diff options
author | Niall Sheridan <nsheridan@gmail.com> | 2016-12-28 14:54:57 +0000 |
---|---|---|
committer | Niall Sheridan <nsheridan@gmail.com> | 2016-12-28 15:01:58 +0000 |
commit | d7129803488e81e6df691161b774908bf801e527 (patch) | |
tree | 5391b7ad94435086c5e3a5937e1118580a17edfd /cmd/cashierd | |
parent | e0a1ccb64a637673195804513902cba6b1d4e97c (diff) |
Add LetsEncrypt support
When configured the server will request a TLS certificate for the specified server name from LetsEncrypt
Diffstat (limited to 'cmd/cashierd')
-rw-r--r-- | cmd/cashierd/main.go | 18 |
1 files changed, 14 insertions, 4 deletions
diff --git a/cmd/cashierd/main.go b/cmd/cashierd/main.go index 7df85e6..12d744d 100644 --- a/cmd/cashierd/main.go +++ b/cmd/cashierd/main.go @@ -18,6 +18,7 @@ import ( "strings" "go4.org/wkfs" + "golang.org/x/crypto/acme/autocert" "golang.org/x/oauth2" "github.com/gorilla/csrf" @@ -342,10 +343,19 @@ func main() { tlsConfig := &tls.Config{} if config.Server.UseTLS { - tlsConfig.Certificates = make([]tls.Certificate, 1) - tlsConfig.Certificates[0], err = loadCerts(config.Server.TLSCert, config.Server.TLSKey) - if err != nil { - log.Fatal(err) + if config.Server.LetsEncryptServername != "" { + m := autocert.Manager{ + Prompt: autocert.AcceptTOS, + Cache: autocert.DirCache(config.Server.LetsEncryptCache), + HostPolicy: autocert.HostWhitelist(config.Server.LetsEncryptServername), + } + tlsConfig.GetCertificate = m.GetCertificate + } else { + tlsConfig.Certificates = make([]tls.Certificate, 1) + tlsConfig.Certificates[0], err = loadCerts(config.Server.TLSCert, config.Server.TLSKey) + if err != nil { + log.Fatal(err) + } } l = tls.NewListener(l, tlsConfig) } |