal := warnErr.(type) {
case *net.AddrError:
if errVal.Err == "unknown port" {
// some odd Linux machines don't support these port names; see issue #136
switch conf.Port {
case "http":
tryPort = "80"
case "https":
tryPort = "443"
}
}
resolvAddr, fatalErr = net.ResolveTCPAddr("tcp", net.JoinHostPort(bindHost, tryPort))
if fatalErr != nil {
return
}
default:
// the hostname probably couldn't be resolved, just bind to wildcard then
resolvAddr, fatalErr = net.ResolveTCPAddr("tcp", net.JoinHostPort("0.0.0.0", tryPort))
if fatalErr != nil {
return
}
}
return
}
return
}
// validDirective returns true if d is a valid
// directive; false otherwise.
func validDirective(d string) bool {
for _, dir := range directiveOrder {
if dir.name == d {
return true
}
}
return false
2015-01-13 22:43:45 +03:00
}
func NewDefault() server.Config {
return server.Config{
Root: Root,
Host: Host,
Port: Port,
2015-01-13 22:43:45 +03:00
}
}
// Default makes a default configuration which
// is empty except for root, host, and port,
// which are essentials for serving the cwd.
func Default() (Group, error) {
return arrangeBindings([]server.Config{NewDefault()})
}
// These three defaults are configurable through the command line
var (
Root = DefaultRoot
Host = DefaultHost
Port = DefaultPort
)
type Group map[*net.TCPAddr][]server.Config