Remove dead code, tidy up

certs/deployer.go

@@ -1,108 +0,0 @@
-package certs
-
-import (
-	"github.com/csmith/dotege/model"
-	"go.uber.org/zap"
-	"io/ioutil"
-	"os"
-	"path"
-	"time"
-)
-
-// CertificateDeployer deploys certificates according to their configuration.
-type CertificateDeployer struct {
-	logger        *zap.SugaredLogger
-	certChannel   <-chan model.FoundCertificate
-	deployChannel chan bool
-	certs         map[string]model.FoundCertificate
-	hostnames     map[string]*model.Hostname
-}
-
-// NewCertificateDeployer creates a new CertificateDeployer.
-func NewCertificateDeployer(logger *zap.SugaredLogger, channel <-chan model.FoundCertificate) *CertificateDeployer {
-	deployer := &CertificateDeployer{
-		logger:        logger,
-		certChannel:   channel,
-		deployChannel: make(chan bool, 1),
-		certs:         make(map[string]model.FoundCertificate),
-	}
-
-	go deployer.monitor()
-	go deployer.deployAll()
-
-	return deployer
-}
-
-func (c *CertificateDeployer) monitor() {
-	for {
-		select {
-		case cert := <-c.certChannel:
-			c.certs[cert.Hostname] = cert
-			c.deployChannel <- true
-		}
-	}
-}
-
-func (c *CertificateDeployer) deployAll() {
-	for {
-		select {
-		case <-c.deployChannel:
-			c.logger.Debug("Checking for certificates requiring deployment")
-			for _, hostname := range c.hostnames {
-				if cert, ok := c.certs[hostname.Name]; ok {
-					c.deploySingle(cert, hostname)
-				} else {
-					c.logger.Warnf("No certificate found for %s", hostname.Name)
-				}
-			}
-		}
-	}
-}
-
-func (c *CertificateDeployer) deploySingle(cert model.FoundCertificate, hostname *model.Hostname) {
-	if (hostname.CertActions & model.COMBINE) == model.COMBINE {
-		chain := c.readFile(cert.FullChain)
-		pkey := c.readFile(cert.PrivateKey)
-		c.deployFile("combined.pem", append(chain, pkey...), cert.ModTime, hostname)
-	} else {
-		c.deployFile("cert.pem", c.readFile(cert.Cert), cert.ModTime, hostname)
-		c.deployFile("chain.pem", c.readFile(cert.Chain), cert.ModTime, hostname)
-		c.deployFile("fullchain.pem", c.readFile(cert.FullChain), cert.ModTime, hostname)
-		c.deployFile("privkey.pem", c.readFile(cert.PrivateKey), cert.ModTime, hostname)
-	}
-}
-
-func (c *CertificateDeployer) deployFile(name string, content []byte, modTime time.Time, hostname *model.Hostname) {
-	var target string
-	if (hostname.CertActions & model.FLATTEN) == model.FLATTEN {
-		target = path.Join(hostname.CertDestination, hostname.Name+".pem")
-	} else {
-		target = path.Join(hostname.CertDestination, hostname.Name, name)
-	}
-
-	info, err := os.Stat(target)
-	if err == nil && info.ModTime().After(modTime) {
-		c.logger.Debugf("Not writing %s as it was modified more recently than our cert", target)
-		return
-	}
-
-	err = ioutil.WriteFile(target, content, 0700)
-	if err != nil {
-		c.logger.Warnf("Unable to write certificate %s - %s", target, err.Error())
-	} else {
-		c.logger.Infof("Updated certificate file %s", target)
-	}
-}
-
-func (c *CertificateDeployer) readFile(name string) []byte {
-	data, err := ioutil.ReadFile(name)
-	if err != nil {
-		c.logger.Errorf("Unable to read certificate file %s - %s", name, err.Error())
-	}
-	return data
-}
-
-func (c *CertificateDeployer) UpdateHostnames(hostnames map[string]*model.Hostname) {
-	c.hostnames = hostnames
-	c.deployChannel <- true
-}

