feat: support Automatically install TLS certificates from Let's Encrypt. (#205)

* feat: support Automatically install TLS certificates from Let's Encrypt. * refactor: update tls server. * fix: missing tls package. * fix: drop 1.6.x support * docs: update readme. * fix: listen tcp :443: bind: permission denied
2017-04-05 12:03:43 +08:00
parent 9b793cf80b
commit 97eae1fab4
19 changed files with 2723 additions and 25 deletions
--- a/config/config.go
+++ b/config/config.go
@@ -19,16 +19,24 @@ type ConfYaml struct {

 // SectionCore is sub section of config.
 type SectionCore struct {
-	Port            string     `yaml:"port"`
-	MaxNotification int64      `yaml:"max_notification"`
-	WorkerNum       int64      `yaml:"worker_num"`
-	QueueNum        int64      `yaml:"queue_num"`
-	Mode            string     `yaml:"mode"`
-	SSL             bool       `yaml:"ssl"`
-	CertPath        string     `yaml:"cert_path"`
-	KeyPath         string     `yaml:"key_path"`
-	HTTPProxy       string     `yaml:"http_proxy"`
-	PID             SectionPID `yaml:"pid"`
+	Port            string         `yaml:"port"`
+	MaxNotification int64          `yaml:"max_notification"`
+	WorkerNum       int64          `yaml:"worker_num"`
+	QueueNum        int64          `yaml:"queue_num"`
+	Mode            string         `yaml:"mode"`
+	SSL             bool           `yaml:"ssl"`
+	CertPath        string         `yaml:"cert_path"`
+	KeyPath         string         `yaml:"key_path"`
+	HTTPProxy       string         `yaml:"http_proxy"`
+	PID             SectionPID     `yaml:"pid"`
+	AutoTLS         SectionAutoTLS `yaml:"auto_tls"`
+}
+
+// SectionAutoTLS support Let's Encrypt setting.
+type SectionAutoTLS struct {
+	Enabled bool   `yaml:"enabled"`
+	Folder  string `yaml:"folder"`
+	Host    string `yaml:"host"`
 }

 // SectionAPI is sub section of config.
@@ -123,6 +131,9 @@ func BuildDefaultPushConf() ConfYaml {
 	conf.Core.PID.Enabled = false
 	conf.Core.PID.Path = "gorush.pid"
 	conf.Core.PID.Override = false
+	conf.Core.AutoTLS.Enabled = false
+	conf.Core.AutoTLS.Folder = ".cache"
+	conf.Core.AutoTLS.Host = ""

 	// Api
 	conf.API.PushURI = "/api/push"
--- a/config/config.yml
+++ b/config/config.yml
@@ -1,5 +1,5 @@
 core:
-  port: "8088"
+  port: "8088" # ignore this port number if auto_tls is enabled (listen 443).
  worker_num: 0 # default worker number is runtime.NumCPU()
  queue_num: 0 # default queue number is 8192
  max_notification: 100
@@ -12,6 +12,10 @@ core:
    enabled: false
    path: "gorush.pid"
    override: true
+  auto_tls:
+    enabled: false # Automatically install TLS certificates from Let's Encrypt.
+    folder: ".cache" # folder for storing TLS certificates
+    host: "" # which domains the Let's Encrypt will attempt

 api:
  push_uri: "/api/push"
--- a/config/config_test.go
+++ b/config/config_test.go
@@ -68,6 +68,9 @@ func (suite *ConfigTestSuite) TestValidateConfDefault() {
 	assert.Equal(suite.T(), false, suite.ConfGorushDefault.Core.PID.Enabled)
 	assert.Equal(suite.T(), "gorush.pid", suite.ConfGorushDefault.Core.PID.Path)
 	assert.Equal(suite.T(), false, suite.ConfGorushDefault.Core.PID.Override)
+	assert.Equal(suite.T(), false, suite.ConfGorushDefault.Core.AutoTLS.Enabled)
+	assert.Equal(suite.T(), ".cache", suite.ConfGorushDefault.Core.AutoTLS.Folder)
+	assert.Equal(suite.T(), "", suite.ConfGorushDefault.Core.AutoTLS.Host)

 	// Api
 	assert.Equal(suite.T(), "/api/push", suite.ConfGorushDefault.API.PushURI)
@@ -124,6 +127,9 @@ func (suite *ConfigTestSuite) TestValidateConf() {
 	assert.Equal(suite.T(), false, suite.ConfGorush.Core.PID.Enabled)
 	assert.Equal(suite.T(), "gorush.pid", suite.ConfGorush.Core.PID.Path)
 	assert.Equal(suite.T(), true, suite.ConfGorush.Core.PID.Override)
+	assert.Equal(suite.T(), false, suite.ConfGorush.Core.AutoTLS.Enabled)
+	assert.Equal(suite.T(), ".cache", suite.ConfGorush.Core.AutoTLS.Folder)
+	assert.Equal(suite.T(), "", suite.ConfGorush.Core.AutoTLS.Host)

 	// Api
 	assert.Equal(suite.T(), "/api/push", suite.ConfGorush.API.PushURI)