Create bogus certificate if none passed
This commit is contained in:
parent
66f705879a
commit
5f9a8a9f4f
|
@ -378,7 +378,6 @@ func handle(w http.ResponseWriter, r *http.Request) {
|
||||||
setCORSHeaders(w)
|
setCORSHeaders(w)
|
||||||
pathElements := strings.Split(r.URL.Path, "/")
|
pathElements := strings.Split(r.URL.Path, "/")
|
||||||
if len(pathElements) < 3 {
|
if len(pathElements) < 3 {
|
||||||
log.Printf("1")
|
|
||||||
w.WriteHeader(http.StatusBadRequest)
|
w.WriteHeader(http.StatusBadRequest)
|
||||||
return
|
return
|
||||||
}
|
}
|
||||||
|
@ -452,8 +451,8 @@ func checkContentServers() {
|
||||||
|
|
||||||
func main() {
|
func main() {
|
||||||
//TODO: OCSP
|
//TODO: OCSP
|
||||||
certificatePath := flag.String("certificate", "ssl.crt", "Path to SSL certificate file.")
|
certificatePath := flag.String("certificate", "", "Path to SSL certificate file.")
|
||||||
keypairPath := flag.String("keypair", "ssl.key", "Path to SSL key file.")
|
keypairPath := flag.String("keypair", "", "Path to SSL key file.")
|
||||||
|
|
||||||
listenAddress := flag.String("listen", ":7777", "Address/port to lisent on.")
|
listenAddress := flag.String("listen", ":7777", "Address/port to lisent on.")
|
||||||
|
|
||||||
|
@ -523,9 +522,16 @@ func main() {
|
||||||
if err != nil {
|
if err != nil {
|
||||||
log.Fatal(err)
|
log.Fatal(err)
|
||||||
}
|
}
|
||||||
serverCertificate, err := tls.LoadX509KeyPair(*certificatePath, *keypairPath)
|
|
||||||
if err != nil {
|
var serverCertificate tls.Certificate
|
||||||
log.Fatal(err)
|
|
||||||
|
if *certificatePath != "" && *keypairPath != "" {
|
||||||
|
serverCertificate, err = tls.LoadX509KeyPair(*certificatePath, *keypairPath)
|
||||||
|
if err != nil {
|
||||||
|
log.Fatal(err)
|
||||||
|
}
|
||||||
|
} else {
|
||||||
|
serverCertificate = bogusCertificate
|
||||||
}
|
}
|
||||||
|
|
||||||
server := &http.Server{
|
server := &http.Server{
|
||||||
|
|
14
README.md
14
README.md
|
@ -7,4 +7,16 @@ Content-addressable storage redirector.
|
||||||
|
|
||||||
`$ go run .`
|
`$ go run .`
|
||||||
|
|
||||||
Build via `$ go build -o fcmm`
|
Build via `$ go build -o fcmm`
|
||||||
|
|
||||||
|
### Certbot notes
|
||||||
|
* Use pip certbot
|
||||||
|
* Edit .env to add paths to certificates
|
||||||
|
|
||||||
|
```
|
||||||
|
$ certbot certonly \
|
||||||
|
--standalone \
|
||||||
|
--key-type=ecdsa --elliptic-curve=secp256r1 \
|
||||||
|
--domain <domain> \
|
||||||
|
--post-hook "docker restart <docker name>"
|
||||||
|
```
|
Loading…
Reference in a new issue