certs/monitor.go

@@ -1,107 +0,0 @@
-package certs
-
-import (
-	"github.com/csmith/dotege/model"
-	"go.uber.org/zap"
-	"io/ioutil"
-	"path"
-	"strings"
-)
-
-// CertificateMonitor handles scanning for new/updated certificates
-type CertificateMonitor struct {
-	logger      *zap.SugaredLogger
-	channel     chan<- model.FoundCertificate
-	directories []string
-	certs       map[string]*model.FoundCertificate
-}
-
-// NewCertificateManager creates a new CertificateMonitor.
-func NewCertificateManager(logger *zap.SugaredLogger, channel chan<- model.FoundCertificate) *CertificateMonitor {
-	return &CertificateMonitor{
-		logger:  logger,
-		channel: channel,
-		certs:   make(map[string]*model.FoundCertificate),
-	}
-}
-
-// AddDirectory adds a new directory to monitor
-func (c *CertificateMonitor) AddDirectory(directory string) {
-	c.logger.Infof("Adding certificate directory %s", directory)
-	c.directories = append(c.directories, directory)
-	go c.scanForFolders(directory)
-}
-
-func (c *CertificateMonitor) scanForFolders(dir string) {
-	c.logger.Debugf("Scanning folder %s for certificates", dir)
-	dirs, err := ioutil.ReadDir(dir)
-	if err != nil {
-		c.logger.Errorf("Unable to read directory %s - %s", dir, err.Error())
-		return
-	}
-
-	for _, d := range dirs {
-		if d.IsDir() {
-			c.scanForCerts(d.Name(), path.Join(dir, d.Name()))
-		}
-	}
-}
-
-func (c *CertificateMonitor) scanForCerts(vhost string, dir string) {
-	c.logger.Debugf("Scanning folder %s for certificates", dir)
-	files, err := ioutil.ReadDir(dir)
-	if err != nil {
-		c.logger.Errorf("Unable to read directory %s - %s", dir, err.Error())
-		return
-	}
-
-	cert := model.FoundCertificate{
-		Hostname: vhost,
-	}
-	for _, f := range files {
-		ext := path.Ext(f.Name())
-		base := path.Base(f.Name())
-		base = base[:len(base)-len(ext)]
-		if ext == ".pem" {
-			prefix := strings.Split(base, "-")[0]
-			added := maybeAddPart(&cert, prefix, path.Join(dir, f.Name()))
-			if added && f.ModTime().After(cert.ModTime) {
-				cert.ModTime = f.ModTime()
-			}
-		}
-	}
-
-	c.maybeAddCert(vhost, cert)
-}
-
-func maybeAddPart(cert *model.FoundCertificate, part string, path string) bool {
-	switch part {
-	case "cert":
-		cert.Cert = path
-	case "chain":
-		cert.Chain = path
-	case "fullchain":
-		cert.FullChain = path
-	case "privkey":
-		cert.PrivateKey = path
-	default:
-		return false
-	}
-	return true
-}
-
-func (c *CertificateMonitor) maybeAddCert(vhost string, cert model.FoundCertificate) {
-	if len(cert.Cert) > 0 && len(cert.Chain) > 0 && len(cert.FullChain) > 0 && len(cert.PrivateKey) > 0 {
-		if existing, ok := c.certs[vhost]; ok {
-			if cert.ModTime.After(existing.ModTime) {
-				c.logger.Debugf("Found newer certificate files for %s in %s", vhost, path.Dir(cert.Cert))
-				c.certs[vhost] = &cert
-				c.channel <- cert
-			}
-		} else {
-			c.logger.Debugf("Found new certificate files for %s in %s", vhost, path.Dir(cert.Cert))
-			c.certs[vhost] = &cert
-			c.channel <- cert
-		}
-	}
-}

