remove os.Getenv() usage

2025-04-19 03:26:57 +00:00 · 2021-12-03 03:34:50 +01:00 · 2021-12-03 03:34:50 +01:00 · 5b81a8b8bc
commit 5b81a8b8bc
parent 35e08d2252
3 changed files with 70 additions and 31 deletions
--- a/cmd/flags.go
+++ b/cmd/flags.go
@ -45,6 +45,7 @@ var ServeFlags = []cli.Flag{
 		Value:   "https://docs.codeberg.org/pages/raw-content/",
 	},

+	// Server
 	&cli.StringFlag{
 		Name:    "host",
 		Usage:   "specifies host of listening address",
@ -57,8 +58,13 @@ var ServeFlags = []cli.Flag{
 		EnvVars: []string{"PORT"},
 		Value:   "443",
 	},
+	&cli.BoolFlag{
+		Name: "enable-http-server",
+		// TODO: desc
+		EnvVars: []string{"ENABLE_HTTP_SERVER"},
+	},

-	// ACME_API
+	// ACME
 	&cli.StringFlag{
 		Name:    "acme-api",
 		EnvVars: []string{"ACME_API"},
@ -69,4 +75,30 @@ var ServeFlags = []cli.Flag{
 		EnvVars: []string{"ACME_EMAIL"},
 		Value:   "noreply@example.email",
 	},
+	&cli.BoolFlag{
+		Name: "acme-use-rate-limits",
+		// TODO: Usage
+		EnvVars: []string{"ACME_USE_RATE_LIMITS"},
+		Value:   true,
+	},
+	&cli.BoolFlag{
+		Name: "acme-accept-terms",
+		// TODO: Usage
+		EnvVars: []string{"ACME_ACCEPT_TERMS"},
+	},
+	&cli.StringFlag{
+		Name: "acme-eab-kid",
+		// TODO: Usage
+		EnvVars: []string{"ACME_EAB_KID"},
+	},
+	&cli.StringFlag{
+		Name: "acme-eab-hmac",
+		// TODO: Usage
+		EnvVars: []string{"ACME_EAB_HMAC"},
+	},
+	&cli.StringFlag{
+		Name: "dns-provider",
+		// TODO: Usage
+		EnvVars: []string{"DNS_PROVIDER"},
+	},
 }
--- a/cmd/main.go
+++ b/cmd/main.go
@ -3,10 +3,10 @@ package cmd
 import (
 	"bytes"
 	"crypto/tls"
+	"errors"
 	"fmt"
 	"net"
 	"net/http"
-	"os"
 	"strings"
 	"time"

@ -37,8 +37,19 @@ func Serve(ctx *cli.Context) error {
 	mainDomainSuffix := []byte(ctx.String("main-domain-suffix"))
 	rawInfoPage := ctx.String("raw-info-page")
 	listeningAddress := fmt.Sprintf("%s:%s", ctx.String("host"), ctx.String("port"))
+	enableHTTPServer := ctx.Bool("enable-http-server")
+
 	acmeAPI := ctx.String("acme-api")
 	acmeMail := ctx.String("acme-email")
+	acmeUseRateLimits := ctx.Bool("acme-use-rate-limits")
+	acmeAcceptTerms := ctx.Bool("acme-accept-terms")
+	acmeEabKID := ctx.String("acme-eab-kid")
+	acmeEabHmac := ctx.String("acme-eab-hmac")
+	dnsProvider := ctx.String("dns-provider")
+	if acmeAcceptTerms || (dnsProvider == "" && acmeAPI != "https://acme.mock.directory") {
+		return errors.New("you must set $ACME_ACCEPT_TERMS and $DNS_PROVIDER, unless $ACME_API is set to https://acme.mock.directory")
+	}
+
 	allowedCorsDomains := AllowedCorsDomains
 	if len(rawDomain) != 0 {
 		allowedCorsDomains = append(allowedCorsDomains, []byte(rawDomain))
@ -72,10 +83,10 @@ func Serve(ctx *cli.Context) error {
 	if err != nil {
 		return fmt.Errorf("couldn't create listener: %s", err)
 	}
-	listener = tls.NewListener(listener, server.TlsConfig(mainDomainSuffix, giteaRoot, giteaAPIToken))
+	listener = tls.NewListener(listener, server.TlsConfig(mainDomainSuffix, giteaRoot, giteaAPIToken, dnsProvider, acmeUseRateLimits))

-	server.SetupCertificates(mainDomainSuffix, acmeAPI, acmeMail)
-	if os.Getenv("ENABLE_HTTP_SERVER") == "true" {
+	server.SetupCertificates(mainDomainSuffix, acmeAPI, acmeMail, acmeEabHmac, acmeEabKID, dnsProvider, acmeUseRateLimits, acmeAcceptTerms, enableHTTPServer)
+	if enableHTTPServer {
 		go (func() {
 			challengePath := []byte("/.well-known/acme-challenge/")
 			err := fasthttp.ListenAndServe("[::]:80", func(ctx *fasthttp.RequestCtx) {