Add LetsEncrypt support

When configured the server will request a TLS certificate for the specified server name from LetsEncrypt
author: Niall Sheridan <nsheridan@gmail.com> 2016-12-28 14:54:57 +0000
committer: Niall Sheridan <nsheridan@gmail.com> 2016-12-28 15:01:58 +0000
commit: d7129803488e81e6df691161b774908bf801e527 (patch)
tree: 5391b7ad94435086c5e3a5937e1118580a17edfd /cmd
parent: e0a1ccb64a637673195804513902cba6b1d4e97c (diff)
1 files changed, 14 insertions, 4 deletions
diff --git a/cmd/cashierd/main.go b/cmd/cashierd/main.go
index 7df85e6..12d744d 100644
--- a/cmd/cashierd/main.go
+++ b/cmd/cashierd/main.go
@@ -18,6 +18,7 @@ import (
 	"strings"
 
 	"go4.org/wkfs"
+	"golang.org/x/crypto/acme/autocert"
 	"golang.org/x/oauth2"
 
 	"github.com/gorilla/csrf"
@@ -342,10 +343,19 @@ func main() {
 
 	tlsConfig := &tls.Config{}
 	if config.Server.UseTLS {
-		tlsConfig.Certificates = make([]tls.Certificate, 1)
-		tlsConfig.Certificates[0], err = loadCerts(config.Server.TLSCert, config.Server.TLSKey)
-		if err != nil {
-			log.Fatal(err)
+		if config.Server.LetsEncryptServername != "" {
+			m := autocert.Manager{
+				Prompt:     autocert.AcceptTOS,
+				Cache:      autocert.DirCache(config.Server.LetsEncryptCache),
+				HostPolicy: autocert.HostWhitelist(config.Server.LetsEncryptServername),
+			}
+			tlsConfig.GetCertificate = m.GetCertificate
+		} else {
+			tlsConfig.Certificates = make([]tls.Certificate, 1)
+			tlsConfig.Certificates[0], err = loadCerts(config.Server.TLSCert, config.Server.TLSKey)
+			if err != nil {
+				log.Fatal(err)
+			}
 		}
 		l = tls.NewListener(l, tlsConfig)
 	}
author	Niall Sheridan <nsheridan@gmail.com>	2016-12-28 14:54:57 +0000
committer	Niall Sheridan <nsheridan@gmail.com>	2016-12-28 15:01:58 +0000
commit	d7129803488e81e6df691161b774908bf801e527 (patch)
tree	5391b7ad94435086c5e3a5937e1118580a17edfd /cmd
parent	e0a1ccb64a637673195804513902cba6b1d4e97c (diff)