Go 1.9 and Iris v8, added possibility to bind to IP

.travis.yml

@@ -1,6 +1,6 @@
 language: go
 go:
- - 1.8
+ - 1.9
 env:
  - "PATH=/home/travis/gopath/bin:$PATH"
 before_install:

README.md

@@ -107,7 +107,7 @@ Check out how in the INSTALL section.
 
 ## Installation
 
-1) Install [Go 1.8 or newer](https://golang.org/doc/install)
+1) Install [Go 1.9 or newer](https://golang.org/doc/install)
 
 2) Clone this repo: `git clone https://github.com/joohoi/acme-dns $GOPATH/src/acme-dns`
 

api.go

@@ -4,15 +4,15 @@ import (
  "errors"
  "fmt"
 
+ "github.com/kataras/iris"
  log "github.com/sirupsen/logrus"
- "gopkg.in/kataras/iris.v6"
 )
 
 // Serve is an authentication middlware function used to authenticate update requests
-func (a authMiddleware) Serve(ctx *iris.Context) {
+func (a authMiddleware) Serve(ctx iris.Context) {
  allowUpdate := false
- usernameStr := ctx.RequestHeader("X-Api-User")
- password := ctx.RequestHeader("X-Api-Key")
+ usernameStr := ctx.GetHeader("X-Api-User")
+ password := ctx.GetHeader("X-Api-Key")
  postData := ACMETxt{}
 
  username, err := getValidUsername(usernameStr)
@@ -28,7 +28,7 @@ func (a authMiddleware) Serve(ctx *iris.Context) {
 
  // Now test for the possibly limited ranges
  if DNSConf.API.UseHeader {
- ips := getIPListFromHeader(ctx.RequestHeader(DNSConf.API.HeaderName))
+ ips := getIPListFromHeader(ctx.GetHeader(DNSConf.API.HeaderName))
  allowUpdate = au.allowedFromList(ips)
  } else {
  allowUpdate = au.allowedFrom(ctx.RemoteAddr())
@@ -43,7 +43,9 @@ func (a authMiddleware) Serve(ctx *iris.Context) {
  }
  } else {
  // JSON error
- ctx.JSON(iris.StatusBadRequest, iris.Map{"error": "bad data"})
+ log.WithFields(log.Fields{"error": err.Error()}).Warning("Failed reading POST data")
+ ctx.JSON(iris.Map{"error": "bad data"})
+ ctx.StatusCode(iris.StatusBadRequest)
  return
  }
  }
@@ -53,10 +55,11 @@ func (a authMiddleware) Serve(ctx *iris.Context) {
  }
  }
  }
- ctx.JSON(iris.StatusUnauthorized, iris.Map{"error": "unauthorized"})
+ ctx.JSON(iris.Map{"error": "unauthorized"})
+ ctx.StatusCode(iris.StatusUnauthorized)
 }
 
-func webRegisterPost(ctx *iris.Context) {
+func webRegisterPost(ctx iris.Context) {
  var regJSON iris.Map
  var regStatus int
  aTXT := ACMETxt{}
@@ -74,13 +77,14 @@ func webRegisterPost(ctx *iris.Context) {
 
  log.WithFields(log.Fields{"user": nu.Username.String()}).Debug("Created new user")
  }
- ctx.JSON(regStatus, regJSON)
+ ctx.JSON(regJSON)
+ ctx.StatusCode(regStatus)
 }
 
-func webUpdatePost(ctx *iris.Context) {
+func webUpdatePost(ctx iris.Context) {
  // User auth done in middleware
  a := ACMETxt{}
- userStr := ctx.RequestHeader("X-API-User")
+ userStr := ctx.GetHeader("X-API-User")
  // Already checked in auth middlware
  username, _ := getValidUsername(userStr)
  // Already checked in auth middleware
@@ -94,16 +98,18 @@ func webUpdatePost(ctx *iris.Context) {
  webUpdatePostError(ctx, errors.New("internal error"), iris.StatusInternalServerError)
  return
  }
- ctx.JSON(iris.StatusOK, iris.Map{"txt": a.Value})
+ ctx.JSON(iris.Map{"txt": a.Value})
+ ctx.StatusCode(iris.StatusOK)
  } else {
  log.WithFields(log.Fields{"subdomain": a.Subdomain, "txt": a.Value}).Debug("Bad data for subdomain")
  webUpdatePostError(ctx, errors.New("bad data"), iris.StatusBadRequest)
  return
  }
 }
 
