refator: refacoting, replace ssl by tls
This commit is contained in:
Jonas Kaninda
@@ -20,9 +20,13 @@ package pkg
|
||||
// Gateway contains Goma Proxy Gateway's configs
|
||||
type Gateway struct {
|
||||
// SSLCertFile SSL Certificate file
|
||||
SSLCertFile string `yaml:"sslCertFile" env:"GOMA_SSL_CERT_FILE, overwrite"`
|
||||
SSLCertFile string `yaml:"sslCertFile,omitempty" env:"GOMA_SSL_CERT_FILE, overwrite"` // Deprecated, use TlsCertFile instead
|
||||
// SSLKeyFile SSL Private key file
|
||||
SSLKeyFile string `yaml:"sslKeyFile" env:"GOMA_SSL_KEY_FILE, overwrite"`
|
||||
SSLKeyFile string `yaml:"sslKeyFile,omitempty" env:"GOMA_SSL_KEY_FILE, overwrite"` // Deprecated, use TlsKeyFile instead
|
||||
// TlsCertFile TLS Certificate file
|
||||
TlsCertFile string `yaml:"tlsCertFile" env:"GOMA_TLS_CERT_FILE, overwrite"`
|
||||
// SSLKeyFile TLS Private key file
|
||||
TlsKeyFile string `yaml:"tlsKeyFile" env:"GOMA_TLS_KEY_FILE, overwrite"`
|
||||
// Redis contains redis database details
|
||||
Redis Redis `yaml:"redis"`
|
||||
// WriteTimeout defines proxy write timeout
|
||||
|
||||
@@ -37,9 +37,8 @@ func (gatewayServer GatewayServer) Start() error {
|
||||
|
||||
tlsConfig, listenWithTLS, err := gatewayServer.initTLS()
|
||||
if err != nil {
|
||||
return err
|
||||
logger.Error("Failed to initialize TLS")
|
||||
}
|
||||
|
||||
if !gatewayServer.gateway.DisableDisplayRouteOnStart {
|
||||
printRoute(dynamicRoutes)
|
||||
}
|
||||
|
||||
@@ -24,16 +24,35 @@ import (
|
||||
)
|
||||
|
||||
func (gatewayServer GatewayServer) initTLS() (*tls.Config, bool, error) {
|
||||
cert, key := gatewayServer.gateway.SSLCertFile, gatewayServer.gateway.SSLKeyFile
|
||||
if cert == "" || key == "" {
|
||||
loadAndWarn := func(cert, key string, warnMsg string) (*tls.Config, bool, error) {
|
||||
if len(cert) != 0 || len(key) != 0 {
|
||||
if warnMsg != "" {
|
||||
logger.Warn(warnMsg)
|
||||
}
|
||||
tlsConfig, err := loadTLS(cert, key)
|
||||
if err != nil {
|
||||
return nil, false, fmt.Errorf("failed to load TLS config: %w", err)
|
||||
}
|
||||
return tlsConfig, true, nil
|
||||
}
|
||||
return nil, false, nil
|
||||
}
|
||||
|
||||
tlsConfig, err := loadTLS(cert, key)
|
||||
if err != nil {
|
||||
return nil, false, fmt.Errorf("failed to load TLS config: %w", err)
|
||||
// Check deprecated fields
|
||||
tlsConfig, loaded, err := loadAndWarn(
|
||||
gatewayServer.gateway.SSLCertFile,
|
||||
gatewayServer.gateway.SSLKeyFile,
|
||||
"sslCertFile and sslKeyFile are deprecated, please use tlsCertFile and tlsKeyFile instead",
|
||||
)
|
||||
if loaded || err != nil {
|
||||
return tlsConfig, loaded, err
|
||||
}
|
||||
return tlsConfig, true, nil
|
||||
|
||||
// Check new fields
|
||||
return loadAndWarn(
|
||||
gatewayServer.gateway.TlsCertFile,
|
||||
gatewayServer.gateway.TlsKeyFile,
|
||||
"",
|
||||
)
|
||||
}
|
||||
|
||||
// loadTLS loads TLS Certificate
|
||||
|
||||
Reference in New Issue
Block a user