config.go

@@ -0,0 +1,118 @@
+package main
+
+import (
+	"fmt"
+	"github.com/xenolf/lego/certcrypto"
+	"github.com/xenolf/lego/lego"
+	"os"
+)
+
+const (
+	envCertDestinationKey         = "DOTEGE_CERT_DESTINATION"
+	envCertDestinationDefault     = "/data/certs/"
+	envDnsProviderKey             = "DOTEGE_DNS_PROVIDER"
+	envAcmeEmailKey               = "DOTEGE_ACME_EMAIL"
+	envAcmeEndpointKey            = "DOTEGE_ACME_ENDPOINT"
+	envAcmeKeyTypeKey             = "DOTEGE_ACME_KEY_TYPE"
+	envAcmeKeyTypeDefault         = "P384"
+	envAcmeCacheLocationKey       = "DOTEGE_ACME_CACHE_FILE"
+	envAcmeCacheLocationDefault   = "/data/config/certs.json"
+	envSignalContainerKey         = "DOTEGE_SIGNAL_CONTAINER"
+	envSignalContainerDefault     = ""
+	envSignalTypeKey              = "DOTEGE_SIGNAL_TYPE"
+	envSignalTypeDefault          = "HUP"
+	envTemplateDestinationKey     = "DOTEGE_TEMPLATE_DESTINATION"
+	envTemplateDestinationDefault = "/data/output/haproxy.cfg"
+	envTemplateSourceKey          = "DOTEGE_TEMPLATE_SOURCE"
+	envTemplateSourceDefault      = "./templates/haproxy.cfg.tpl"
+)
+
+// Config is the user-definable configuration for Dotege.
+type Config struct {
+	Templates              []TemplateConfig
+	Signals                []ContainerSignal
+	Labels                 LabelConfig
+	DefaultCertDestination string
+	Acme                   AcmeConfig
+}
+
+// TemplateConfig configures a single template for the generator.
+type TemplateConfig struct {
+	Source      string
+	Destination string
+}
+
+// ContainerSignal describes a container that should be sent a signal when the config/certs change.
+type ContainerSignal struct {
+	Name   string
+	Signal string
+}
+
+// LabelConfig describes the labels used for various properties.
+type LabelConfig struct {
+	Hostnames   string
+	RequireAuth string
+}
+
+// AcmeConfig describes the configuration to use for getting certs using ACME.
+type AcmeConfig struct {
+	Email         string
+	DnsProvider   string
+	Endpoint      string
+	KeyType       certcrypto.KeyType
+	CacheLocation string
+}
+
+func requiredVar(key string) (value string) {
+	value, ok := os.LookupEnv(key)
+	if !ok {
+		panic(fmt.Errorf("required environmental variable not defined: %s", key))
+	}
+	return
+}
+
+func optionalVar(key string, fallback string) (value string) {
+	value, ok := os.LookupEnv(key)
+	if !ok {
+		value = fallback
+	}
+	return
+}
+
+func createSignalConfig() []ContainerSignal {
+	name := optionalVar(envSignalContainerKey, envSignalContainerDefault)
+	if name == envSignalContainerDefault {
+		return []ContainerSignal{}
+	} else {
+		return []ContainerSignal{
+			{
+				Name:   name,
+				Signal: optionalVar(envSignalTypeKey, envSignalTypeDefault),
+			},
+		}
+	}
+}
+
+func createConfig() *Config {
+	return &Config{
+		Templates: []TemplateConfig{
+			{
+				Source:      optionalVar(envTemplateSourceKey, envTemplateSourceDefault),
+				Destination: optionalVar(envTemplateDestinationKey, envTemplateDestinationDefault),
+			},
+		},
+		Labels: LabelConfig{
+			Hostnames:   "com.chameth.vhost",
+			RequireAuth: "com.chameth.auth",
+		},
+		Acme: AcmeConfig{
+			DnsProvider:   requiredVar(envDnsProviderKey),
+			Email:         requiredVar(envAcmeEmailKey),
+			Endpoint:      optionalVar(envAcmeEndpointKey, lego.LEDirectoryProduction),
+			KeyType:       certcrypto.KeyType(optionalVar(envAcmeKeyTypeKey, envAcmeKeyTypeDefault)),
+			CacheLocation: optionalVar(envAcmeCacheLocationKey, envAcmeCacheLocationDefault),
+		},
+		Signals:                createSignalConfig(),
+		DefaultCertDestination: optionalVar(envCertDestinationKey, envCertDestinationDefault),
+	}
+}

docker.go

@@ -2,7 +2,6 @@ package main
 
 import (
 	"fmt"
-	"github.com/csmith/dotege/model"
 	"github.com/docker/docker/api/types"
 	"github.com/docker/docker/api/types/events"
 	"github.com/docker/docker/api/types/filters"
@@ -15,7 +14,7 @@ type DockerClient interface {
 	ContainerInspect(ctx context.Context, containerID string) (types.ContainerJSON, error)
 }
 
