Merge pull request 'fix: implémenter correctement tls certfile et keyfile' (#55) from vlbeaudoin/fix/tls into main

Reviewed-on: #55
This commit is contained in:
Victor Lacasse-Beaudoin 2024-09-06 20:38:02 -05:00
commit e14ff3d04e
3 changed files with 38 additions and 23 deletions

View file

@ -1,6 +1,7 @@
package main package main
import ( import (
"crypto/tls"
"net/http" "net/http"
"testing" "testing"
@ -19,7 +20,18 @@ func TestAPI(t *testing.T) {
return return
} }
httpClient := http.DefaultClient //httpClient := http.DefaultClient
//defer httpClient.CloseIdleConnections()
transport := http.Transport{
TLSClientConfig: &tls.Config{
InsecureSkipVerify: true,
},
}
httpClient := http.Client{
Transport: &transport,
}
defer httpClient.CloseIdleConnections() defer httpClient.CloseIdleConnections()
var protocol string var protocol string
@ -30,7 +42,7 @@ func TestAPI(t *testing.T) {
protocol = "http" protocol = "http"
} }
vokiClient := voki.New(httpClient, "localhost", cfg.API.Key, cfg.API.Port, protocol) vokiClient := voki.New(&httpClient, "localhost", cfg.API.Key, cfg.API.Port, protocol)
apiClient := APIClient{vokiClient} apiClient := APIClient{vokiClient}
t.Run("get API health", func(t *testing.T) { t.Run("get API health", func(t *testing.T) {

7
cmd.go
View file

@ -122,11 +122,14 @@ var apiCmd = &cobra.Command{
), ),
) )
case true: case true:
//TODO
log.Printf("dbg: certfile='%s' keyfile='%s'", cfg.API.TLS.Certfile, cfg.API.TLS.Keyfile)
e.Logger.Fatal( e.Logger.Fatal(
e.StartTLS( e.StartTLS(
fmt.Sprintf(":%d", cfg.API.Port), fmt.Sprintf(":%d", cfg.API.Port),
cfg.API.TLS.CertificateFile, cfg.API.TLS.Certfile,
cfg.API.TLS.PrivateKeyFile, cfg.API.TLS.Keyfile,
), ),
) )
} }

View file

@ -16,15 +16,15 @@ const (
DefaultAPITLSEnabled bool = false DefaultAPITLSEnabled bool = false
DescriptionAPITLSEnabled string = "Whether to use TLS or not. Requires certificate and private key files." DescriptionAPITLSEnabled string = "Whether to use TLS or not. Requires certificate and private key files."
ViperAPITLSCertificateFile string = "api.tls.certificate_file" ViperAPITLSCertfile string = "api.tls.certfile"
FlagAPITLSCertificateFile string = "api-tls-certificate-file" FlagAPITLSCertfile string = "api-tls-certfile"
DefaultAPITLSCertificateFile string = "" DefaultAPITLSCertfile string = "/etc/bottin/cert.pem"
DescriptionAPITLSCertificateFile string = "Path to TLS certificate file" DescriptionAPITLSCertfile string = "Path to TLS certificate file"
ViperAPITLSPrivateKeyFile string = "api.tls.private_key_file" ViperAPITLSKeyfile string = "api.tls.keyfile"
FlagAPITLSPrivateKeyFile string = "api-tls-private-key-file" FlagAPITLSKeyfile string = "api-tls-keyfile"
DefaultAPITLSPrivateKeyFile string = "" DefaultAPITLSKeyfile string = "/etc/bottin/key.pem"
DescriptionAPITLSPrivateKeyFile string = "Path to TLS private key file" DescriptionAPITLSKeyFile string = "Path to TLS private key file"
ViperAPIPort string = "api.port" ViperAPIPort string = "api.port"
FlagAPIPort string = "api-port" FlagAPIPort string = "api-port"
@ -108,11 +108,11 @@ type Config struct {
Enabled bool `yaml:"enabled"` Enabled bool `yaml:"enabled"`
// Path to file containing TLS certificate // Path to file containing TLS certificate
CertificateFile string `yaml:"certificate_file"` Certfile string `yaml:"certfile"`
// Path to file containing TLS private key // Path to file containing TLS private key
PrivateKeyFile string `yaml:"private_key_file"` Keyfile string `yaml:"keyfile"`
} } `yaml:"tls"`
Port int `yaml:"port"` Port int `yaml:"port"`
Key string `yaml:"key"` Key string `yaml:"key"`
} `yaml:"api"` } `yaml:"api"`
@ -141,8 +141,8 @@ type Config struct {
// `Default*` constants defined in this file. // `Default*` constants defined in this file.
func DefaultConfig() (cfg Config) { func DefaultConfig() (cfg Config) {
cfg.API.TLS.Enabled = DefaultAPITLSEnabled cfg.API.TLS.Enabled = DefaultAPITLSEnabled
cfg.API.TLS.CertificateFile = DefaultAPITLSCertificateFile cfg.API.TLS.Certfile = DefaultAPITLSCertfile
cfg.API.TLS.PrivateKeyFile = DefaultAPITLSPrivateKeyFile cfg.API.TLS.Keyfile = DefaultAPITLSKeyfile
cfg.API.Port = DefaultAPIPort cfg.API.Port = DefaultAPIPort
cfg.API.Key = DefaultAPIKey cfg.API.Key = DefaultAPIKey
cfg.DB.Database = DefaultDBDatabase cfg.DB.Database = DefaultDBDatabase
@ -178,15 +178,15 @@ func init() {
log.Fatal(err) log.Fatal(err)
} }
// api.tls.certificate_file // api.tls.certfile
apiCmd.Flags().String(FlagAPITLSCertificateFile, DefaultAPITLSCertificateFile, DescriptionAPITLSCertificateFile) apiCmd.Flags().String(FlagAPITLSCertfile, DefaultAPITLSCertfile, DescriptionAPITLSCertfile)
if err := viper.BindPFlag(ViperAPITLSCertificateFile, apiCmd.Flags().Lookup(FlagAPITLSCertificateFile)); err != nil { if err := viper.BindPFlag(ViperAPITLSCertfile, apiCmd.Flags().Lookup(FlagAPITLSCertfile)); err != nil {
log.Fatal(err) log.Fatal(err)
} }
// api.tls.private_key_file // api.tls.keyfile
apiCmd.Flags().String(FlagAPITLSPrivateKeyFile, DefaultAPITLSPrivateKeyFile, DescriptionAPITLSPrivateKeyFile) apiCmd.Flags().String(FlagAPITLSKeyfile, DefaultAPITLSKeyfile, DescriptionAPITLSKeyFile)
if err := viper.BindPFlag(ViperAPITLSPrivateKeyFile, apiCmd.Flags().Lookup(FlagAPITLSPrivateKeyFile)); err != nil { if err := viper.BindPFlag(ViperAPITLSKeyfile, apiCmd.Flags().Lookup(FlagAPITLSKeyfile)); err != nil {
log.Fatal(err) log.Fatal(err)
} }