Start work on auto tls

NHAS · Nov 25, 2024 · 8563ec4 · 8563ec4
1 parent 889d741
commit 8563ec4
Show file tree

Hide file tree

Showing 19 changed files with 425 additions and 392 deletions.
diff --git a/adminui/ui_webserver.go b/adminui/ui_webserver.go
@@ -88,9 +88,9 @@ func New(firewall *router.Firewall, errs chan<- error) (ui *AdminUI, err error)
 			rp.WithVerifierOpts(rp.WithIssuedAtOffset(5 * time.Second)),
 		}
 
-		u, err := url.Parse(config.Values.ManagementUI.OIDC.AdminDomainURL)
+		u, err := url.Parse(config.Values.ManagementUI.Domain)
 		if err != nil {
-			return nil, fmt.Errorf("failed to parse admin url: %q, err: %s", config.Values.ManagementUI.OIDC.AdminDomainURL, err)
+			return nil, fmt.Errorf("failed to parse admin url: %q, err: %s", config.Values.ManagementUI.Domain, err)
 		}
 
 		u.Path = path.Join(u.Path, "/login/oidc/callback")
@@ -296,7 +296,7 @@ func New(firewall *router.Firewall, errs chan<- error) (ui *AdminUI, err error)
 			http.NotFound(w, r)
 		})
 
-		if config.Values.ManagementUI.SupportsTLS() {
+		if data.SupportsTLS(data.ManagementUI) {
 
 			go func() {
 
@@ -309,7 +309,7 @@ func New(firewall *router.Firewall, errs chan<- error) (ui *AdminUI, err error)
 					Handler:      utils.SetSecurityHeaders(allRoutes),
 				}
 
-				if err := adminUI.https.ListenAndServeTLS(config.Values.ManagementUI.CertPath, config.Values.ManagementUI.KeyPath); err != nil && !errors.Is(err, http.ErrServerClosed) {
+				if err := adminUI.https.ListenAndServeTLS("", ""); err != nil && !errors.Is(err, http.ErrServerClosed) {
 					errs <- fmt.Errorf("TLS management listener failed: %v", err)
 				}
 

diff --git a/commands/gen-config.go b/commands/gen-config.go
diff --git a/go.mod b/go.mod
@@ -11,6 +11,7 @@ require (
 	github.com/boombuler/barcode v1.0.2
 	github.com/coreos/go-iptables v0.8.0
 	github.com/gaissmai/bart v0.13.1
+	github.com/go-acme/lego/v4 v4.20.4
 	github.com/go-playground/validator/v10 v10.22.1
 	github.com/gorilla/websocket v1.5.3
 	github.com/mattn/go-sqlite3 v1.14.24
@@ -36,6 +37,7 @@ require (
 	github.com/bits-and-blooms/bitset v1.15.0 // indirect
 	github.com/cenkalti/backoff/v4 v4.3.0 // indirect
 	github.com/cespare/xxhash/v2 v2.3.0 // indirect
+	github.com/cloudflare/cloudflare-go v0.108.0 // indirect
 	github.com/coreos/go-semver v0.3.1 // indirect
 	github.com/coreos/go-systemd/v22 v22.5.0 // indirect
 	github.com/dustin/go-humanize v1.0.1 // indirect
@@ -47,12 +49,14 @@ require (
 	github.com/go-playground/locales v0.14.1 // indirect
 	github.com/go-playground/universal-translator v0.18.1 // indirect
 	github.com/go-webauthn/x v0.1.15 // indirect
+	github.com/goccy/go-json v0.10.3 // indirect
 	github.com/gogo/protobuf v1.3.2 // indirect
 	github.com/golang-jwt/jwt/v4 v4.5.1 // indirect
 	github.com/golang-jwt/jwt/v5 v5.2.1 // indirect
 	github.com/golang/protobuf v1.5.4 // indirect
 	github.com/google/btree v1.1.3 // indirect
 	github.com/google/go-cmp v0.6.0 // indirect
+	github.com/google/go-querystring v1.1.0 // indirect
 	github.com/google/go-tpm v0.9.1 // indirect
 	github.com/google/uuid v1.6.0 // indirect
 	github.com/gorilla/securecookie v1.1.2 // indirect
@@ -67,6 +71,7 @@ require (
 	github.com/leodido/go-urn v1.4.0 // indirect
 	github.com/mdlayher/genetlink v1.3.2 // indirect
 	github.com/mdlayher/socket v0.5.1 // indirect
+	github.com/miekg/dns v1.1.62 // indirect
 	github.com/mitchellh/mapstructure v1.5.0 // indirect
 	github.com/modern-go/concurrent v0.0.0-20180306012644-bacd9c7ef1dd // indirect
 	github.com/modern-go/reflect2 v1.0.2 // indirect
@@ -98,10 +103,12 @@ require (
 	go.opentelemetry.io/proto/otlp v1.3.1 // indirect
 	go.uber.org/multierr v1.11.0 // indirect
 	go.uber.org/zap v1.27.0 // indirect
+	golang.org/x/mod v0.22.0 // indirect
 	golang.org/x/oauth2 v0.24.0 // indirect
 	golang.org/x/sync v0.9.0 // indirect
 	golang.org/x/text v0.20.0 // indirect
 	golang.org/x/time v0.8.0 // indirect
+	golang.org/x/tools v0.27.0 // indirect
 	golang.zx2c4.com/wintun v0.0.0-20230126152724-0fa3db229ce2 // indirect
 	google.golang.org/genproto v0.0.0-20241113202542-65e8d215514f // indirect
 	google.golang.org/genproto/googleapis/api v0.0.0-20241113202542-65e8d215514f // indirect