Add some conifguration and logging for the hub

2023-07-04 22:05:24 -04:00
parent f82d3f18c6
commit 31f6cc0a0d
18 changed files with 250 additions and 151 deletions
--- a/cmd/hub/main.go
+++ b/cmd/hub/main.go
@@ -4,28 +4,17 @@ import (
 	"context"
 	"crypto/tls"
 	"crypto/x509"
+	"fmt"
 	"io"
 	"log"
 	"net/http"
 	"os"

-	"go.fixergrid.net/servicedemon/pkg/pubsub"
-	"go.fixergrid.net/servicedemon/pkg/registrar"
+	"go.fixergrid.net/servicedemon/appconfig"
+	"go.fixergrid.net/servicedemon/pubsub"
+	"go.fixergrid.net/servicedemon/registrar"
 )

-type noopHandler struct {
-	http.HandlerFunc
-}
-
-func wrapHandlefunc(h http.HandlerFunc) noopHandler {
-	return noopHandler{
-		HandlerFunc: h,
-	}
-}
-
-func (h noopHandler) ServeHTTP(w http.ResponseWriter, req *http.Request) {
-	h.HandlerFunc(w, req)
-}
 func main() {
 	ctx, cancel := context.WithCancel(context.Background())
 	defer cancel()
@@ -39,41 +28,79 @@ func main() {
 	r := registrar.NewRegistrar(
 		pubsub,
 		repo,
-		registrar.WithLogger(log.New(os.Stdout, "registrar: ", log.LstdFlags|log.Lshortfile)),
 	)
+
 	al := registrar.NewApprovalListener(
 		pubsub,
 		nil,
 		repo,
-		registrar.OptionLog(log.New(os.Stdout, "approvalListener: ", log.LstdFlags|log.Lshortfile)),
 	)
 	go al.Run(ctx)

+	appConfig := appconfig.NewProvider()
+
 	mux := http.NewServeMux()
+	logger.Println("Registering endpoints...")
+	mux.HandleFunc("/register", postjson(r.HandleRegistration))
+	logger.Println("POST /register")

-	mux.HandleFunc("/register", r.HandleRegistration)
-	mux.Handle("/approvals/", http.StripPrefix("/approvals/", wrapHandlefunc(r.HandleApproval)))
+	mux.Handle("/approvals/", http.StripPrefix("/approvals/", wrapHandleFunc(postjson(r.HandleApproval))))
+	logger.Println("POST /approvals/:id")

-	certFile, err := os.Open("./certs/ca.pem")
+	mux.Handle("/application/", http.StripPrefix("/application", appConfig.Handler()))
+	logger.Println("GET  /application/config/authz")
+
+	server, err := newServer()
 	if err != nil {
-		logger.Fatalf("failed to open ca.pem: %v", err)
+		logger.Fatal(err)
+	}
+
+	server.Handler = mux
+	log.Println(server.ListenAndServeTLS("", ""))
+}
+
+func newServer() (*http.Server, error) {
+	// "./certs/combined.pem", "./certs/server-key.pem"
+	requiredVars := map[string]string{
+		"HUB_CA_CERT_FILE":     "",
+		"HUB_SERVER_CERT_FILE": "",
+		"HUB_SERVER_KEY_FILE":  "",
+	}
+
+	for k, _ := range requiredVars {
+		val, isSet := os.LookupEnv(k)
+		if !isSet {
+			return nil, fmt.Errorf("hub: required environment variable is unset: %s", k)
+		}
+		requiredVars[k] = val
+	}
+
+	certFile, err := os.Open(requiredVars["HUB_CA_CERT_FILE"])
+	if err != nil {
+		return nil, fmt.Errorf("hub: failed to open ca.pem: %w", err)
 	}

 	caCert, err := io.ReadAll(certFile)
 	if err != nil {
-		logger.Fatalf("failed to read in ca: %v", err)
+		return nil, fmt.Errorf("hub: failed to read in ca: %w", err)
 	}

 	pool := x509.NewCertPool()
 	pool.AppendCertsFromPEM(caCert)

+	serverCert, err := tls.LoadX509KeyPair(requiredVars["HUB_SERVER_CERT_FILE"], requiredVars["HUB_SERVER_KEY_FILE"])
+	if err != nil {
+		return nil, fmt.Errorf("hub: failed to load server certs: %w", err)
+	}
+
 	server := &http.Server{
 		Addr: ":3001",
 		TLSConfig: &tls.Config{
-			ClientCAs:  pool,
-			ClientAuth: tls.RequireAndVerifyClientCert,
+			ClientCAs:    pool,
+			ClientAuth:   tls.RequireAndVerifyClientCert,
+			Certificates: []tls.Certificate{serverCert},
 		},
 	}
-	server.Handler = mux
-	log.Println(server.ListenAndServeTLS("./certs/combined.pem", "./certs/server-key.pem"))
+
+	return server, nil
 }