Add some conifguration and logging for the hub
This commit is contained in:
@@ -4,28 +4,17 @@ import (
|
||||
"context"
|
||||
"crypto/tls"
|
||||
"crypto/x509"
|
||||
"fmt"
|
||||
"io"
|
||||
"log"
|
||||
"net/http"
|
||||
"os"
|
||||
|
||||
"go.fixergrid.net/servicedemon/pkg/pubsub"
|
||||
"go.fixergrid.net/servicedemon/pkg/registrar"
|
||||
"go.fixergrid.net/servicedemon/appconfig"
|
||||
"go.fixergrid.net/servicedemon/pubsub"
|
||||
"go.fixergrid.net/servicedemon/registrar"
|
||||
)
|
||||
|
||||
type noopHandler struct {
|
||||
http.HandlerFunc
|
||||
}
|
||||
|
||||
func wrapHandlefunc(h http.HandlerFunc) noopHandler {
|
||||
return noopHandler{
|
||||
HandlerFunc: h,
|
||||
}
|
||||
}
|
||||
|
||||
func (h noopHandler) ServeHTTP(w http.ResponseWriter, req *http.Request) {
|
||||
h.HandlerFunc(w, req)
|
||||
}
|
||||
func main() {
|
||||
ctx, cancel := context.WithCancel(context.Background())
|
||||
defer cancel()
|
||||
@@ -39,41 +28,79 @@ func main() {
|
||||
r := registrar.NewRegistrar(
|
||||
pubsub,
|
||||
repo,
|
||||
registrar.WithLogger(log.New(os.Stdout, "registrar: ", log.LstdFlags|log.Lshortfile)),
|
||||
)
|
||||
|
||||
al := registrar.NewApprovalListener(
|
||||
pubsub,
|
||||
nil,
|
||||
repo,
|
||||
registrar.OptionLog(log.New(os.Stdout, "approvalListener: ", log.LstdFlags|log.Lshortfile)),
|
||||
)
|
||||
go al.Run(ctx)
|
||||
|
||||
appConfig := appconfig.NewProvider()
|
||||
|
||||
mux := http.NewServeMux()
|
||||
logger.Println("Registering endpoints...")
|
||||
mux.HandleFunc("/register", postjson(r.HandleRegistration))
|
||||
logger.Println("POST /register")
|
||||
|
||||
mux.HandleFunc("/register", r.HandleRegistration)
|
||||
mux.Handle("/approvals/", http.StripPrefix("/approvals/", wrapHandlefunc(r.HandleApproval)))
|
||||
mux.Handle("/approvals/", http.StripPrefix("/approvals/", wrapHandleFunc(postjson(r.HandleApproval))))
|
||||
logger.Println("POST /approvals/:id")
|
||||
|
||||
certFile, err := os.Open("./certs/ca.pem")
|
||||
mux.Handle("/application/", http.StripPrefix("/application", appConfig.Handler()))
|
||||
logger.Println("GET /application/config/authz")
|
||||
|
||||
server, err := newServer()
|
||||
if err != nil {
|
||||
logger.Fatalf("failed to open ca.pem: %v", err)
|
||||
logger.Fatal(err)
|
||||
}
|
||||
|
||||
server.Handler = mux
|
||||
log.Println(server.ListenAndServeTLS("", ""))
|
||||
}
|
||||
|
||||
func newServer() (*http.Server, error) {
|
||||
// "./certs/combined.pem", "./certs/server-key.pem"
|
||||
requiredVars := map[string]string{
|
||||
"HUB_CA_CERT_FILE": "",
|
||||
"HUB_SERVER_CERT_FILE": "",
|
||||
"HUB_SERVER_KEY_FILE": "",
|
||||
}
|
||||
|
||||
for k, _ := range requiredVars {
|
||||
val, isSet := os.LookupEnv(k)
|
||||
if !isSet {
|
||||
return nil, fmt.Errorf("hub: required environment variable is unset: %s", k)
|
||||
}
|
||||
requiredVars[k] = val
|
||||
}
|
||||
|
||||
certFile, err := os.Open(requiredVars["HUB_CA_CERT_FILE"])
|
||||
if err != nil {
|
||||
return nil, fmt.Errorf("hub: failed to open ca.pem: %w", err)
|
||||
}
|
||||
|
||||
caCert, err := io.ReadAll(certFile)
|
||||
if err != nil {
|
||||
logger.Fatalf("failed to read in ca: %v", err)
|
||||
return nil, fmt.Errorf("hub: failed to read in ca: %w", err)
|
||||
}
|
||||
|
||||
pool := x509.NewCertPool()
|
||||
pool.AppendCertsFromPEM(caCert)
|
||||
|
||||
serverCert, err := tls.LoadX509KeyPair(requiredVars["HUB_SERVER_CERT_FILE"], requiredVars["HUB_SERVER_KEY_FILE"])
|
||||
if err != nil {
|
||||
return nil, fmt.Errorf("hub: failed to load server certs: %w", err)
|
||||
}
|
||||
|
||||
server := &http.Server{
|
||||
Addr: ":3001",
|
||||
TLSConfig: &tls.Config{
|
||||
ClientCAs: pool,
|
||||
ClientAuth: tls.RequireAndVerifyClientCert,
|
||||
ClientCAs: pool,
|
||||
ClientAuth: tls.RequireAndVerifyClientCert,
|
||||
Certificates: []tls.Certificate{serverCert},
|
||||
},
|
||||
}
|
||||
server.Handler = mux
|
||||
log.Println(server.ListenAndServeTLS("./certs/combined.pem", "./certs/server-key.pem"))
|
||||
|
||||
return server, nil
|
||||
}
|
||||
|
||||
46
cmd/hub/middlewares.go
Normal file
46
cmd/hub/middlewares.go
Normal file
@@ -0,0 +1,46 @@
|
||||
package main
|
||||
|
||||
import (
|
||||
"fmt"
|
||||
"net/http"
|
||||
)
|
||||
|
||||
func postjson(f http.HandlerFunc) http.HandlerFunc {
|
||||
return contentJSON(methodPost(f))
|
||||
}
|
||||
|
||||
func methodPost(f http.HandlerFunc) http.HandlerFunc {
|
||||
return func(w http.ResponseWriter, req *http.Request) {
|
||||
if req.Method != http.MethodPost {
|
||||
w.WriteHeader(http.StatusMethodNotAllowed)
|
||||
fmt.Fprintf(w, `{"errors": ["method not allowed"]}`)
|
||||
return
|
||||
}
|
||||
|
||||
f(w, req)
|
||||
}
|
||||
|
||||
}
|
||||
|
||||
func contentJSON(f http.HandlerFunc) http.HandlerFunc {
|
||||
return func(w http.ResponseWriter, req *http.Request) {
|
||||
headers := w.Header()
|
||||
headers.Set("content-type", "application/json")
|
||||
|
||||
f(w, req)
|
||||
}
|
||||
}
|
||||
|
||||
type noopHandler struct {
|
||||
http.HandlerFunc
|
||||
}
|
||||
|
||||
func wrapHandleFunc(h http.HandlerFunc) noopHandler {
|
||||
return noopHandler{
|
||||
HandlerFunc: h,
|
||||
}
|
||||
}
|
||||
|
||||
func (h noopHandler) ServeHTTP(w http.ResponseWriter, req *http.Request) {
|
||||
h.HandlerFunc(w, req)
|
||||
}
|
||||
Reference in New Issue
Block a user