1
0
mirror of https://github.com/go-acme/lego.git synced 2024-12-25 11:02:56 +02:00

Make CertResources json savable. Fix cli_handlers to use it.

This commit is contained in:
xenolf 2015-10-19 00:40:59 +02:00
parent dc4125d3cf
commit 29a27ba807
2 changed files with 45 additions and 34 deletions

View File

@ -84,9 +84,9 @@ type revokeCertMessage struct {
// PrivateKey and Certificate are both already PEM encoded
// and can be directly written to disk.
type CertificateResource struct {
Domain string
CertURL string
CertStableURL string
PrivateKey []byte
Certificate []byte
Domain string `json:"domain"`
CertURL string `json:"certUrl"`
CertStableURL string `json:"certStableUrl"`
PrivateKey []byte `json:"-"`
Certificate []byte `json:"-"`
}

View File

@ -2,6 +2,7 @@ package main
import (
"bufio"
"encoding/json"
"io/ioutil"
"os"
"path"
@ -18,21 +19,53 @@ func checkFolder(path string) error {
return nil
}
func run(c *cli.Context) {
func setup(c *cli.Context) (*Configuration, *Account, *acme.Client) {
err := checkFolder(c.GlobalString("path"))
if err != nil {
logger().Fatalf("Cound not check/create path: %v", err)
}
conf := NewConfiguration(c)
//TODO: move to account struct? Currently MUST pass email.
if !c.GlobalIsSet("email") {
logger().Fatal("You have to pass an account (email address) to the program using --email or -m")
}
//TODO: move to account struct? Currently MUST pass email.
acc := NewAccount(c.GlobalString("email"), conf)
client := acme.NewClient(c.GlobalString("server"), acc, conf.RsaBits(), conf.OptPort(), c.GlobalBool("devMode"))
return conf, acc, acme.NewClient(c.GlobalString("server"), acc, conf.RsaBits(), conf.OptPort(), c.GlobalBool("devMode"))
}
func saveCertRes(certRes *acme.CertificateResource, conf *Configuration) {
// We store the certificate, private key and metadata in different files
// as web servers would not be able to work with a combined file.
certOut := path.Join(conf.CertPath(), certRes.Domain+".crt")
privOut := path.Join(conf.CertPath(), certRes.Domain+".key")
metaOut := path.Join(conf.CertPath(), certRes.Domain+".json")
err := ioutil.WriteFile(certOut, certRes.Certificate, 0600)
if err != nil {
logger().Printf("Unable to save Certificate for domain %s\n\t%v", certRes.Domain, err)
}
err = ioutil.WriteFile(privOut, certRes.PrivateKey, 0600)
if err != nil {
logger().Printf("Unable to save PrivateKey for domain %s\n\t%v", certRes.Domain, err)
}
jsonBytes, err := json.MarshalIndent(certRes, "", "\t")
if err != nil {
logger().Printf("Unable to marshal CertResource for domain %s\n\t%v", certRes.Domain, err)
}
err = ioutil.WriteFile(metaOut, jsonBytes, 0600)
if err != nil {
logger().Printf("Unable to save CertResource for domain %s\n\t%v", certRes.Domain, err)
}
}
func run(c *cli.Context) {
conf, acc, client := setup(c)
if acc.Registration == nil {
reg, err := client.Register()
if err != nil {
@ -98,37 +131,15 @@ func run(c *cli.Context) {
}
for _, certRes := range certs {
certOut := path.Join(conf.CertPath(), certRes.Domain+".crt")
privOut := path.Join(conf.CertPath(), certRes.Domain+".key")
err = ioutil.WriteFile(certOut, certRes.Certificate, 0600)
if err != nil {
logger().Printf("Unable to save Certificate for domain %s\n\t%v", certRes.Domain, err)
}
err = ioutil.WriteFile(privOut, certRes.PrivateKey, 0600)
if err != nil {
logger().Printf("Unable to save PrivateKey for domain %s\n\t%v", certRes.Domain, err)
}
saveCertRes(&certRes, conf)
}
}
func revoke(c *cli.Context) {
err := checkFolder(c.GlobalString("path"))
if err != nil {
logger().Fatalf("Cound not check/create path: %v", err)
}
conf := NewConfiguration(c)
if !c.GlobalIsSet("email") {
logger().Fatal("You have to pass an account (email address) to the program using --email or -m")
}
conf, _, client := setup(c)
acc := NewAccount(c.GlobalString("email"), conf)
client := acme.NewClient(c.GlobalString("server"), acc, conf.RsaBits(), conf.OptPort(), c.GlobalBool("devMode"))
err = checkFolder(conf.CertPath())
err := checkFolder(conf.CertPath())
if err != nil {
logger().Fatalf("Cound not check/create path: %v", err)
}