add tls config to server (#1202)

* add tls config * add TLSConfig to acme provider
2020-02-15 15:10:26 +00:00
parent 158949d0d0
commit 964b7dee3f
9 changed files with 114 additions and 18 deletions
--- a/api/server/acme/autocert/autocert.go
+++ b/api/server/acme/autocert/autocert.go
@@ -3,7 +3,10 @@
 package autocert

 import (
+	"crypto/tls"
+	"log"
 	"net"
+	"os"

 	"github.com/micro/go-micro/v2/api/server/acme"
 	"golang.org/x/crypto/acme/autocert"
@@ -12,12 +15,30 @@ import (
 // autoCertACME is the ACME provider from golang.org/x/crypto/acme/autocert
 type autocertProvider struct{}

-// NewListener implements acme.Provider
-func (a *autocertProvider) NewListener(ACMEHosts ...string) (net.Listener, error) {
-	return autocert.NewListener(ACMEHosts...), nil
+// Listen implements acme.Provider
+func (a *autocertProvider) Listen(hosts ...string) (net.Listener, error) {
+	return autocert.NewListener(hosts...), nil
+}
+
+// TLSConfig returns a new tls config
+func (a *autocertProvider) TLSConfig(hosts ...string) (*tls.Config, error) {
+	// create a new manager
+	m := &autocert.Manager{
+		Prompt: autocert.AcceptTOS,
+	}
+	if len(hosts) > 0 {
+		m.HostPolicy = autocert.HostWhitelist(hosts...)
+	}
+	dir := cacheDir()
+	if err := os.MkdirAll(dir, 0700); err != nil {
+		log.Printf("warning: autocert not using a cache: %v", err)
+	} else {
+		m.Cache = autocert.DirCache(dir)
+	}
+	return m.TLSConfig(), nil
 }

 // New returns an autocert acme.Provider
-func New() acme.Provider {
+func NewProvider() acme.Provider {
 	return &autocertProvider{}
 }