mirror of
https://codeberg.org/Codeberg/pages-server.git
synced 2025-04-24 22:06:57 +00:00
77 lines
2.2 KiB
Go
77 lines
2.2 KiB
Go
package cmd
|
|
|
|
import (
|
|
"errors"
|
|
"fmt"
|
|
|
|
"github.com/rs/zerolog/log"
|
|
"github.com/urfave/cli/v2"
|
|
|
|
"codeberg.org/codeberg/pages/server/cache"
|
|
"codeberg.org/codeberg/pages/server/certificates"
|
|
"codeberg.org/codeberg/pages/server/database"
|
|
)
|
|
|
|
var ErrAcmeMissConfig = errors.New("ACME client has wrong config")
|
|
|
|
func openCertDB(ctx *cli.Context) (certDB database.CertDB, closeFn func(), err error) {
|
|
if ctx.String("db-type") != "" {
|
|
log.Trace().Msg("use xorm mode")
|
|
certDB, err = database.NewXormDB(ctx.String("db-type"), ctx.String("db-conn"))
|
|
if err != nil {
|
|
return nil, nil, fmt.Errorf("could not connect to database: %w", err)
|
|
}
|
|
} else {
|
|
// TODO: remove in next version
|
|
fmt.Println(`
|
|
######################
|
|
## W A R N I N G !!! #
|
|
######################
|
|
|
|
You use "pogreb" witch is deprecated and will be removed in the next version.
|
|
Please switch to sqlite, mysql or postgres !!!
|
|
|
|
The simplest way is, to use './pages certs migrate' and set environment var DB_TYPE to 'sqlite' on next start.`)
|
|
log.Error().Msg("depricated \"pogreb\" used\n")
|
|
|
|
certDB, err = database.NewPogreb(ctx.String("db-pogreb"))
|
|
if err != nil {
|
|
return nil, nil, fmt.Errorf("could not create database: %w", err)
|
|
}
|
|
}
|
|
|
|
closeFn = func() {
|
|
if err := certDB.Close(); err != nil {
|
|
log.Error().Err(err)
|
|
}
|
|
}
|
|
|
|
return certDB, closeFn, nil
|
|
}
|
|
|
|
func createAcmeClient(ctx *cli.Context, enableHTTPServer bool, challengeCache cache.SetGetKey) (*certificates.AcmeClient, error) {
|
|
acmeAPI := ctx.String("acme-api-endpoint")
|
|
acmeMail := ctx.String("acme-email")
|
|
acmeEabHmac := ctx.String("acme-eab-hmac")
|
|
acmeEabKID := ctx.String("acme-eab-kid")
|
|
acmeAcceptTerms := ctx.Bool("acme-accept-terms")
|
|
dnsProvider := ctx.String("dns-provider")
|
|
acmeUseRateLimits := ctx.Bool("acme-use-rate-limits")
|
|
|
|
// check config
|
|
if (!acmeAcceptTerms || dnsProvider == "") && acmeAPI != "https://acme.mock.directory" {
|
|
return nil, fmt.Errorf("%w: you must set $ACME_ACCEPT_TERMS and $DNS_PROVIDER, unless $ACME_API is set to https://acme.mock.directory", ErrAcmeMissConfig)
|
|
}
|
|
|
|
return certificates.NewAcmeClient(
|
|
acmeAPI,
|
|
acmeMail,
|
|
acmeEabHmac,
|
|
acmeEabKID,
|
|
dnsProvider,
|
|
acmeAcceptTerms,
|
|
enableHTTPServer,
|
|
acmeUseRateLimits,
|
|
challengeCache,
|
|
)
|
|
}
|