-func monitorContainers(client DockerClient, stop <-chan struct{}, addedFn func(*model.Container), removedFn func(string)) error {
+func monitorContainers(client DockerClient, stop <-chan struct{}, addedFn func(*Container), removedFn func(string)) error {
 	ctx, cancel := context.WithCancel(context.Background())
 	stream, errors := startEventStream(client, ctx)
 
@@ -57,14 +56,14 @@ func startEventStream(client DockerClient, ctx context.Context) (<-chan events.M
 	return client.Events(ctx, types.EventsOptions{Filters: args})
 }
 
-func publishExistingContainers(client DockerClient, ctx context.Context, addedFn func(*model.Container)) error {
+func publishExistingContainers(client DockerClient, ctx context.Context, addedFn func(*Container)) error {
 	containers, err := client.ContainerList(ctx, types.ContainerListOptions{})
 	if err != nil {
 		return fmt.Errorf("unable to list containers: %s", err.Error())
 	}
 
 	for _, container := range containers {
-		addedFn(&model.Container{
+		addedFn(&Container{
 			Id:     container.ID,
 			Name:   container.Names[0][1:],
 			Labels: container.Labels,
@@ -73,13 +72,13 @@ func publishExistingContainers(client DockerClient, ctx context.Context, addedFn
 	return nil
 }
 
-func inspectContainer(client DockerClient, ctx context.Context, id string) (error, model.Container) {
+func inspectContainer(client DockerClient, ctx context.Context, id string) (error, Container) {
 	container, err := client.ContainerInspect(ctx, id)
 	if err != nil {
-		return err, model.Container{}
+		return err, Container{}
 	}
 
-	return nil, model.Container{
+	return nil, Container{
 		Id:     container.ID,
 		Name:   container.Name[1:],
 		Labels: container.Config.Labels,

