diff --git a/.travis.yml b/.travis.yml index 96902e1..cc73f36 100644 --- a/.travis.yml +++ b/.travis.yml @@ -1,6 +1,6 @@ language: go go: - - 1.8 + - 1.9 env: - "PATH=/home/travis/gopath/bin:$PATH" before_install: diff --git a/README.md b/README.md index 2694687..fabce59 100644 --- a/README.md +++ b/README.md @@ -107,7 +107,7 @@ Check out how in the INSTALL section. ## Installation -1) Install [Go 1.8 or newer](https://golang.org/doc/install) +1) Install [Go 1.9 or newer](https://golang.org/doc/install) 2) Clone this repo: `git clone https://github.com/joohoi/acme-dns $GOPATH/src/acme-dns` diff --git a/api.go b/api.go index 29e252a..c2e04e0 100644 --- a/api.go +++ b/api.go @@ -4,15 +4,15 @@ import ( "errors" "fmt" + "github.com/kataras/iris" log "github.com/sirupsen/logrus" - "gopkg.in/kataras/iris.v6" ) // Serve is an authentication middlware function used to authenticate update requests -func (a authMiddleware) Serve(ctx *iris.Context) { +func (a authMiddleware) Serve(ctx iris.Context) { allowUpdate := false - usernameStr := ctx.RequestHeader("X-Api-User") - password := ctx.RequestHeader("X-Api-Key") + usernameStr := ctx.GetHeader("X-Api-User") + password := ctx.GetHeader("X-Api-Key") postData := ACMETxt{} username, err := getValidUsername(usernameStr) @@ -28,7 +28,7 @@ func (a authMiddleware) Serve(ctx *iris.Context) { // Now test for the possibly limited ranges if DNSConf.API.UseHeader { - ips := getIPListFromHeader(ctx.RequestHeader(DNSConf.API.HeaderName)) + ips := getIPListFromHeader(ctx.GetHeader(DNSConf.API.HeaderName)) allowUpdate = au.allowedFromList(ips) } else { allowUpdate = au.allowedFrom(ctx.RemoteAddr()) @@ -43,7 +43,9 @@ func (a authMiddleware) Serve(ctx *iris.Context) { } } else { // JSON error - ctx.JSON(iris.StatusBadRequest, iris.Map{"error": "bad data"}) + log.WithFields(log.Fields{"error": err.Error()}).Warning("Failed reading POST data") + ctx.JSON(iris.Map{"error": "bad data"}) + ctx.StatusCode(iris.StatusBadRequest) return } } @@ -53,10 +55,11 @@ func (a authMiddleware) Serve(ctx *iris.Context) { } } } - ctx.JSON(iris.StatusUnauthorized, iris.Map{"error": "unauthorized"}) + ctx.JSON(iris.Map{"error": "unauthorized"}) + ctx.StatusCode(iris.StatusUnauthorized) } -func webRegisterPost(ctx *iris.Context) { +func webRegisterPost(ctx iris.Context) { var regJSON iris.Map var regStatus int aTXT := ACMETxt{} @@ -74,13 +77,14 @@ func webRegisterPost(ctx *iris.Context) { log.WithFields(log.Fields{"user": nu.Username.String()}).Debug("Created new user") } - ctx.JSON(regStatus, regJSON) + ctx.JSON(regJSON) + ctx.StatusCode(regStatus) } -func webUpdatePost(ctx *iris.Context) { +func webUpdatePost(ctx iris.Context) { // User auth done in middleware a := ACMETxt{} - userStr := ctx.RequestHeader("X-API-User") + userStr := ctx.GetHeader("X-API-User") // Already checked in auth middlware username, _ := getValidUsername(userStr) // Already checked in auth middleware @@ -94,7 +98,8 @@ func webUpdatePost(ctx *iris.Context) { webUpdatePostError(ctx, errors.New("internal error"), iris.StatusInternalServerError) return } - ctx.JSON(iris.StatusOK, iris.Map{"txt": a.Value}) + ctx.JSON(iris.Map{"txt": a.Value}) + ctx.StatusCode(iris.StatusOK) } else { log.WithFields(log.Fields{"subdomain": a.Subdomain, "txt": a.Value}).Debug("Bad data for subdomain") webUpdatePostError(ctx, errors.New("bad data"), iris.StatusBadRequest) @@ -102,8 +107,9 @@ func webUpdatePost(ctx *iris.Context) { } } -func webUpdatePostError(ctx *iris.Context, err error, status int) { +func webUpdatePostError(ctx iris.Context, err error, status int) { errStr := fmt.Sprintf("%v", err) updJSON := iris.Map{"error": errStr} - ctx.JSON(status, updJSON) + ctx.JSON(updJSON) + ctx.StatusCode(status) } diff --git a/config.cfg b/config.cfg index 795ca15..77cd3f0 100644 --- a/config.cfg +++ b/config.cfg @@ -33,6 +33,10 @@ connection = "acme-dns.db" [api] # domain name to listen requests for, mandatory if using tls = "letsencrypt" api_domain = "" +# email to use for account registration for Let's Encrypt, used only if tls = "letsencrypt" +le_email = "admin@example.com" +# listen ip eg. 127.0.0.1 +ip = "127.0.0.1" # listen port, eg. 443 for default HTTPS port = "8080" # possible values: "letsencrypt", "cert", "none" diff --git a/main.go b/main.go index 725730b..444cef3 100644 --- a/main.go +++ b/main.go @@ -5,10 +5,9 @@ package main import ( "os" + "github.com/iris-contrib/middleware/cors" + "github.com/kataras/iris" log "github.com/sirupsen/logrus" - "gopkg.in/kataras/iris.v6" - "gopkg.in/kataras/iris.v6/adaptors/cors" - "gopkg.in/kataras/iris.v6/adaptors/httprouter" ) func main() { @@ -41,9 +40,8 @@ func main() { } func startHTTPAPI() { - api := iris.New(iris.Configuration{DisableBodyConsumptionOnUnmarshal: true}) - api.Adapt(httprouter.New()) - api.Adapt(cors.New(cors.Options{ + api := iris.New() + api.Use(cors.New(cors.Options{ AllowedOrigins: DNSConf.API.CorsOrigins, AllowedMethods: []string{"GET", "POST"}, OptionsPassthrough: false, @@ -52,18 +50,14 @@ func startHTTPAPI() { var ForceAuth = authMiddleware{} api.Post("/register", webRegisterPost) api.Post("/update", ForceAuth.Serve, webUpdatePost) + + host := DNSConf.API.Domain + ":" + DNSConf.API.Port switch DNSConf.API.TLS { case "letsencrypt": - listener, err := iris.LETSENCRYPT("0.0.0.0", DNSConf.API.Domain) - err = api.Serve(listener) - if err != nil { - log.Errorf("Error in HTTP server [%v]", err) - } + api.Run(iris.AutoTLS(host, DNSConf.API.Domain, DNSConf.API.LEmail), iris.WithoutBodyConsumptionOnUnmarshal) case "cert": - host := DNSConf.API.Domain + ":" + DNSConf.API.Port - api.ListenTLS(host, DNSConf.API.TLSCertFullchain, DNSConf.API.TLSCertPrivkey) + api.Run(iris.TLS(host, DNSConf.API.TLSCertFullchain, DNSConf.API.TLSCertPrivkey), iris.WithoutBodyConsumptionOnUnmarshal) default: - host := DNSConf.API.Domain + ":" + DNSConf.API.Port - api.Listen(host) + api.Run(iris.Addr(host), iris.WithoutBodyConsumptionOnUnmarshal) } } diff --git a/types.go b/types.go index 0a41a3e..9ccca6f 100644 --- a/types.go +++ b/types.go @@ -51,6 +51,8 @@ type dbsettings struct { // API config type httpapi struct { Domain string `toml:"api_domain"` + LEmail string `toml:"le_email"` + IP string Port string TLS string TLSCertPrivkey string `toml:"tls_cert_privkey"`