-func webUpdatePostError(ctx *iris.Context, err error, status int) {
+func webUpdatePostError(ctx iris.Context, err error, status int) {
  errStr := fmt.Sprintf("%v", err)
  updJSON := iris.Map{"error": errStr}
- ctx.JSON(status, updJSON)
+ ctx.JSON(updJSON)
+ ctx.StatusCode(status)
 }

config.cfg

@@ -33,6 +33,10 @@ connection = "acme-dns.db"
 [api]
 # domain name to listen requests for, mandatory if using tls = "letsencrypt"
 api_domain = ""
+# email to use for account registration for Let's Encrypt, used only if tls = "letsencrypt"
+le_email = "[email protected]"
+# listen ip eg. 127.0.0.1
+ip = "127.0.0.1"
 # listen port, eg. 443 for default HTTPS
 port = "8080"
 # possible values: "letsencrypt", "cert", "none"

main.go

@@ -5,10 +5,9 @@ package main
 import (
  "os"
 
+ "github.com/iris-contrib/middleware/cors"
+ "github.com/kataras/iris"
  log "github.com/sirupsen/logrus"
- "gopkg.in/kataras/iris.v6"
- "gopkg.in/kataras/iris.v6/adaptors/cors"
- "gopkg.in/kataras/iris.v6/adaptors/httprouter"
 )
 
 func main() {
@@ -41,9 +40,8 @@ func main() {
 }
 
 func startHTTPAPI() {
- api := iris.New(iris.Configuration{DisableBodyConsumptionOnUnmarshal: true})
- api.Adapt(httprouter.New())
- api.Adapt(cors.New(cors.Options{
+ api := iris.New()
+ api.Use(cors.New(cors.Options{
  AllowedOrigins: DNSConf.API.CorsOrigins,
  AllowedMethods: []string{"GET", "POST"},
  OptionsPassthrough: false,
@@ -52,18 +50,14 @@ func startHTTPAPI() {
  var ForceAuth = authMiddleware{}
  api.Post("/register", webRegisterPost)
  api.Post("/update", ForceAuth.Serve, webUpdatePost)
+
+ host := DNSConf.API.Domain + ":" + DNSConf.API.Port
  switch DNSConf.API.TLS {
  case "letsencrypt":
- listener, err := iris.LETSENCRYPT("0.0.0.0", DNSConf.API.Domain)
- err = api.Serve(listener)
- if err != nil {
- log.Errorf("Error in HTTP server [%v]", err)
- }
+ api.Run(iris.AutoTLS(host, DNSConf.API.Domain, DNSConf.API.LEmail), iris.WithoutBodyConsumptionOnUnmarshal)
  case "cert":
- host := DNSConf.API.Domain + ":" + DNSConf.API.Port
- api.ListenTLS(host, DNSConf.API.TLSCertFullchain, DNSConf.API.TLSCertPrivkey)
+ api.Run(iris.TLS(host, DNSConf.API.TLSCertFullchain, DNSConf.API.TLSCertPrivkey), iris.WithoutBodyConsumptionOnUnmarshal)
  default:
- host := DNSConf.API.Domain + ":" + DNSConf.API.Port
- api.Listen(host)
+ api.Run(iris.Addr(host), iris.WithoutBodyConsumptionOnUnmarshal)
  }
 }

types.go

@@ -51,6 +51,8 @@ type dbsettings struct {
 // API config
 type httpapi struct {
  Domain string `toml:"api_domain"`
+ LEmail string `toml:"le_email"`
+ IP string
  Port string
  TLS string
  TLSCertPrivkey string `toml:"tls_cert_privkey"`