docker/monitor.go

@@ -1,134 +0,0 @@
-package docker
-
-import (
-	"context"
-	"github.com/csmith/dotege/model"
-	"github.com/docker/docker/api/types"
-	"github.com/docker/docker/api/types/filters"
-	"github.com/docker/docker/client"
-	"go.uber.org/zap"
-	"time"
-)
-
-// ContainerMonitor watches for newly created and destroyed containers, and emits their information on a channel.
-// Destroyed containers are given a grace period before being announced, to allow for restarts etc to be less
-// disruptive.
-type ContainerMonitor struct {
-	logger             *zap.SugaredLogger
-	newContainers      chan<- model.Container
-	goneContainerNames chan<- string
-	client             *client.Client
-	expiryTimes        map[string]time.Time
-	deletionTime       time.Duration
-	nextExpiry         time.Time
-	expiryTimer        *time.Timer
-}
-
-// NewContainerMonitor creates a new container monitor
-func NewContainerMonitor(logger *zap.SugaredLogger, client *client.Client, newContainerChannel chan<- model.Container, goneContainerChannel chan<- string) *ContainerMonitor {
-	timer := time.NewTimer(time.Hour)
-	timer.Stop()
-
-	return &ContainerMonitor{
-		logger:             logger,
-		newContainers:      newContainerChannel,
-		goneContainerNames: goneContainerChannel,
-		client:             client,
-		expiryTimes:        make(map[string]time.Time),
-		deletionTime:       10 * time.Second,
-		expiryTimer:        timer,
-		nextExpiry:         time.Now(),
-	}
-}
-
-// Monitor starts monitoring for changes, and publishes info on any pre-existing containers. It blocks indefinitely,
-// and should be run from a goroutine.
-func (c *ContainerMonitor) Monitor() {
-	args := filters.NewArgs()
-	args.Add("type", "container")
-	args.Add("event", "create")
-	args.Add("event", "destroy")
-	eventsChan, errChan := c.client.Events(context.Background(), types.EventsOptions{Filters: args})
-
-	c.publishExistingContainers()
-
-	for {
-		select {
-		case event := <-eventsChan:
-			if event.Action == "create" {
-				c.publishNewContainer(event.Actor.ID)
-			} else {
-				c.scheduleExpiry(event.Actor.Attributes["name"])
-			}
-
-		case <-c.expiryTimer.C:
-			c.publishExpiredContainers()
-
-		case err := <-errChan:
-			c.logger.Fatal("Error received from docker events API", err)
-		}
-	}
-}
-
-func (c *ContainerMonitor) publishExistingContainers() {
-	containers, err := c.client.ContainerList(context.Background(), types.ContainerListOptions{})
-	if err != nil {
-		c.logger.Fatal("Error received trying to list containers", err)
-	}
-
-	for _, container := range containers {
-		c.logger.Infof("Found existing container %s", container.Names[0][1:])
-		c.newContainers <- model.Container{
-			Id:     container.ID,
-			Name:   container.Names[0][1:],
-			Labels: container.Labels,
-		}
-	}
-}
-
-func (c *ContainerMonitor) publishNewContainer(id string) {
-	container, err := c.client.ContainerInspect(context.Background(), id)
-	if err != nil {
-		c.logger.Fatal("Error received trying to inspect container", err)
-	}
-	c.newContainers <- model.Container{
-		Id:     container.ID,
-		Name:   container.Name[1:],
-		Labels: container.Config.Labels,
-	}
-	c.logger.Info("Found new container %s", container.Name[1:])
-	delete(c.expiryTimes, container.Name[1:])
-}
-
-func (c *ContainerMonitor) scheduleExpiry(name string) {
-	now := time.Now()
-	expiryTime := now.Add(c.deletionTime)
-	c.expiryTimes[name] = expiryTime
-	c.logger.Infof("Scheduling expiry timer for %s", name)
-	if c.nextExpiry.Before(now) || c.nextExpiry.After(expiryTime) {
-		c.logger.Debugf("Starting expiry timer with default duration")
-		c.expiryTimer.Reset(c.deletionTime + 1*time.Second)
-		c.nextExpiry = expiryTime
-	}
-}
-
-func (c *ContainerMonitor) publishExpiredContainers() {
-	now := time.Now()
-	next := 0 * time.Second
-
-	for name, expiryTime := range c.expiryTimes {
-		if expiryTime.Before(now) {
-			c.logger.Infof("Expiring %s", name)
-			delete(c.expiryTimes, name)
-			c.goneContainerNames <- name
-		} else if next == 0 || expiryTime.Sub(now) < next {
-			next = expiryTime.Sub(now)
-		}
-	}
-
-	if next > 0 {
-		c.logger.Debugf("Starting expiry timer with duration %s\n", next)
-		c.expiryTimer.Reset(next + 1*time.Second)
-		c.nextExpiry = now.Add(next)
-	}
-}

dotege.go

@@ -4,10 +4,7 @@ import (
 	"bytes"
 	"context"
 	"fmt"
-	"github.com/csmith/dotege/model"
 	"github.com/docker/docker/client"
-	"github.com/xenolf/lego/certcrypto"
-	"github.com/xenolf/lego/lego"
 	"go.uber.org/zap"
 	"go.uber.org/zap/zapcore"
 	"io/ioutil"
@@ -19,50 +16,31 @@ import (
 	"time"
 )
 
-const (
-	envCertDestinationKey         = "DOTEGE_CERT_DESTINATION"
-	envCertDestinationDefault     = "/data/certs/"
-	envDnsProviderKey             = "DOTEGE_DNS_PROVIDER"
-	envAcmeEmailKey               = "DOTEGE_ACME_EMAIL"
-	envAcmeEndpointKey            = "DOTEGE_ACME_ENDPOINT"
-	envAcmeKeyTypeKey             = "DOTEGE_ACME_KEY_TYPE"
-	envAcmeKeyTypeDefault         = "P384"
-	envAcmeCacheLocationKey       = "DOTEGE_ACME_CACHE_FILE"
-	envAcmeCacheLocationDefault   = "/data/config/certs.json"
-	envSignalContainerKey         = "DOTEGE_SIGNAL_CONTAINER"
-	envSignalContainerDefault     = ""
-	envSignalTypeKey              = "DOTEGE_SIGNAL_TYPE"
-	envSignalTypeDefault          = "HUP"
-	envTemplateDestinationKey     = "DOTEGE_TEMPLATE_DESTINATION"
-	envTemplateDestinationDefault = "/data/output/haproxy.cfg"
-	envTemplateSourceKey          = "DOTEGE_TEMPLATE_SOURCE"
-	envTemplateSourceDefault      = "./templates/haproxy.cfg.tpl"
-)
+// Container models a docker container that is running on the system.
+type Container struct {
+	Id     string
+	Name   string
+	Labels map[string]string
+}
+
+// Hostname describes a DNS name used for proxying, retrieving certificates, etc.
+type Hostname struct {
+	Name            string
+	Alternatives    map[string]bool
+	Containers      []*Container
+	CertDestination string
+	RequiresAuth    bool
+	AuthGroup       string
+}
 
