Skip to content

Commit

Permalink
Add custom subdomains
Browse files Browse the repository at this point in the history
  • Loading branch information
rekby committed Mar 7, 2020
1 parent eb6a3d1 commit ee04435
Show file tree
Hide file tree
Showing 8 changed files with 36 additions and 6 deletions.
2 changes: 1 addition & 1 deletion cmd/a_main-packr.go

Large diffs are not rendered by default.

1 change: 1 addition & 0 deletions cmd/config.go
Original file line number Diff line number Diff line change
Expand Up @@ -30,6 +30,7 @@ import (
type ConfigGeneral struct {
IssueTimeout int
StorageDir string
Subdomains []string
AcmeServer string
StoreJSONMetadata bool
IncludeConfigs []string
Expand Down
6 changes: 6 additions & 0 deletions cmd/main.go
Original file line number Diff line number Diff line change
Expand Up @@ -9,6 +9,7 @@ import (
"net/http"
"os"
"runtime"
"strings"
"time"

"golang.org/x/xerrors"
Expand Down Expand Up @@ -124,6 +125,11 @@ func startProgram(config *configType) {
certManager := cert_manager.New(acmeClient, storage, registry)
certManager.CertificateIssueTimeout = time.Duration(config.General.IssueTimeout) * time.Second
certManager.SaveJSONMeta = config.General.StoreJSONMetadata
for _, subdomain := range config.General.Subdomains {
subdomain = strings.TrimSpace(subdomain)
subdomain = strings.TrimSuffix(subdomain, ".") + "." // must ends with dot
certManager.AutoSubdomains = append(certManager.AutoSubdomains, subdomain)
}

certManager.DomainChecker, err = config.CheckDomains.CreateDomainChecker(ctx)
log.DebugFatal(logger, err, "Config domain checkers.")
Expand Down
3 changes: 3 additions & 0 deletions cmd/static/default-config.toml
Original file line number Diff line number Diff line change
Expand Up @@ -13,6 +13,9 @@ StorageDir = "storage"
# Store .json info with certificate metadata near certificate.
StoreJSONMetadata = true

# Subdomains, auto-included within certificate of main domain name
Subdomains = ["www."]

# Directory url of acme server.
#Test server: https://acme-staging-v02.api.letsencrypt.org/directory
AcmeServer = "https://acme-v02.api.letsencrypt.org/directory"
Expand Down
2 changes: 1 addition & 1 deletion internal/cert_manager/cert_description_test.go
Original file line number Diff line number Diff line change
Expand Up @@ -15,7 +15,7 @@ func TestCertDescription_CertStoreName(t *testing.T) {

func TestCertDescription_DomainNames(t *testing.T) {
td := testdeep.NewT(t)
td.Cmp(CertDescription{MainDomain: "asd.ru", KeyType: KeyRSA}.DomainNames(), []DomainName{"asd.ru", "www.asd.ru"})
td.Cmp(CertDescription{MainDomain: "asd.ru", KeyType: KeyRSA, Subdomains: []string{"www."}}.DomainNames(), []DomainName{"asd.ru", "www.asd.ru"})
}

func TestCertDescription_KeyStoreName(t *testing.T) {
Expand Down
20 changes: 17 additions & 3 deletions internal/cert_manager/cert_desctiption.go
Original file line number Diff line number Diff line change
Expand Up @@ -10,14 +10,20 @@ import (
type CertDescription struct {
MainDomain string
KeyType KeyType
Subdomains []string
}

func (n CertDescription) CertStoreName() string {
return n.MainDomain + "." + n.KeyType.String() + ".cer"
}

func (n CertDescription) DomainNames() []DomainName {
return []DomainName{DomainName(n.MainDomain), DomainName("www." + n.MainDomain)}
domains := make([]DomainName, 1, len(n.Subdomains)+1)
domains[0] = DomainName(n.MainDomain)
for _, subdomain := range n.Subdomains {
domains = append(domains, DomainName(subdomain+n.MainDomain))
}
return domains
}

func (n CertDescription) KeyStoreName() string {
Expand All @@ -40,9 +46,17 @@ func (n CertDescription) ZapField() zap.Field {
return zap.Stringer("cert_name", n)
}

func CertDescriptionFromDomain(domain DomainName, keyType KeyType) CertDescription {
func CertDescriptionFromDomain(domain DomainName, keyType KeyType, autoSubDomains []string) CertDescription {
mainDomain := domain.String()
for _, subdomain := range autoSubDomains {
if strings.HasPrefix(mainDomain, subdomain) {
mainDomain = strings.TrimPrefix(mainDomain, subdomain)
break
}
}
return CertDescription{
MainDomain: strings.TrimPrefix(domain.String(), "www."),
MainDomain: mainDomain,
KeyType: keyType,
Subdomains: autoSubDomains,
}
}
6 changes: 5 additions & 1 deletion internal/cert_manager/manager.go
Original file line number Diff line number Diff line change
Expand Up @@ -81,6 +81,10 @@ type Manager struct {
CertificateIssueTimeout time.Duration
Cache cache.Bytes

// Subdomains, auto-issued with main domain.
// Every subdomain must have suffix dot. For example: "www."
AutoSubdomains []string

// Client is used to perform low-level operations, such as account registration
// and requesting new certificates.
//
Expand Down Expand Up @@ -164,7 +168,7 @@ func (m *Manager) GetCertificate(hello *tls.ClientHelloInfo) (resultCert *tls.Ce

//nolint:funlen,gocognit
func (m *Manager) getCertificate(ctx context.Context, needDomain DomainName, certType KeyType) (resultCert *tls.Certificate, err error) {
certDescription := CertDescriptionFromDomain(needDomain, certType)
certDescription := CertDescriptionFromDomain(needDomain, certType, m.AutoSubdomains)

logger := zc.L(ctx).With(certDescription.ZapField())
ctx = zc.WithLogger(ctx, zc.L(ctx).With(certDescription.ZapField()))
Expand Down
2 changes: 2 additions & 0 deletions internal/cert_manager/manager_functional_test.go
Original file line number Diff line number Diff line change
Expand Up @@ -38,6 +38,7 @@ func TestManager_GetCertificateHttp01(t *testing.T) {
defer mc.Finish()

manager := New(createTestClient(t), newCacheMock(mc), nil)
manager.AutoSubdomains = []string{"www."}
manager.EnableTLSValidation = false
manager.EnableHTTPValidation = true

Expand Down Expand Up @@ -86,6 +87,7 @@ func TestManager_GetCertificateTls(t *testing.T) {
defer mc.Finish()

manager := New(createTestClient(t), newCacheMock(mc), nil)
manager.AutoSubdomains = []string{"www."}

lisneter, err := net.ListenTCP("tcp", &net.TCPAddr{Port: 5001})

Expand Down

0 comments on commit ee04435

Please sign in to comment.