From ee04435426a5d50f4841b1f21c01310c0cb6980f Mon Sep 17 00:00:00 2001 From: rekby Date: Sun, 8 Mar 2020 00:44:23 +0300 Subject: [PATCH] Add custom subdomains --- cmd/a_main-packr.go | 2 +- cmd/config.go | 1 + cmd/main.go | 6 ++++++ cmd/static/default-config.toml | 3 +++ .../cert_manager/cert_description_test.go | 2 +- internal/cert_manager/cert_desctiption.go | 20 ++++++++++++++++--- internal/cert_manager/manager.go | 6 +++++- .../cert_manager/manager_functional_test.go | 2 ++ 8 files changed, 36 insertions(+), 6 deletions(-) diff --git a/cmd/a_main-packr.go b/cmd/a_main-packr.go index 05d1b9a0..4ebf3120 100644 --- a/cmd/a_main-packr.go +++ b/cmd/a_main-packr.go @@ -7,5 +7,5 @@ import "github.com/gobuffalo/packr" // You can use the "packr clean" command to clean up this, // and any other packr generated files. func init() { - packr.PackJSONBytes("static", "default-config.toml", "\"IyMgQVRURU5USU9OCiMgaXQgaXMgZXhhbXBsZSBmaWxlIG9ubHkuIEl0IGJ1aWx0aW4gaW4gYmluYXJ5IGFuZCBkb24ndCByZWFkIGZyb20gZmlsZSBzeXN0ZW0uCiMgY2hhbmdlcyBpbiBjb25maWdfZGVmYXVsdC50b21sIGhhdmUgbm8gcmVhbCBlZmZlY3QuCgpbR2VuZXJhbF0KCiMgU2Vjb25kcyBmb3IgaXNzdWUgZXZlcnkgY2VydGlmaWNhdGUuIENhbmNlbCBpc3N1ZSBhbmQgcmV0dXJuIGVycm9yIGlmIHRpbWVvdXQuCklzc3VlVGltZW91dCA9IDMwMAoKIyBQYXRoIHRvIGRpciwgd2hpY2ggd2lsbCBzdG9yZSBzdGF0ZSBhbmQgY2VydGlmaWNhdGVzClN0b3JhZ2VEaXIgPSAic3RvcmFnZSIKCiMgU3RvcmUgLmpzb24gaW5mbyB3aXRoIGNlcnRpZmljYXRlIG1ldGFkYXRhIG5lYXIgY2VydGlmaWNhdGUuClN0b3JlSlNPTk1ldGFkYXRhID0gdHJ1ZQoKIyBEaXJlY3RvcnkgdXJsIG9mIGFjbWUgc2VydmVyLgojVGVzdCBzZXJ2ZXI6IGh0dHBzOi8vYWNtZS1zdGFnaW5nLXYwMi5hcGkubGV0c2VuY3J5cHQub3JnL2RpcmVjdG9yeQpBY21lU2VydmVyID0gImh0dHBzOi8vYWNtZS12MDIuYXBpLmxldHNlbmNyeXB0Lm9yZy9kaXJlY3RvcnkiCgojIEluY2x1ZGUgb3RoZXIgY29uZmlnIGZpbGVzCiMgSXQgc3VwcG9ydCBnbG9iIHN5bnRheAojIElmIGl0IGhhcyBwYXRoIHdpdGhvdXQgdGVtcGxhdGUgLSB0aGUgZmlsZSBtdXN0IGV4aXN0LgojIEZvciBhbGxvdyBvcHRpb25hbCBpbmNsdWRlIGZpbGUgLSBpdCBjYW4gY29udGFpbiBzb21lIGdsb2Igc3ltYm9sCiMgSW5jbHVkZWQgY29uZmlncyBtZXJnZSB3aXRoIGN1cnJlbnQgcmVhZGVkIHN0YXRlLgojIGV4YW1wbGU9WyAiY29uZmlnLnRvbVtsXSIgXQpJbmNsdWRlQ29uZmlncyA9IFtdCgojIEZvciBwcmV2ZW50IGluZmluaXRlIGxvb3AgYW5kIGNvbnN1bWUgYWxsIG1lbW9yeSBpZiBjeWNsZSBpbiBpbmNsdWRlcwpNYXhDb25maWdGaWxlc1JlYWQgPSAxMDAwMAoKW0xvZ10KRW5hYmxlTG9nVG9GaWxlID0gdHJ1ZQpFbmFibGVMb2dUb1N0ZEVyciA9IHRydWUKCiMgdmVyYm9zZSBsZXZlbCBvZiBsb2csIG9uZSBvZjogZGVidWcsIGluZm8sIHdhcm5pbmcsIGVycm9yLCBmYXRhbApMb2dMZXZlbCA9ICJpbmZvIgoKIyBFbmFibGUgc2VsZiBsb2cgcm90YXRpbmcKRW5hYmxlUm90YXRlID0gdHJ1ZQoKIyBFbmFibGUgZGV2ZWxvcGVyIG1vZGU6IG1vcmUgc3RhY2t0cmFjZXMgYW5kIHBhbmljIChzdG9wIHByb2dyYW0pIG9uIHNvbWUgaW50ZXJuYWwgZXJyb3JzLgpEZXZlbG9wZXJNb2RlID0gZmFsc2UKCiMgUGF0aCB0byBsb2cgZmlsZQpGaWxlID0gImxldHMtcHJveHkubG9nIgoKIyBSb3RhdGUgbG9nIGlmIGN1cnJlbnQgZmlsZSBzaXplIG1vcmUgdGhhbiBYIE1CClJvdGF0ZUJ5U2l6ZU1CID0gMTAwCgojIENvbXByZXNzIG9sZCBsb2cgd2l0aCBnemlwIGFmdGVyIHJvdGF0ZQpDb21wcmVzc1JvdGF0ZWQgPSBmYWxzZQoKIyBEZWxldGUgb2xkIGJhY2t1cHMgYWZ0ZXIgWCBkYXlzLiAwIGZvciBkaXNhYmxlLgpNYXhEYXlzID0gMTAKCiMgRGVsZXRlIG9sZCBiYWNrdXBzIGlmIG9sZCBmaWxlIG51bWJlciBtb3JlIHRoZW4gWC4gMCBmb3IgZGlzYWJsZS4KTWF4Q291bnQgPSAxMAoKW1Byb3h5XQoKIyBEZWZhdWx0IHJ1bGUgb2Ygc2VsZWN0IGRlc3RpbmF0aW9uIGFkZHJlc3MuCiMgSXQgY2FuIGJlOiBJUCAod2l0aCBkZWZhdWx0IHBvcnQgODApLCA6UG9ydCAoZGVmYXVsdCAtIHNhbWUgSVAgYXMgcmVjZWl2ZSBjb25uZWN0aW9uKSwgSVB2NDpQb3J0IG9yIFtJUHY2XTpQb3J0CiMgTXVzdCBkZWZpbmUgcG9ydCBmb3JjZSBpZiBIVFRQU0JhY2tlbmQgaXMgdHJ1ZQpEZWZhdWx0VGFyZ2V0ID0gIjo4MCIKCiMgQWZ0ZXIgS2VlcEFsaXZlVGltZW91dFNlY29uZHMgb2YgaW5hY3RpdmUgaW5jb21pbmcgY29ubmVjdGlvbiB3aWxsIGNsb3NlLgpLZWVwQWxpdmVUaW1lb3V0U2Vjb25kcyA9IDkwMAoKIyBBcnJheSBvZiAnLScgc2VwYXJhdGVkIHBhaXJzIG9yIElQOlBvcnQuIEZvciBleGFtcGxlOgojIFsKIyAgICIxLjIuMy40OjQ0My0yLjIuMi4yOjEyMzQiLAojICAgIjMuMy4zLjM6MzMzLVs6OjFdOjk0IgojICJdCiMgTWVhbjogY29ubmVjdGlvbnMsIGFjY2VwdGVkIG9uIDEuMi4zLjQ6NDQzIHNlbmQgdG8gc2VydmVyIDIuMi4yLjI6MTIzNAojIGFuZCBjb25uZWN0aW9ucyBhY2NlcHRlZCBvbiAzLjMuMy4zOjMzMyBzZW5kIHRvIGlwdjYgOjoxIHBvcnQgOTQKVGFyZ2V0TWFwID0gW10KCiMgQXJyYXkgb2YgY29sb24gc2VwYXJhdGVkIEhlYWRlck5hbWU6SGVhZGVyVmFsdWUgZm9yIGFkZCB0byByZXF1ZXN0IGZvciBiYWNrZW5kLiB7e1ZhbHVlfX0gaXMgc3BlY2lhbCBmb3Jtcywgd2hpY2ggY2FuCiMgaW50ZXJuYWxseSBwYXJzaW5nLiBOb3cgaXQgc3VwcG9ydCBvbmx5IHNwZWNpYWwgdmFsdWVzOgojIHt7Q09OTkVDVElPTl9JRH19IC0gSWQgb2YgYWNjZXB0ZWQgY29ubmVjdGlvbiwgZ2VuZXJhdGVkIGJ5IGxldHMtcHJveHkKIyB7e0hUVFBfUFJPVE99fSAtIHNldCB0byBodHRwL2h0dHBzIGRlcGVuZGVuY2UgaW5jb21pbmcgY29ubmVjdGlvbnMgaGFuZGxlZAojIHt7U09VUkNFX0lQfX0gLSBSZW1vdGUgSVAgb2YgaW5jb21pbmcgY29ubmVjdGlvbgojIHtTT1VSQ0VfUE9SVH19IC0gUmVtb3RlIHBvcnQgb2YgaW5jb21pbmcgY29ubmVjdGlvbgojIHt7U09VUkNFX0lQfX06e3tTT1VSQ0VfUE9SVH19IC0gUmVtb3RlIElQOlBvcnQgb2YgaW5jb21pbmcgY29ubmVjdGlvbi4KIyBOb3cgaXQgYWNjZXB0ZWQgb25seSB0aGlzIHNwZWNpYWwgdmFsdWVzLCB3aGljaCBtdXN0IGJlIGV4YXhsdHkgZXF1YWwgdG8gZXhhbXBsZXMuIEFsbCBvdGhlciB2YWx1ZXMgc2VuZCBhcyBpcy4KIyBCdXQgaXQgY2FuIGNoYW5nZSBhbmQgZXh0ZW5kIGluIGZ1dHVyZS4gRG9lc24ndCB1c2Uge3suLi59fSBhcyBvd24gdmFsdWVzLgojIEV4YW1wbGU6CiMgWyJJUDp7e1NPVVJDRV9JUH19IiwgIlByb3h5OmxldHMtcHJveHkiLCAiUHJvdG9jb2w6e3tIVFRQX1BST1RPfX0iIF0KSGVhZGVycyA9IFtdCgojIFVzZSBodHRwcyByZXF1ZXN0cyB0byBiYWNrZW5kIGluc3RlYWQgb2YgaHR0cApIVFRQU0JhY2tlbmQgPSBmYWxzZQoKIyBJZ25vcmUgYmFja2VuZCBodHRwcyBjZXJ0aWZpY2F0ZSB2YWxpZGF0aW9ucyBpZiBIVFRQU0JhY2tlbmQgaXMgdHJ1ZQpIVFRQU0JhY2tlbmRJZ25vcmVDZXJ0ID0gdHJ1ZQoKW0NoZWNrRG9tYWluc10KCiMgQWxsb3cgZG9tYWluIGlmIGl0IHJlc29sdmVyIGZvciBvbmUgb2YgcHVibGljIElQcyBvZiB0aGlzIHNlcnZlci4KSVBTZWxmID0gdHJ1ZQoKIyBIb3cgZGV0ZWN0IHB1YmxpYyBpcHMgb2YgdGhlIHNlcnZlci4KIyBpdCB1c2UgaWYgSVBTZWxmIGlzIHRydWUKIyBhdXRvIHwgbG9jYWwgfCBhd3MgIHwgeWFuZGV4CiMgYXV0byAtIGJlc3QgZWZmb3J0IGZvciBkZXRlY3QgSVAuIEFsZ29yaXRtIG1heSBjaGFuZ2UgZnJvbSB0aW1lIHRvIHRpbWUuCiMgICAgICAgIGl0IGdvb2QgZm9yIGRlZmF1bHQuCiMgYmluZCAtIGRldGVjdCBwdWJsaWMgSVAgYmluZGVkIHRvIGxvY2FsIGludGVyZmFjZXMKIyBhd3MgLSBkZXRlY3QgcHVibGljIElQcyBieSBxdWVyeSB0byBBV1MgRUMyIG1ldGFkYXRhCiMgZXh0ZXJuYWwgLSBkZXRlY3Qgc2VsZiBpcCBieSByZXF1ZXN0IHRvIGV4dGVybmFsIHNlcnZlciBJUFNlbGZFeHRlcm5hbERldGVjdG9yCiMgeWFuZGV4IC0gZGV0ZWN0IHB1YmxpYyBJUHMgYnkgcXVlcnkgdG8gWWFuZGV4IGNsb3VkIG1ldGFkYXRhIChub3cgYWxpYXMgZm9yIGF3cykKSVBTZWxmRGV0ZWN0TWV0aG9kID0gImF1dG8iCgojIFNlcnZlciBmb3IgdXNlIGFzIGV4dGVybmFsIGRldGVjdG9yIG9mIHNlcnZlciBJUCAobmVlZCBmb3IgZGV0ZWN0IElQIGJlaGluZCBOQVQKIyBTZXJ2ZXIgbXVzdCByZXNwb25zZSBhcyBwbGFpbiB0ZXh0IElQIGFkZHJlc3MuCiMgRm9yIGV2ZXJ5IGRldGVjdCBsZXRzLXByb3h5IG1ha2UgdHdvIHJlcXVlc3RzOiBieSBpcHY0IGFuZCBpcHY2IG5ldHdvcmtzCklQU2VsZkV4dGVybmFsRGV0ZWN0b3JVUkw9Imh0dHA6Ly9pZmNvbmZpZy5pby9pcCIKCiMgQWxsb3cgZG9tYWluIGlmIGl0IHJlc29sdmVyIGZvciBvbmUgb2YgdGhlIGlwcy4KSVBXaGl0ZUxpc3QgPSAiIgoKIyBSZWdleHAgaW4gZ29sYW5nIHN5bnRheCBvZiBibGFja2xpc3RlZCBkb21haW4gZm9yIGlzc3VlIGNlcnRpZmljYXRlLgojVGhpcyBsaXN0IG92ZXJyaWRlZCBieSB3aGl0ZWxpc3QuCkJsYWNrTGlzdCA9ICIiCgojIFJlZ2V4cCBpbiBnb2xhbmcgc3ludGF4IG9mIHdoaXRlbGlzdCBkb21haW5zIGZvciBpc3N1ZSBjZXJ0aWZpY2F0ZS4KI1doaXRlbGlzdCBuZWVkIGZvciBhbGxvdyBwYXJ0IG9mIGRvbWFpbnMsIHdoaWNoIGV4Y2x1ZGVkIGJ5IGJsYWNrbGlzdC4KIwpXaGl0ZUxpc3QgPSAiIgoKIyBDb21tYSBzZXBhcmF0ZWQgZG5zIHNlcnZlciwgdXNlZCBmb3IgcmVzb2x2ZSBpcDpwb3J0IGFkZHJlc3Mgb2YgZG9tYWlucyB3aGlsZSBjaGVjayBpdC4KIyBpZiBlbXB0eSAtIHVzZSBzeXN0ZW0gZG5zIHJlc29sdmVyICh1c3VhbGx5IGluY2x1ZGUgaG9zdHMgZmlsZSwgY2FjaGUsIGV0YykKIyBpZiBzZXQgLSB1c2UgZGlyZWN0IGRucyBxdWVyaWVzIGZvciBzZXJ2ZXJzLCB3aXRob3V0IHNlbGYgY2FjaGUuCiMgaWYgc2V0IG1vcmUsIHRoYW4gb25lIGRucyBzZXJ2ZXIgLSBzZW5kIHF1ZXJpZXMgaW4gcGFyYWxsZWwgdG8gYWxsIHNlcnZlcnMuCiMgZXJyb3IgcmVzdWx0cyBmcm9tIHBhcnQgb2Ygc2VydmVycyAtIGlnbm9yZS4gTmVlZCBtaW5pbXVtIG9uZSBhbnN3ZXIuCiMgaWYgZGlmZmVyZW50IGRucyBzZXJ2ZXJzIHJldHVybiBkaWZmZXJlbnQgaXAgYWRkcmVzc2VzIC0gYWxsIG9mIHRoZW0gdXNlIGZvciBjaGVjawojIEV4YW1wbGU6ICI4LjguOC44OjUzLDEuMS4xLjE6NTMsNzcuODguOC44OjUzLFsyYTAyOjZiODo6ZmVlZDowZmZdOjUzLFsyMDAxOjQ4NjA6NDg2MDo6ODg4OF06NTMiClJlc29sdmVyID0gIiIKCgoKW0xpc3Rlbl0KCiMgQmluZCBhZGRyZXNzZXMgZm9yIFRMUyBsaXN0ZW5lcnMKVExTQWRkcmVzc2VzID0gWyI6NDQzIl0KCiMgQmluZCBhZGRyZXNzZXMgd2l0aG91dCBUTFMgc2VjdXJlIChmb3IgSFRUUCByZXZlcnNlIHByb3h5IGFuZCBodHRwLTAxIHZhbGlkYXRpb24gd2l0aG91dCByZWRpcmVjdCB0byBodHRwcykKVENQQWRkcmVzc2VzID0gW10KCgpbTWV0cmljc10KIyBFbmFibGUgbWV0cmljcyBpbiBwcm9tZXRoZW91cyBmb3JtYXRoIGJ5IGh0dHAuCkVuYWJsZSA9IGZhbHNlCgojIEJpbmQgYWRkcmVzc2VzIGZvciBnZXQgYnkgaHR0cHMKVExTQWRkcmVzc2VzID0gW10KCiMgQmluZCBhZGRyZXNzZXMgd2l0aG91dCBUTFMgc2VjdXJlIChmb3IgSFRUUCByZXZlcnNlIHByb3h5IGFuZCBodHRwLTAxIHZhbGlkYXRpb24gd2l0aG91dCByZWRpcmVjdCB0byBodHRwcykKVENQQWRkcmVzc2VzID0gWyAiWzo6XTo2MjEwMCIgXQoKIyBJUCBuZXR3b3JrcyBmb3IgYWxsb3cgdG8gZ2V0IG1ldHJpY3MuCiMgRGVmYXVsdCAtIGFsbG93IGZyb20gYWxsLgojIEV4YW1wbGU6CiMgWyAiMS4yLjMuNC8zMiIsICIxOTIuMTY4LjAuMC8yNCIsICI6OjEvMTI4IiBdCkFsbG93ZWROZXR3b3JrcyA9IFtdCgojIFBhc3N3b3JkIGZvciBnZXQgbWV0cmljcywgYWRkIGFzIGdldCBwYXJhbSA/cGFzc3dvcmQ9Li4uClBhc3N3b3JkICAgICAgICA9ICIiCgojIEFsbG93IHNldCBwYXNzd29yZCB0byBlbXB0eSBzdHJpbmcKQWxsb3dFbXB0eVBhc3N3b3JkICA9IGZhbHNlCgoKCltQcm9maWxlcl0KRW5hYmxlID0gZmFsc2UKCiMgSVAgbmV0d29ya3MgZm9yIGFsbG93IHRvIHVzZSBwcm9maWxlci4KIyBEZWZhdWx0IC0gYWxsb3cgZnJvbSBhbGwuCiMgRXhhbXBsZToKIyBbICIxLjIuMy40LzMyIiwgIjE5Mi4xNjguMC4wLzI0IiwgIjo6MS8xMjgiIF0KQWxsb3dlZE5ldHdvcmtzID0gW10KQmluZEFkZHJlc3MgPSAibG9jYWxob3N0OjMxMzQ0IgpQYXNzd29yZCAgICAgICAgPSAiIgpBbGxvd0VtcHR5UGFzc3dvcmQgID0gZmFsc2UK\"") + packr.PackJSONBytes("static", "default-config.toml", "\"IyMgQVRURU5USU9OCiMgaXQgaXMgZXhhbXBsZSBmaWxlIG9ubHkuIEl0IGJ1aWx0aW4gaW4gYmluYXJ5IGFuZCBkb24ndCByZWFkIGZyb20gZmlsZSBzeXN0ZW0uCiMgY2hhbmdlcyBpbiBjb25maWdfZGVmYXVsdC50b21sIGhhdmUgbm8gcmVhbCBlZmZlY3QuCgpbR2VuZXJhbF0KCiMgU2Vjb25kcyBmb3IgaXNzdWUgZXZlcnkgY2VydGlmaWNhdGUuIENhbmNlbCBpc3N1ZSBhbmQgcmV0dXJuIGVycm9yIGlmIHRpbWVvdXQuCklzc3VlVGltZW91dCA9IDMwMAoKIyBQYXRoIHRvIGRpciwgd2hpY2ggd2lsbCBzdG9yZSBzdGF0ZSBhbmQgY2VydGlmaWNhdGVzClN0b3JhZ2VEaXIgPSAic3RvcmFnZSIKCiMgU3RvcmUgLmpzb24gaW5mbyB3aXRoIGNlcnRpZmljYXRlIG1ldGFkYXRhIG5lYXIgY2VydGlmaWNhdGUuClN0b3JlSlNPTk1ldGFkYXRhID0gdHJ1ZQoKIyBTdWJkb21haW5zLCBhdXRvLWluY2x1ZGVkIHdpdGhpbiBjZXJ0aWZpY2F0ZSBvZiBtYWluIGRvbWFpbiBuYW1lClN1YmRvbWFpbnMgPSBbInd3dy4iXQoKIyBEaXJlY3RvcnkgdXJsIG9mIGFjbWUgc2VydmVyLgojVGVzdCBzZXJ2ZXI6IGh0dHBzOi8vYWNtZS1zdGFnaW5nLXYwMi5hcGkubGV0c2VuY3J5cHQub3JnL2RpcmVjdG9yeQpBY21lU2VydmVyID0gImh0dHBzOi8vYWNtZS12MDIuYXBpLmxldHNlbmNyeXB0Lm9yZy9kaXJlY3RvcnkiCgojIEluY2x1ZGUgb3RoZXIgY29uZmlnIGZpbGVzCiMgSXQgc3VwcG9ydCBnbG9iIHN5bnRheAojIElmIGl0IGhhcyBwYXRoIHdpdGhvdXQgdGVtcGxhdGUgLSB0aGUgZmlsZSBtdXN0IGV4aXN0LgojIEZvciBhbGxvdyBvcHRpb25hbCBpbmNsdWRlIGZpbGUgLSBpdCBjYW4gY29udGFpbiBzb21lIGdsb2Igc3ltYm9sCiMgSW5jbHVkZWQgY29uZmlncyBtZXJnZSB3aXRoIGN1cnJlbnQgcmVhZGVkIHN0YXRlLgojIGV4YW1wbGU9WyAiY29uZmlnLnRvbVtsXSIgXQpJbmNsdWRlQ29uZmlncyA9IFtdCgojIEZvciBwcmV2ZW50IGluZmluaXRlIGxvb3AgYW5kIGNvbnN1bWUgYWxsIG1lbW9yeSBpZiBjeWNsZSBpbiBpbmNsdWRlcwpNYXhDb25maWdGaWxlc1JlYWQgPSAxMDAwMAoKW0xvZ10KRW5hYmxlTG9nVG9GaWxlID0gdHJ1ZQpFbmFibGVMb2dUb1N0ZEVyciA9IHRydWUKCiMgdmVyYm9zZSBsZXZlbCBvZiBsb2csIG9uZSBvZjogZGVidWcsIGluZm8sIHdhcm5pbmcsIGVycm9yLCBmYXRhbApMb2dMZXZlbCA9ICJpbmZvIgoKIyBFbmFibGUgc2VsZiBsb2cgcm90YXRpbmcKRW5hYmxlUm90YXRlID0gdHJ1ZQoKIyBFbmFibGUgZGV2ZWxvcGVyIG1vZGU6IG1vcmUgc3RhY2t0cmFjZXMgYW5kIHBhbmljIChzdG9wIHByb2dyYW0pIG9uIHNvbWUgaW50ZXJuYWwgZXJyb3JzLgpEZXZlbG9wZXJNb2RlID0gZmFsc2UKCiMgUGF0aCB0byBsb2cgZmlsZQpGaWxlID0gImxldHMtcHJveHkubG9nIgoKIyBSb3RhdGUgbG9nIGlmIGN1cnJlbnQgZmlsZSBzaXplIG1vcmUgdGhhbiBYIE1CClJvdGF0ZUJ5U2l6ZU1CID0gMTAwCgojIENvbXByZXNzIG9sZCBsb2cgd2l0aCBnemlwIGFmdGVyIHJvdGF0ZQpDb21wcmVzc1JvdGF0ZWQgPSBmYWxzZQoKIyBEZWxldGUgb2xkIGJhY2t1cHMgYWZ0ZXIgWCBkYXlzLiAwIGZvciBkaXNhYmxlLgpNYXhEYXlzID0gMTAKCiMgRGVsZXRlIG9sZCBiYWNrdXBzIGlmIG9sZCBmaWxlIG51bWJlciBtb3JlIHRoZW4gWC4gMCBmb3IgZGlzYWJsZS4KTWF4Q291bnQgPSAxMAoKW1Byb3h5XQoKIyBEZWZhdWx0IHJ1bGUgb2Ygc2VsZWN0IGRlc3RpbmF0aW9uIGFkZHJlc3MuCiMgSXQgY2FuIGJlOiBJUCAod2l0aCBkZWZhdWx0IHBvcnQgODApLCA6UG9ydCAoZGVmYXVsdCAtIHNhbWUgSVAgYXMgcmVjZWl2ZSBjb25uZWN0aW9uKSwgSVB2NDpQb3J0IG9yIFtJUHY2XTpQb3J0CiMgTXVzdCBkZWZpbmUgcG9ydCBmb3JjZSBpZiBIVFRQU0JhY2tlbmQgaXMgdHJ1ZQpEZWZhdWx0VGFyZ2V0ID0gIjo4MCIKCiMgQWZ0ZXIgS2VlcEFsaXZlVGltZW91dFNlY29uZHMgb2YgaW5hY3RpdmUgaW5jb21pbmcgY29ubmVjdGlvbiB3aWxsIGNsb3NlLgpLZWVwQWxpdmVUaW1lb3V0U2Vjb25kcyA9IDkwMAoKIyBBcnJheSBvZiAnLScgc2VwYXJhdGVkIHBhaXJzIG9yIElQOlBvcnQuIEZvciBleGFtcGxlOgojIFsKIyAgICIxLjIuMy40OjQ0My0yLjIuMi4yOjEyMzQiLAojICAgIjMuMy4zLjM6MzMzLVs6OjFdOjk0IgojICJdCiMgTWVhbjogY29ubmVjdGlvbnMsIGFjY2VwdGVkIG9uIDEuMi4zLjQ6NDQzIHNlbmQgdG8gc2VydmVyIDIuMi4yLjI6MTIzNAojIGFuZCBjb25uZWN0aW9ucyBhY2NlcHRlZCBvbiAzLjMuMy4zOjMzMyBzZW5kIHRvIGlwdjYgOjoxIHBvcnQgOTQKVGFyZ2V0TWFwID0gW10KCiMgQXJyYXkgb2YgY29sb24gc2VwYXJhdGVkIEhlYWRlck5hbWU6SGVhZGVyVmFsdWUgZm9yIGFkZCB0byByZXF1ZXN0IGZvciBiYWNrZW5kLiB7e1ZhbHVlfX0gaXMgc3BlY2lhbCBmb3Jtcywgd2hpY2ggY2FuCiMgaW50ZXJuYWxseSBwYXJzaW5nLiBOb3cgaXQgc3VwcG9ydCBvbmx5IHNwZWNpYWwgdmFsdWVzOgojIHt7Q09OTkVDVElPTl9JRH19IC0gSWQgb2YgYWNjZXB0ZWQgY29ubmVjdGlvbiwgZ2VuZXJhdGVkIGJ5IGxldHMtcHJveHkKIyB7e0hUVFBfUFJPVE99fSAtIHNldCB0byBodHRwL2h0dHBzIGRlcGVuZGVuY2UgaW5jb21pbmcgY29ubmVjdGlvbnMgaGFuZGxlZAojIHt7U09VUkNFX0lQfX0gLSBSZW1vdGUgSVAgb2YgaW5jb21pbmcgY29ubmVjdGlvbgojIHtTT1VSQ0VfUE9SVH19IC0gUmVtb3RlIHBvcnQgb2YgaW5jb21pbmcgY29ubmVjdGlvbgojIHt7U09VUkNFX0lQfX06e3tTT1VSQ0VfUE9SVH19IC0gUmVtb3RlIElQOlBvcnQgb2YgaW5jb21pbmcgY29ubmVjdGlvbi4KIyBOb3cgaXQgYWNjZXB0ZWQgb25seSB0aGlzIHNwZWNpYWwgdmFsdWVzLCB3aGljaCBtdXN0IGJlIGV4YXhsdHkgZXF1YWwgdG8gZXhhbXBsZXMuIEFsbCBvdGhlciB2YWx1ZXMgc2VuZCBhcyBpcy4KIyBCdXQgaXQgY2FuIGNoYW5nZSBhbmQgZXh0ZW5kIGluIGZ1dHVyZS4gRG9lc24ndCB1c2Uge3suLi59fSBhcyBvd24gdmFsdWVzLgojIEV4YW1wbGU6CiMgWyJJUDp7e1NPVVJDRV9JUH19IiwgIlByb3h5OmxldHMtcHJveHkiLCAiUHJvdG9jb2w6e3tIVFRQX1BST1RPfX0iIF0KSGVhZGVycyA9IFtdCgojIFVzZSBodHRwcyByZXF1ZXN0cyB0byBiYWNrZW5kIGluc3RlYWQgb2YgaHR0cApIVFRQU0JhY2tlbmQgPSBmYWxzZQoKIyBJZ25vcmUgYmFja2VuZCBodHRwcyBjZXJ0aWZpY2F0ZSB2YWxpZGF0aW9ucyBpZiBIVFRQU0JhY2tlbmQgaXMgdHJ1ZQpIVFRQU0JhY2tlbmRJZ25vcmVDZXJ0ID0gdHJ1ZQoKW0NoZWNrRG9tYWluc10KCiMgQWxsb3cgZG9tYWluIGlmIGl0IHJlc29sdmVyIGZvciBvbmUgb2YgcHVibGljIElQcyBvZiB0aGlzIHNlcnZlci4KSVBTZWxmID0gdHJ1ZQoKIyBIb3cgZGV0ZWN0IHB1YmxpYyBpcHMgb2YgdGhlIHNlcnZlci4KIyBpdCB1c2UgaWYgSVBTZWxmIGlzIHRydWUKIyBhdXRvIHwgbG9jYWwgfCBhd3MgIHwgeWFuZGV4CiMgYXV0byAtIGJlc3QgZWZmb3J0IGZvciBkZXRlY3QgSVAuIEFsZ29yaXRtIG1heSBjaGFuZ2UgZnJvbSB0aW1lIHRvIHRpbWUuCiMgICAgICAgIGl0IGdvb2QgZm9yIGRlZmF1bHQuCiMgYmluZCAtIGRldGVjdCBwdWJsaWMgSVAgYmluZGVkIHRvIGxvY2FsIGludGVyZmFjZXMKIyBhd3MgLSBkZXRlY3QgcHVibGljIElQcyBieSBxdWVyeSB0byBBV1MgRUMyIG1ldGFkYXRhCiMgZXh0ZXJuYWwgLSBkZXRlY3Qgc2VsZiBpcCBieSByZXF1ZXN0IHRvIGV4dGVybmFsIHNlcnZlciBJUFNlbGZFeHRlcm5hbERldGVjdG9yCiMgeWFuZGV4IC0gZGV0ZWN0IHB1YmxpYyBJUHMgYnkgcXVlcnkgdG8gWWFuZGV4IGNsb3VkIG1ldGFkYXRhIChub3cgYWxpYXMgZm9yIGF3cykKSVBTZWxmRGV0ZWN0TWV0aG9kID0gImF1dG8iCgojIFNlcnZlciBmb3IgdXNlIGFzIGV4dGVybmFsIGRldGVjdG9yIG9mIHNlcnZlciBJUCAobmVlZCBmb3IgZGV0ZWN0IElQIGJlaGluZCBOQVQKIyBTZXJ2ZXIgbXVzdCByZXNwb25zZSBhcyBwbGFpbiB0ZXh0IElQIGFkZHJlc3MuCiMgRm9yIGV2ZXJ5IGRldGVjdCBsZXRzLXByb3h5IG1ha2UgdHdvIHJlcXVlc3RzOiBieSBpcHY0IGFuZCBpcHY2IG5ldHdvcmtzCklQU2VsZkV4dGVybmFsRGV0ZWN0b3JVUkw9Imh0dHA6Ly9pZmNvbmZpZy5pby9pcCIKCiMgQWxsb3cgZG9tYWluIGlmIGl0IHJlc29sdmVyIGZvciBvbmUgb2YgdGhlIGlwcy4KSVBXaGl0ZUxpc3QgPSAiIgoKIyBSZWdleHAgaW4gZ29sYW5nIHN5bnRheCBvZiBibGFja2xpc3RlZCBkb21haW4gZm9yIGlzc3VlIGNlcnRpZmljYXRlLgojVGhpcyBsaXN0IG92ZXJyaWRlZCBieSB3aGl0ZWxpc3QuCkJsYWNrTGlzdCA9ICIiCgojIFJlZ2V4cCBpbiBnb2xhbmcgc3ludGF4IG9mIHdoaXRlbGlzdCBkb21haW5zIGZvciBpc3N1ZSBjZXJ0aWZpY2F0ZS4KI1doaXRlbGlzdCBuZWVkIGZvciBhbGxvdyBwYXJ0IG9mIGRvbWFpbnMsIHdoaWNoIGV4Y2x1ZGVkIGJ5IGJsYWNrbGlzdC4KIwpXaGl0ZUxpc3QgPSAiIgoKIyBDb21tYSBzZXBhcmF0ZWQgZG5zIHNlcnZlciwgdXNlZCBmb3IgcmVzb2x2ZSBpcDpwb3J0IGFkZHJlc3Mgb2YgZG9tYWlucyB3aGlsZSBjaGVjayBpdC4KIyBpZiBlbXB0eSAtIHVzZSBzeXN0ZW0gZG5zIHJlc29sdmVyICh1c3VhbGx5IGluY2x1ZGUgaG9zdHMgZmlsZSwgY2FjaGUsIGV0YykKIyBpZiBzZXQgLSB1c2UgZGlyZWN0IGRucyBxdWVyaWVzIGZvciBzZXJ2ZXJzLCB3aXRob3V0IHNlbGYgY2FjaGUuCiMgaWYgc2V0IG1vcmUsIHRoYW4gb25lIGRucyBzZXJ2ZXIgLSBzZW5kIHF1ZXJpZXMgaW4gcGFyYWxsZWwgdG8gYWxsIHNlcnZlcnMuCiMgZXJyb3IgcmVzdWx0cyBmcm9tIHBhcnQgb2Ygc2VydmVycyAtIGlnbm9yZS4gTmVlZCBtaW5pbXVtIG9uZSBhbnN3ZXIuCiMgaWYgZGlmZmVyZW50IGRucyBzZXJ2ZXJzIHJldHVybiBkaWZmZXJlbnQgaXAgYWRkcmVzc2VzIC0gYWxsIG9mIHRoZW0gdXNlIGZvciBjaGVjawojIEV4YW1wbGU6ICI4LjguOC44OjUzLDEuMS4xLjE6NTMsNzcuODguOC44OjUzLFsyYTAyOjZiODo6ZmVlZDowZmZdOjUzLFsyMDAxOjQ4NjA6NDg2MDo6ODg4OF06NTMiClJlc29sdmVyID0gIiIKCgoKW0xpc3Rlbl0KCiMgQmluZCBhZGRyZXNzZXMgZm9yIFRMUyBsaXN0ZW5lcnMKVExTQWRkcmVzc2VzID0gWyI6NDQzIl0KCiMgQmluZCBhZGRyZXNzZXMgd2l0aG91dCBUTFMgc2VjdXJlIChmb3IgSFRUUCByZXZlcnNlIHByb3h5IGFuZCBodHRwLTAxIHZhbGlkYXRpb24gd2l0aG91dCByZWRpcmVjdCB0byBodHRwcykKVENQQWRkcmVzc2VzID0gW10KCgpbTWV0cmljc10KIyBFbmFibGUgbWV0cmljcyBpbiBwcm9tZXRoZW91cyBmb3JtYXRoIGJ5IGh0dHAuCkVuYWJsZSA9IGZhbHNlCgojIEJpbmQgYWRkcmVzc2VzIGZvciBnZXQgYnkgaHR0cHMKVExTQWRkcmVzc2VzID0gW10KCiMgQmluZCBhZGRyZXNzZXMgd2l0aG91dCBUTFMgc2VjdXJlIChmb3IgSFRUUCByZXZlcnNlIHByb3h5IGFuZCBodHRwLTAxIHZhbGlkYXRpb24gd2l0aG91dCByZWRpcmVjdCB0byBodHRwcykKVENQQWRkcmVzc2VzID0gWyAiWzo6XTo2MjEwMCIgXQoKIyBJUCBuZXR3b3JrcyBmb3IgYWxsb3cgdG8gZ2V0IG1ldHJpY3MuCiMgRGVmYXVsdCAtIGFsbG93IGZyb20gYWxsLgojIEV4YW1wbGU6CiMgWyAiMS4yLjMuNC8zMiIsICIxOTIuMTY4LjAuMC8yNCIsICI6OjEvMTI4IiBdCkFsbG93ZWROZXR3b3JrcyA9IFtdCgojIFBhc3N3b3JkIGZvciBnZXQgbWV0cmljcywgYWRkIGFzIGdldCBwYXJhbSA/cGFzc3dvcmQ9Li4uClBhc3N3b3JkICAgICAgICA9ICIiCgojIEFsbG93IHNldCBwYXNzd29yZCB0byBlbXB0eSBzdHJpbmcKQWxsb3dFbXB0eVBhc3N3b3JkICA9IGZhbHNlCgoKCltQcm9maWxlcl0KRW5hYmxlID0gZmFsc2UKCiMgSVAgbmV0d29ya3MgZm9yIGFsbG93IHRvIHVzZSBwcm9maWxlci4KIyBEZWZhdWx0IC0gYWxsb3cgZnJvbSBhbGwuCiMgRXhhbXBsZToKIyBbICIxLjIuMy40LzMyIiwgIjE5Mi4xNjguMC4wLzI0IiwgIjo6MS8xMjgiIF0KQWxsb3dlZE5ldHdvcmtzID0gW10KQmluZEFkZHJlc3MgPSAibG9jYWxob3N0OjMxMzQ0IgpQYXNzd29yZCAgICAgICAgPSAiIgpBbGxvd0VtcHR5UGFzc3dvcmQgID0gZmFsc2UK\"") } diff --git a/cmd/config.go b/cmd/config.go index d34d8515..d0fc13af 100644 --- a/cmd/config.go +++ b/cmd/config.go @@ -30,6 +30,7 @@ import ( type ConfigGeneral struct { IssueTimeout int StorageDir string + Subdomains []string AcmeServer string StoreJSONMetadata bool IncludeConfigs []string diff --git a/cmd/main.go b/cmd/main.go index e298b6c2..dd254aaf 100644 --- a/cmd/main.go +++ b/cmd/main.go @@ -9,6 +9,7 @@ import ( "net/http" "os" "runtime" + "strings" "time" "golang.org/x/xerrors" @@ -124,6 +125,11 @@ func startProgram(config *configType) { certManager := cert_manager.New(acmeClient, storage, registry) certManager.CertificateIssueTimeout = time.Duration(config.General.IssueTimeout) * time.Second certManager.SaveJSONMeta = config.General.StoreJSONMetadata + for _, subdomain := range config.General.Subdomains { + subdomain = strings.TrimSpace(subdomain) + subdomain = strings.TrimSuffix(subdomain, ".") + "." // must ends with dot + certManager.AutoSubdomains = append(certManager.AutoSubdomains, subdomain) + } certManager.DomainChecker, err = config.CheckDomains.CreateDomainChecker(ctx) log.DebugFatal(logger, err, "Config domain checkers.") diff --git a/cmd/static/default-config.toml b/cmd/static/default-config.toml index 921b1a86..38c9ae55 100644 --- a/cmd/static/default-config.toml +++ b/cmd/static/default-config.toml @@ -13,6 +13,9 @@ StorageDir = "storage" # Store .json info with certificate metadata near certificate. StoreJSONMetadata = true +# Subdomains, auto-included within certificate of main domain name +Subdomains = ["www."] + # Directory url of acme server. #Test server: https://acme-staging-v02.api.letsencrypt.org/directory AcmeServer = "https://acme-v02.api.letsencrypt.org/directory" diff --git a/internal/cert_manager/cert_description_test.go b/internal/cert_manager/cert_description_test.go index bd612686..eb14ae02 100644 --- a/internal/cert_manager/cert_description_test.go +++ b/internal/cert_manager/cert_description_test.go @@ -15,7 +15,7 @@ func TestCertDescription_CertStoreName(t *testing.T) { func TestCertDescription_DomainNames(t *testing.T) { td := testdeep.NewT(t) - td.Cmp(CertDescription{MainDomain: "asd.ru", KeyType: KeyRSA}.DomainNames(), []DomainName{"asd.ru", "www.asd.ru"}) + td.Cmp(CertDescription{MainDomain: "asd.ru", KeyType: KeyRSA, Subdomains: []string{"www."}}.DomainNames(), []DomainName{"asd.ru", "www.asd.ru"}) } func TestCertDescription_KeyStoreName(t *testing.T) { diff --git a/internal/cert_manager/cert_desctiption.go b/internal/cert_manager/cert_desctiption.go index 806c7a79..fd20acbb 100644 --- a/internal/cert_manager/cert_desctiption.go +++ b/internal/cert_manager/cert_desctiption.go @@ -10,6 +10,7 @@ import ( type CertDescription struct { MainDomain string KeyType KeyType + Subdomains []string } func (n CertDescription) CertStoreName() string { @@ -17,7 +18,12 @@ func (n CertDescription) CertStoreName() string { } func (n CertDescription) DomainNames() []DomainName { - return []DomainName{DomainName(n.MainDomain), DomainName("www." + n.MainDomain)} + domains := make([]DomainName, 1, len(n.Subdomains)+1) + domains[0] = DomainName(n.MainDomain) + for _, subdomain := range n.Subdomains { + domains = append(domains, DomainName(subdomain+n.MainDomain)) + } + return domains } func (n CertDescription) KeyStoreName() string { @@ -40,9 +46,17 @@ func (n CertDescription) ZapField() zap.Field { return zap.Stringer("cert_name", n) } -func CertDescriptionFromDomain(domain DomainName, keyType KeyType) CertDescription { +func CertDescriptionFromDomain(domain DomainName, keyType KeyType, autoSubDomains []string) CertDescription { + mainDomain := domain.String() + for _, subdomain := range autoSubDomains { + if strings.HasPrefix(mainDomain, subdomain) { + mainDomain = strings.TrimPrefix(mainDomain, subdomain) + break + } + } return CertDescription{ - MainDomain: strings.TrimPrefix(domain.String(), "www."), + MainDomain: mainDomain, KeyType: keyType, + Subdomains: autoSubDomains, } } diff --git a/internal/cert_manager/manager.go b/internal/cert_manager/manager.go index beeb10aa..dde9298b 100644 --- a/internal/cert_manager/manager.go +++ b/internal/cert_manager/manager.go @@ -81,6 +81,10 @@ type Manager struct { CertificateIssueTimeout time.Duration Cache cache.Bytes + // Subdomains, auto-issued with main domain. + // Every subdomain must have suffix dot. For example: "www." + AutoSubdomains []string + // Client is used to perform low-level operations, such as account registration // and requesting new certificates. // @@ -164,7 +168,7 @@ func (m *Manager) GetCertificate(hello *tls.ClientHelloInfo) (resultCert *tls.Ce //nolint:funlen,gocognit func (m *Manager) getCertificate(ctx context.Context, needDomain DomainName, certType KeyType) (resultCert *tls.Certificate, err error) { - certDescription := CertDescriptionFromDomain(needDomain, certType) + certDescription := CertDescriptionFromDomain(needDomain, certType, m.AutoSubdomains) logger := zc.L(ctx).With(certDescription.ZapField()) ctx = zc.WithLogger(ctx, zc.L(ctx).With(certDescription.ZapField())) diff --git a/internal/cert_manager/manager_functional_test.go b/internal/cert_manager/manager_functional_test.go index 6ed19aee..c7321e32 100644 --- a/internal/cert_manager/manager_functional_test.go +++ b/internal/cert_manager/manager_functional_test.go @@ -38,6 +38,7 @@ func TestManager_GetCertificateHttp01(t *testing.T) { defer mc.Finish() manager := New(createTestClient(t), newCacheMock(mc), nil) + manager.AutoSubdomains = []string{"www."} manager.EnableTLSValidation = false manager.EnableHTTPValidation = true @@ -86,6 +87,7 @@ func TestManager_GetCertificateTls(t *testing.T) { defer mc.Finish() manager := New(createTestClient(t), newCacheMock(mc), nil) + manager.AutoSubdomains = []string{"www."} lisneter, err := net.ListenTCP("tcp", &net.TCPAddr{Port: 5001})