v1.65.0 Latest Latest

This package is not in the latest version of its module.

Go to latest
Published: Oct 24, 2023 License: AGPL-3.0 Imports: 30 Imported by: 0




View Source
const (
	// DefaultShutdownTimeout is the default ShutdownTimeout (see Config).
	DefaultShutdownTimeout = time.Second * 10


This section is empty.


func BaseTLSConfig

func BaseTLSConfig() *tls.Config

BaseTLSConfig returns a tls.Config with some good default settings for security.


type CertMagicOnDemandDecisionFunc added in v1.45.0

type CertMagicOnDemandDecisionFunc func(name string) error

CertMagicOnDemandDecisionFunc is a concrete type for OnDemandConfig.DecisionFunc in the certmagic package.

type Config

type Config struct {
	// Name is the name of the server. It is only used for logging. It can
	// be empty.
	Name string

	// Address is the address to bind the server to. It must be set.
	Address string

	// AddressTLS is the address to bind the https server to. It must be set, but is not used if TLS is not configured.
	AddressTLS string

	// Whether requests and responses are logged or not. Sometimes you might provide your own logging middleware instead.
	TrafficLogging bool

	// TLSConfig is the TLS configuration for the server. It is optional.
	TLSConfig *TLSConfig

	// ShutdownTimeout controls how long to wait for requests to finish before
	// returning from Run() after the context is canceled. It defaults to
	// 10 seconds if unset. If set to a negative value, the server will be
	// closed immediately.
	ShutdownTimeout time.Duration

	// StartupCheckConfig configures a startup check that must pass in order for
	// servers to start listening.
	StartupCheckConfig StartupCheckConfig

Config holds the HTTP server configuration.

type Server

type Server struct {
	// contains filtered or unexported fields

Server is the HTTP server.

architecture: Endpoint

func New

func New(log *zap.Logger, handler http.Handler, decisionFunc CertMagicOnDemandDecisionFunc, config Config) (*Server, error)

New creates a new URL Service Server.

func (*Server) Addr

func (server *Server) Addr() string

Addr returns the public address.

func (*Server) AddrTLS

func (server *Server) AddrTLS() string

AddrTLS returns the public TLS address.

func (*Server) Run

func (server *Server) Run(ctx context.Context) (err error)

Run runs the server.

func (*Server) Shutdown

func (server *Server) Shutdown() (err error)

Shutdown gracefully shuts the server down, with a given timeout. If timeout is less than 0, all connections are closed immediately instead of waiting.

type StartupCheckConfig added in v1.52.0

type StartupCheckConfig struct {
	Enabled    bool
	Satellites []string
	Timeout    time.Duration

StartupCheckConfig provides startup check configuration.

type TLSConfig

type TLSConfig struct {
	// CertMagic obtains and renews TLS certificates and staples OCSP responses
	// Setting this to true will mean the server obtains certificate through Certmagic
	// and no other config such as CertDir, or CertFile will be considered.
	CertMagic bool

	// CertMagicKeyFile is a path to a file containing the CertMagic service account key.
	CertMagicKeyFile string

	// CertMagicDNSChallengeWithGCloudDNS is whether to disable HTTP and TLS
	// ALPN challenges and perform the DNS challenge with Google Cloud DNS (no
	// other providers are supported at the moment).
	CertMagicDNSChallengeWithGCloudDNS bool

	// CertMagicDNSChallengeWithGCloudDNSProject is the project where the Google
	// Cloud DNS zone exists.
	CertMagicDNSChallengeWithGCloudDNSProject string

	// Domain to set the TXT record on, to delegate the challenge to a different
	// domain.
	CertMagicDNSChallengeOverrideDomain string

	// CertMagicEmail is the email address to use when creating an ACME account
	CertMagicEmail string

	// CertMagicTestIssuer is optional configuration to set a testing ACME issuer.
	// If configured, this will be the only issuer used.
	CertMagicTestIssuer *TestIssuerConfig

	// CertMagicStaging use staging CA endpoints
	CertMagicStaging bool

	// CertMagicBucket bucket to use for certstorage
	CertMagicBucket string

	// TierServiceIdentity is the tier querying service identity config
	TierServiceIdentity identity.Config

	// TierCacheExpiration is the expiration time for the tier querying service cache
	TierCacheExpiration time.Duration

	// TierCacheCapacity is the tier querying service cache size
	TierCacheCapacity int

	// SkipPaidTierAllowlist is a list of domain names to which bypass paid tier queries.
	// If any one value is set to "*" then the paid tier checking is disabled entirely.
	SkipPaidTierAllowlist []string

	// CertMagicPublicURLs is a list of URLs to always issue certificates for.
	// Typically, these are URLs that the service will be mainly reached
	// through, like or *, etc.
	CertMagicPublicURLs []string

	// ConfigDir is a path for storing certificate cache data for Let's Encrypt.
	ConfigDir string

	// CertDir provides a path containing one or more certificates that should
	// be loaded. Certs and key files must have the same filename so they can be
	// paired, e.g. mycert.key, and mycert.crt. This config setting is mutually
	// exclusive from CertFile and KeyFile.
	CertDir string

	// CertFile is a path to a file containing a corresponding cert for KeyFile.
	CertFile string

	// KeyFile is a path to a file containing a corresponding key for CertFile.
	KeyFile string

	// Ctx context for the oauth2 package which gcslock and gcsops use.
	// oauth2 stores the context passed into its constructors.
	Ctx context.Context

TLSConfig is a struct to handle the preferred/configured TLS options.

type TestIssuerConfig added in v1.51.0

type TestIssuerConfig struct {
	// CA is the address to the test ACME issuer.
	CA string

	// CertificatePath is a filesystem path to the CA issuer certificate.
	CertificatePath string

	// Resolver is an address to a preferred DNS resolver. If not given, it
	// defaults to the system resolver.
	Resolver string

TestIssuerConfig is configuration to a test ACME server, which if defined will issue certs from that instead of any other issuers.

Jump to

Keyboard shortcuts

? : This menu
/ : Search site
f or F : Jump to
y or Y : Canonical URL