1
0
Fork 0
mirror of https://github.com/FrankerFaceZ/FrankerFaceZ.git synced 2025-09-16 01:56:55 +00:00

Add certificate reloader on SIGHUP

This commit is contained in:
Kane York 2017-09-26 13:04:39 -07:00
parent a5e3ad701b
commit 7b0cdc4baa
3 changed files with 83 additions and 8 deletions

View file

@ -1,7 +1,10 @@
package main // import "github.com/FrankerFaceZ/FrankerFaceZ/socketserver/cmd/ffzsocketserver"
import _ "net/http/pprof"
import (
"context"
"crypto/tls"
"encoding/json"
"flag"
"fmt"
@ -14,11 +17,10 @@ import (
"syscall"
"time"
"github.com/FrankerFaceZ/FrankerFaceZ/socketserver/certreloader"
"github.com/FrankerFaceZ/FrankerFaceZ/socketserver/server"
)
import _ "net/http/pprof"
var configFilename = flag.String("config", "config.json", "Configuration file, including the keypairs for the NaCl crypto library, for communicating with the backend.")
var flagGenerateKeys = flag.Bool("genkeys", false, "Generate NaCl keys instead of serving requests.\nArguments: [int serverId] [base64 backendPublic]\nThe backend public key can either be specified in base64 on the command line, or put in the json file later.")
@ -69,12 +71,21 @@ func main() {
signal.Notify(stopSig, syscall.SIGTERM)
if conf.UseSSL {
reloader, err := certreloader.New(conf.SSLCertificateFile, conf.SSLKeyFile)
if err != nil {
log.Fatalln("Could not load TLS certificate:", err)
}
reloader.AutoCheck(syscall.SIGHUP)
server1 = &http.Server{
Addr: conf.SSLListenAddr,
Handler: http.DefaultServeMux,
TLSConfig: &tls.Config{
GetCertificate: reloader.GetCertificateFunc(),
},
}
go func() {
if err := server1.ListenAndServeTLS(conf.SSLCertificateFile, conf.SSLKeyFile); err != nil {
if err := server1.ListenAndServeTLS("", ""); err != nil {
log.Println("ListenAndServeTLS:", err)
stopSig <- os.Interrupt
}