sendnrw/netbird
2
0
Fork 0
mirror of https://github.com/netbirdio/netbird.git synced 2026-04-26 12:16:39 +00:00
Code Issues Packages Projects Releases Wiki Activity

Fix ssl configuration

Browse Source
This commit is contained in:
Zoltán Papp
2024-07-01 11:50:18 +02:00
parent ed82ef7fe4
commit d3785dc1fa
7 changed files with 164 additions and 89 deletions
Download Patch File Download Diff File Expand all files Collapse all files

36
relay/cmd/main.go
View File

@@ -1,6 +1,8 @@
package main
import (
"crypto/tls"
"fmt"
"os"
"os/signal"
"syscall"
@@ -8,12 +10,15 @@ import (
log "github.com/sirupsen/logrus"
"github.com/spf13/cobra"
"github.com/netbirdio/netbird/encryption"
"github.com/netbirdio/netbird/relay/server"
"github.com/netbirdio/netbird/util"
)
var (
listenAddress string
listenAddress string
letsencryptDataDir string
letsencryptDomain string
rootCmd = &cobra.Command{
Use: "relay",
@@ -26,7 +31,8 @@ var (
func init() {
_ = util.InitLog("trace", "console")
rootCmd.PersistentFlags().StringVarP(&listenAddress, "listen-address", "l", ":1235", "listen address")
rootCmd.PersistentFlags().StringVarP(&letsencryptDataDir, "letsencrypt-data-dir", "d", "", "a directory to store Let's Encrypt data. Required if Let's Encrypt is enabled.")
rootCmd.PersistentFlags().StringVarP(&letsencryptDomain, "letsencrypt-domain", "a", "", "a domain to issue Let's Encrypt certificate for. Enables TLS using Let's Encrypt. Will fetch and renew certificate, and run the server with TLS")
}
func waitForExitSignal() {
@@ -36,8 +42,20 @@ func waitForExitSignal() {
}
func execute(cmd *cobra.Command, args []string) {
srvCfg := server.Config{
Address: listenAddress,
}
if hasLetsEncrypt() {
tlscfg, err := setupTLS()
if err != nil {
log.Errorf("%s", err)
os.Exit(1)
}
srvCfg.TLSConfig = tlscfg
}
srv := server.NewServer()
err := srv.Listen(listenAddress)
err := srv.Listen(srvCfg)
if err != nil {
log.Errorf("failed to bind server: %s", err)
os.Exit(1)
@@ -52,6 +70,18 @@ func execute(cmd *cobra.Command, args []string) {
}
}
func hasLetsEncrypt() bool {
return letsencryptDataDir != "" && letsencryptDomain != ""
}
func setupTLS() (*tls.Config, error) {
certManager, err := encryption.CreateCertManager(letsencryptDataDir, letsencryptDomain)
if err != nil {
return nil, fmt.Errorf("failed creating LetsEncrypt cert manager: %v", err)
}
return certManager.TLSConfig(), nil
}
func main() {
err := rootCmd.Execute()
if err != nil {