openidec

Unnamed repository; edit this file 'description' to name the repository.
Log | Files | Refs | README | LICENSE

main.go (1283B)

      1 // some code taken from https://github.com/yi-jiayu/secure
      2 // secure is a super simple TLS termination proxy
      3 package main
      4 
      5 import (
      6 	"flag"
      7 	"fmt"
      8 	"log"
      9 	"net/http"
     10 	"net/http/httputil"
     11 	"net/url"
     12 	"os"
     13 	"path/filepath"
     14 
     15 	"golang.org/x/crypto/acme/autocert"
     16 )
     17 
     18 var (
     19 	upstream string
     20 	addr     string
     21 )
     22 
     23 func init() {
     24 	flag.StringVar(&addr, "addr", ":443", "listen address")
     25 
     26 	flag.Usage = func() {
     27 		fmt.Fprintf(flag.CommandLine.Output(),
     28 			"usage: %s [-addr host:port] upstream\n",
     29 			filepath.Base(os.Args[0]))
     30 		flag.PrintDefaults()
     31 		fmt.Fprintln(flag.CommandLine.Output(), "  upstream string\n    \tupstream url")
     32 	}
     33 }
     34 
     35 func main() {
     36 	flag.Parse()
     37 
     38 	if flag.NArg() == 1 {
     39 		upstream = flag.Arg(0)
     40 	} else {
     41 		flag.Usage()
     42 		os.Exit(2)
     43 	}
     44 
     45 	u, err := url.Parse(upstream)
     46 	if err != nil {
     47 		fmt.Printf("invalid upstream address: %s", err)
     48 		os.Exit(1)
     49 	}
     50 
     51 	rp := httputil.NewSingleHostReverseProxy(u)
     52 
     53 	certManager := autocert.Manager{
     54 		Prompt: autocert.AcceptTOS,
     55 		Cache:  autocert.DirCache("certs"),
     56 	}
     57 
     58 	tlsConfig := certManager.TLSConfig()
     59 	srv := http.Server{
     60 		Handler:   rp,
     61 		TLSConfig: tlsConfig,
     62 		Addr:      addr,
     63 	}
     64 
     65 	log.Printf("listen-addr=%s upstream-url=%s", srv.Addr, u.String())
     66 
     67 	if err := srv.ListenAndServeTLS("", ""); err != nil {
     68 		log.Fatal(err)
     69 	}
     70 }