move acme out of api

api/acme/acme.go

@@ -1,28 +0,0 @@
-// Package acme abstracts away various ACME libraries
-package acme
-
-import (
-	"crypto/tls"
-	"errors"
-	"net"
-)
-
-var (
-	// ErrProviderNotImplemented can be returned when attempting to
-	// instantiate an unimplemented provider
-	ErrProviderNotImplemented = errors.New("Provider not implemented")
-)
-
-// Provider is a ACME provider interface
-type Provider interface {
-	// Listen returns a new listener
-	Listen(...string) (net.Listener, error)
-	// TLSConfig returns a tls config
-	TLSConfig(...string) (*tls.Config, error)
-}
-
-// The Let's Encrypt ACME endpoints
-const (
-	LetsEncryptStagingCA    = "https://acme-staging-v02.api.letsencrypt.org/directory"
-	LetsEncryptProductionCA = "https://acme-v02.api.letsencrypt.org/directory"
-)

api/acme/autocert/autocert.go

@@ -1,46 +0,0 @@
-// Package autocert is the ACME provider from golang.org/x/crypto/acme/autocert
-// This provider does not take any config.
-package autocert
-
-import (
-	"crypto/tls"
-	"net"
-	"os"
-
-	"github.com/micro/go-micro/v3/api/acme"
-	"github.com/micro/go-micro/v3/logger"
-	"golang.org/x/crypto/acme/autocert"
-)
-
-// autoCertACME is the ACME provider from golang.org/x/crypto/acme/autocert
-type autocertProvider struct{}
-
-// Listen implements acme.Provider
-func (a *autocertProvider) Listen(hosts ...string) (net.Listener, error) {
-	return autocert.NewListener(hosts...), nil
-}
-
-// TLSConfig returns a new tls config
-func (a *autocertProvider) TLSConfig(hosts ...string) (*tls.Config, error) {
-	// create a new manager
-	m := &autocert.Manager{
-		Prompt: autocert.AcceptTOS,
-	}
-	if len(hosts) > 0 {
-		m.HostPolicy = autocert.HostWhitelist(hosts...)
-	}
-	dir := cacheDir()
-	if err := os.MkdirAll(dir, 0700); err != nil {
-		if logger.V(logger.InfoLevel, logger.DefaultLogger) {
-			logger.Infof("warning: autocert not using a cache: %v", err)
-		}
-	} else {
-		m.Cache = autocert.DirCache(dir)
-	}
-	return m.TLSConfig(), nil
-}
-
-// New returns an autocert acme.Provider
-func NewProvider() acme.Provider {
-	return &autocertProvider{}
-}

api/acme/autocert/autocert_test.go

@@ -1,16 +0,0 @@
-package autocert
-
-import (
-	"testing"
-)
-
-func TestAutocert(t *testing.T) {
-	l := NewProvider()
-	if _, ok := l.(*autocertProvider); !ok {
-		t.Error("NewProvider() didn't return an autocertProvider")
-	}
-	// TODO: Travis CI doesn't let us bind :443
-	// if _, err := l.NewListener(); err != nil {
-	// 	t.Error(err.Error())
-	// }
-}

api/acme/autocert/cache.go

@@ -1,37 +0,0 @@
-package autocert
-
-import (
-	"os"
-	"path/filepath"
-	"runtime"
-)
-
-func homeDir() string {
-	if runtime.GOOS == "windows" {
-		return os.Getenv("HOMEDRIVE") + os.Getenv("HOMEPATH")
-	}
-	if h := os.Getenv("HOME"); h != "" {
-		return h
-	}
-	return "/"
-}
-
-func cacheDir() string {
-	const base = "golang-autocert"
-	switch runtime.GOOS {
-	case "darwin":
-		return filepath.Join(homeDir(), "Library", "Caches", base)
-	case "windows":
-		for _, ev := range []string{"APPDATA", "CSIDL_APPDATA", "TEMP", "TMP"} {
-			if v := os.Getenv(ev); v != "" {
-				return filepath.Join(v, base)
-			}
-		}
-		// Worst case:
-		return filepath.Join(homeDir(), base)
-	}
-	if xdg := os.Getenv("XDG_CACHE_HOME"); xdg != "" {
-		return filepath.Join(xdg, base)
-	}
-	return filepath.Join(homeDir(), ".cache", base)
-}

api/acme/options.go

@@ -1,73 +0,0 @@
-package acme
-
-import "github.com/go-acme/lego/v3/challenge"
-
-// Option (or Options) are passed to New() to configure providers
-type Option func(o *Options)
-
-// Options represents various options you can present to ACME providers
-type Options struct {
-	// AcceptTLS must be set to true to indicate that you have read your
-	// provider's terms of service.
-	AcceptToS bool
-	// CA is the CA to use
-	CA string
-	// ChallengeProvider is a go-acme/lego challenge provider. Set this if you
-	// want to use DNS Challenges. Otherwise, tls-alpn-01 will be used
-	ChallengeProvider challenge.Provider
-	// Issue certificates for domains on demand. Otherwise, certs will be
-	// retrieved / issued on start-up.
-	OnDemand bool
-	// Cache is a storage interface. Most ACME libraries have an cache, but
-	// there's no defined interface, so if you consume this option
-	// sanity check it before using.
-	Cache interface{}
-}
-
-// AcceptToS indicates whether you accept your CA's terms of service
-func AcceptToS(b bool) Option {
-	return func(o *Options) {
-		o.AcceptToS = b
-	}
-}
-
-// CA sets the CA of an acme.Options
-func CA(CA string) Option {
-	return func(o *Options) {
-		o.CA = CA
-	}
-}
-
-// ChallengeProvider sets the Challenge provider of an acme.Options
-// if set, it enables the DNS challenge, otherwise tls-alpn-01 will be used.
-func ChallengeProvider(p challenge.Provider) Option {
-	return func(o *Options) {
-		o.ChallengeProvider = p
-	}
-}
-
-// OnDemand enables on-demand certificate issuance. Not recommended for use
-// with the DNS challenge, as the first connection may be very slow.
-func OnDemand(b bool) Option {
-	return func(o *Options) {
-		o.OnDemand = b
-	}
-}
-
-// Cache provides a cache / storage interface to the underlying ACME library
-// as there is no standard, this needs to be validated by the underlying
-// implentation.
-func Cache(c interface{}) Option {
-	return func(o *Options) {
-		o.Cache = c
-	}
-}
-
-// DefaultOptions uses the Let's Encrypt Production CA, with DNS Challenge disabled.
-func DefaultOptions() Options {
-	return Options{
-		AcceptToS: true,
-		CA:        LetsEncryptProductionCA,
-		OnDemand:  true,
-	}
-}

api/options.go

@@ -3,7 +3,7 @@ package api
 import (
 	"crypto/tls"
 
-	"github.com/micro/go-micro/v3/api/acme"
+	"github.com/micro/go-micro/v3/acme"
 	"github.com/micro/go-micro/v3/api/resolver"
 )