12345678910111213141516171819202122232425262728293031323334353637383940414243444546474849505152535455565758596061626364656667686970717273747576777879808182838485868788899091 |
- package certs
-
- import (
- "go.uber.org/zap"
- "io/ioutil"
- "path"
- "strings"
- "time"
- )
-
- // CertificateManager handles scanning for new/updated certificates and deploying them to a destination.
- type CertificateManager struct {
- logger *zap.SugaredLogger
- directories []string
- }
-
- type foundCertificate struct {
- cert string
- chain string
- fullChain string
- privateKey string
- modTime time.Time
- }
-
- // NewCertificateManager creates a new CertificateManager.
- func NewCertificateManager(logger *zap.SugaredLogger) *CertificateManager {
- return &CertificateManager{
- logger: logger,
- }
- }
-
- func (c *CertificateManager) AddDirectory(directory string) {
- c.directories = append(c.directories, directory)
- go c.scanForFolders(directory)
- }
-
- func (c *CertificateManager) scanForFolders(dir string) {
- dirs, err := ioutil.ReadDir(dir)
- if err != nil {
- c.logger.Errorf("Unable to read directory %s - %s", dir, err.Error())
- return
- }
-
- for _, d := range dirs {
- if d.IsDir() {
- c.scanForCerts(d.Name(), path.Join(dir, d.Name()))
- }
- }
- }
-
- func (c *CertificateManager) scanForCerts(vhost string, dir string) {
- files, err := ioutil.ReadDir(dir)
- if err != nil {
- c.logger.Errorf("Unable to read directory %s - %s", dir, err.Error())
- return
- }
-
- cert := foundCertificate{}
- for _, f := range files {
- ext := path.Ext(f.Name())
- base := path.Base(f.Name())
- if ext == "" && strings.Contains(base, "-") {
- switch parts := strings.Split(base, "-"); parts[0] {
- case "cert":
- cert.cert = path.Join(dir, f.Name())
- if f.ModTime().After(cert.modTime) {
- cert.modTime = f.ModTime()
- }
- case "chain":
- cert.chain = path.Join(dir, f.Name())
- if f.ModTime().After(cert.modTime) {
- cert.modTime = f.ModTime()
- }
- case "fullchain":
- cert.fullChain = path.Join(dir, f.Name())
- if f.ModTime().After(cert.modTime) {
- cert.modTime = f.ModTime()
- }
- case "privkey":
- cert.privateKey = path.Join(dir, f.Name())
- if f.ModTime().After(cert.modTime) {
- cert.modTime = f.ModTime()
- }
- }
- }
- }
-
- if len(cert.cert) > 0 && len(cert.chain) > 0 && len(cert.fullChain) > 0 && len(cert.privateKey) > 0 {
- c.logger.Debugf("Found certificate files for %s in %s", vhost, dir)
- }
- }
|