 var (
 	logger             *zap.SugaredLogger
 	certificateManager *CertificateManager
-	config             *model.Config
+	config             *Config
 	dockerClient       *client.Client
-	containers         = make(map[string]*model.Container)
+	containers         = make(map[string]*Container)
 )
 
-func requiredVar(key string) (value string) {
-	value, ok := os.LookupEnv(key)
-	if !ok {
-		panic(fmt.Errorf("required environmental variable not defined: %s", key))
-	}
-	return
-}
-
-func optionalVar(key string, fallback string) (value string) {
-	value, ok := os.LookupEnv(key)
-	if !ok {
-		value = fallback
-	}
-	return
-}
-
 func monitorSignals() <-chan bool {
 	signals := make(chan os.Signal, 1)
 	done := make(chan bool, 1)
@@ -89,54 +67,15 @@ func createLogger() *zap.SugaredLogger {
 	return logger.Sugar()
 }
 
-func createSignalConfig() []model.ContainerSignal {
-	name := optionalVar(envSignalContainerKey, envSignalContainerDefault)
-	if name == envSignalContainerDefault {
-		return []model.ContainerSignal{}
-	} else {
-		return []model.ContainerSignal{
-			{
-				Name:   name,
-				Signal: optionalVar(envSignalTypeKey, envSignalTypeDefault),
-			},
-		}
-	}
-}
-
-func createConfig() {
-	config = &model.Config{
-		Templates: []model.TemplateConfig{
-			{
-				Source:      optionalVar(envTemplateSourceKey, envTemplateSourceDefault),
-				Destination: optionalVar(envTemplateDestinationKey, envTemplateDestinationDefault),
-			},
-		},
-		Labels: model.LabelConfig{
-			Hostnames:   "com.chameth.vhost",
-			RequireAuth: "com.chameth.auth",
-		},
-		Acme: model.AcmeConfig{
-			DnsProvider:   requiredVar(envDnsProviderKey),
-			Email:         requiredVar(envAcmeEmailKey),
-			Endpoint:      optionalVar(envAcmeEndpointKey, lego.LEDirectoryProduction),
-			KeyType:       certcrypto.KeyType(optionalVar(envAcmeKeyTypeKey, envAcmeKeyTypeDefault)),
-			CacheLocation: optionalVar(envAcmeCacheLocationKey, envAcmeCacheLocationDefault),
-		},
-		Signals:                createSignalConfig(),
-		DefaultCertActions:     model.COMBINE | model.FLATTEN,
-		DefaultCertDestination: optionalVar(envCertDestinationKey, envCertDestinationDefault),
-	}
-}
-
-func createTemplateGenerator(templates []model.TemplateConfig) *TemplateGenerator {
-	templateGenerator := NewTemplateGenerator(logger)
+func createTemplateGenerator(templates []TemplateConfig) *TemplateGenerator {
+	templateGenerator := NewTemplateGenerator()
 	for _, template := range templates {
 		templateGenerator.AddTemplate(template)
 	}
 	return templateGenerator
 }
 
-func createCertificateManager(config model.AcmeConfig) {
+func createCertificateManager(config AcmeConfig) {
 	certificateManager = NewCertificateManager(logger, config.Endpoint, config.KeyType, config.DnsProvider, config.CacheLocation)
 	err := certificateManager.Init(config.Email)
 	if err != nil {
@@ -163,10 +102,10 @@ func main() {
 
 	jitterTimer := time.NewTimer(time.Minute)
 	redeployTimer := time.NewTicker(time.Hour * 24)
-	updatedContainers := make(map[string]*model.Container)
+	updatedContainers := make(map[string]*Container)
 
 	go func() {
-		err := monitorContainers(dockerClient, dockerStopChan, func(container *model.Container) {
+		err := monitorContainers(dockerClient, dockerStopChan, func(container *Container) {
 			containers[container.Name] = container
 			updatedContainers[container.Name] = container
 			jitterTimer.Reset(100 * time.Millisecond)
@@ -185,7 +124,7 @@ func main() {
 		for {
 			select {
 			case <-jitterTimer.C:
-				hostnames := getHostnames(containers, *config)
+				hostnames := getHostnames(containers)
 				updated := templateGenerator.Generate(Context{
 					Containers: containers,
 					Hostnames:  hostnames,
@@ -234,7 +173,7 @@ func signalContainer() {
 	}
 }
 
-func getHostnamesForContainer(container *model.Container) []string {
+func getHostnamesForContainer(container *Container) []string {
 	if label, ok := container.Labels[config.Labels.Hostnames]; ok {
 		return strings.Split(strings.Replace(label, ",", " ", -1), " ")
 	} else {
@@ -242,19 +181,18 @@ func getHostnamesForContainer(container *model.Container) []string {
 	}
 }
 
-func getHostnames(containers map[string]*model.Container, config model.Config) (hostnames map[string]*model.Hostname) {
-	hostnames = make(map[string]*model.Hostname)
+func getHostnames(containers map[string]*Container) (hostnames map[string]*Hostname) {
+	hostnames = make(map[string]*Hostname)
 	for _, container := range containers {
 		if label, ok := container.Labels[config.Labels.Hostnames]; ok {
 			names := strings.Split(strings.Replace(label, ",", " ", -1), " ")
 			if hostname, ok := hostnames[names[0]]; ok {
 				hostname.Containers = append(hostname.Containers, container)
 			} else {
-				hostnames[names[0]] = &model.Hostname{
+				hostnames[names[0]] = &Hostname{
 					Name:            names[0],
 					Alternatives:    make(map[string]bool),
-					Containers:      []*model.Container{container},
-					CertActions:     config.DefaultCertActions,
+					Containers:      []*Container{container},
 					CertDestination: config.DefaultCertDestination,
 				}
 			}
@@ -269,13 +207,13 @@ func getHostnames(containers map[string]*model.Container, config model.Config) (
 	return
 }
 
-func addAlternatives(hostname *model.Hostname, alternatives []string) {
+func addAlternatives(hostname *Hostname, alternatives []string) {
 	for _, alternative := range alternatives {
 		hostname.Alternatives[alternative] = true
 	}
 }
 
-func deployCertForContainer(container *model.Container) bool {
+func deployCertForContainer(container *Container) bool {
 	hostnames := getHostnamesForContainer(container)
 	if len(hostnames) == 0 {
 		logger.Debugf("No labels found for container %s", container.Name)

model/model.go

@@ -1,84 +0,0 @@
-package model
-
-import (
-	"github.com/xenolf/lego/certcrypto"
-	"time"
-)
-
-// CertActions define what will be done with a certificate
-type CertActions uint8
-
-// constants defining CertActions
-const (
-	// COMBINE the full chain and private key into one file
-	COMBINE CertActions = 1 << iota
-	// FLATTEN the directory structure so all files are in one dir
-	FLATTEN
-	// CHMOD the files so they are world readable (potentially dangerous!)
-	CHMOD
-)
-
-// Container models a docker container that is running on the system.
-type Container struct {
-	Id     string
-	Name   string
-	Labels map[string]string
-}
-
-// LabelConfig describes the labels used for various properties.
-type LabelConfig struct {
-	Hostnames   string
-	RequireAuth string
-}
-
-// AcmeConfig describes the configuration to use for getting certs using ACME.
-type AcmeConfig struct {
-	Email         string
-	DnsProvider   string
-	Endpoint      string
-	KeyType       certcrypto.KeyType
-	CacheLocation string
-}
-
-// Hostname describes a DNS name used for proxying, retrieving certificates, etc.
-type Hostname struct {
-	Name            string
-	Alternatives    map[string]bool
-	Containers      []*Container
-	CertActions     CertActions
-	CertDestination string
-	RequiresAuth    bool
-	AuthGroup       string
-}
-
-// Config is the user-definable configuration for Dotege.
-type Config struct {
-	Templates              []TemplateConfig
-	Signals                []ContainerSignal
-	Labels                 LabelConfig
-	DefaultCertActions     CertActions
-	DefaultCertDestination string
-	Acme                   AcmeConfig
-}
-
-// TemplateConfig configures a single template for the generator.
-type TemplateConfig struct {
-	Source      string
-	Destination string
-}
-
-// ContainerSignal describes a container that should be sent a signal when the config/certs change.
-type ContainerSignal struct {
-	Name   string
-	Signal string
-}
-
-// FoundCertificate describes a certificate we've located on disk.
-type FoundCertificate struct {
-	Hostname   string
-	Cert       string
-	Chain      string
-	FullChain  string
-	PrivateKey string
-	ModTime    time.Time
-}

template_generator.go → templates.go

@@ -1,8 +1,6 @@
 package main
 
 import (
-	"github.com/csmith/dotege/model"
-	"go.uber.org/zap"
 	"io/ioutil"
 	"path"
 	"sort"
@@ -11,18 +9,17 @@ import (
 )
 
 type Context struct {
-	Containers map[string]*model.Container
-	Hostnames  map[string]*model.Hostname
+	Containers map[string]*Container
+	Hostnames  map[string]*Hostname
 }
 
 type Template struct {
-	config   model.TemplateConfig
+	config   TemplateConfig
 	content  string
 	template *template.Template
 }
 
 type TemplateGenerator struct {
-	logger    *zap.SugaredLogger
 	templates []*Template
 }
 
@@ -37,17 +34,15 @@ var funcMap = template.FuncMap{
 	},
 }
 
-func NewTemplateGenerator(logger *zap.SugaredLogger) *TemplateGenerator {
-	return &TemplateGenerator{
-		logger: logger,
-	}
+func NewTemplateGenerator() *TemplateGenerator {
+	return &TemplateGenerator{}
 }
 
-func (t *TemplateGenerator) AddTemplate(config model.TemplateConfig) {
-	t.logger.Infof("Adding template from %s, writing to %s", config.Source, config.Destination)
+func (t *TemplateGenerator) AddTemplate(config TemplateConfig) {
+	logger.Infof("Registered template from %s, writing to %s", config.Source, config.Destination)
 	tmpl, err := template.New(path.Base(config.Source)).Funcs(funcMap).ParseFiles(config.Source)
 	if err != nil {
-		t.logger.Fatal("Unable to parse template", err)
+		logger.Fatal("Unable to parse template", err)
 	}
 
 	buf, _ := ioutil.ReadFile(config.Destination)
@@ -60,7 +55,7 @@ func (t *TemplateGenerator) AddTemplate(config model.TemplateConfig) {
 
 func (t *TemplateGenerator) Generate(context Context) (updated bool) {
 	for _, tmpl := range t.templates {
-		t.logger.Debugf("Checking for updates to %s", tmpl.config.Source)
+		logger.Debugf("Checking for updates to %s", tmpl.config.Source)
 		builder := &strings.Builder{}
 		err := tmpl.template.Execute(builder, context)
 		if err != nil {
@@ -68,12 +63,14 @@ func (t *TemplateGenerator) Generate(context Context) (updated bool) {
 		}
 		if tmpl.content != builder.String() {
 			updated = true
-			t.logger.Infof("Writing updated template to %s", tmpl.config.Destination)
+			logger.Infof("Writing updated template to %s", tmpl.config.Destination)
 			tmpl.content = builder.String()
 			err = ioutil.WriteFile(tmpl.config.Destination, []byte(builder.String()), 0666)
 			if err != nil {
-				t.logger.Fatal("Unable to write template", err)
+				logger.Fatal("Unable to write template", err)
 			}
+		} else {
+			logger.Debugf("Not writing template to %s as content is the same", tmpl.config.Destination)
 		}
 	}
 	return