Steven/certman
2
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases 3 Wiki Activity

Migrated to cobra for command handling and viper for config handling

Browse Source
This commit is contained in:
Steven Tracey
2026-02-25 21:17:23 +01:00
parent 61b65bf81c
commit 9eeb7a6ec0
13 changed files with 646 additions and 580 deletions
Download Patch File Download Diff File Expand all files Collapse all files

410
main.go
View File

@@ -2,303 +2,136 @@ package main
import (
"context"
"errors"
"flag"
"fmt"
"log"
"os"
"os/signal"
"strings"
"sync"
"syscall"
"time"
"git.nevets.tech/Steven/ezconf"
"github.com/spf13/cobra"
)
var version = "1.0.0"
var build = "1"
var build = "2"
var config *ezconf.Configuration
var ctx context.Context
var cancel context.CancelFunc
var wg sync.WaitGroup
var (
configFile string
ctx context.Context
cancel context.CancelFunc
wg sync.WaitGroup
)
//TODO create logic for gh vs gt repos
func main() {
devFlag := flag.Bool("dev", false, "Developer Mode")
versionFlag := flag.Bool("version", false, "Show version")
helpFlag := flag.Bool("help", false, "Show help")
configFile := flag.String("config", "/etc/certman/certman.conf", "Configuration file")
newDomainFlag := flag.String("new-domain", "example.com", "Domain to create new configs and directories for")
newDomainDirFlag := flag.String("new-domain-dir", "/opt/certs/example.com", "Directory that certs will be stored in")
installFlag := flag.Bool("install", false, "Install Certman")
modeFlag := flag.String("mode", "client", "CertManager Mode [server, client]")
thinInstallFlag := flag.Bool("t", false, "Thin Install (skip creating dirs)")
newKeyFlag := flag.Bool("newkey", false, "Generate new encryption key")
reloadFlag := flag.Bool("reload", false, "Reload configs")
stopFlag := flag.Bool("stop", false, "Stop certman")
daemonFlag := flag.Bool("d", false, "Daemon Mode")
flag.Parse()
if *devFlag {
testDomain := "lunamc.org"
var err error
config, err = ezconf.LoadConfiguration("/etc/certman/certman.conf")
if err != nil {
log.Fatalf("Error loading configuration: %v\n", err)
}
err = loadDomainConfigs()
if err != nil {
log.Fatalf("Error loading configs: %v\n", err)
}
fmt.Println(testDomain)
os.Exit(0)
rootCmd := &cobra.Command{
Use: "certman",
Short: "CertMan",
Long: "Certificate Manager",
RunE: func(cmd *cobra.Command, args []string) error {
return cmd.Help()
},
}
if *versionFlag {
fmt.Println("CertManager (certman) - Steven Tracey\nVersion: " + version + " build-" + build)
os.Exit(0)
rootCmd.PersistentFlags().StringVarP(&configFile, "config", "c", "/etc/certman/certman.conf", "Configuration file")
rootCmd.AddCommand(basicCmd("version", "Show version", versionCmd))
rootCmd.AddCommand(basicCmd("gen-key", "Generates encryption key", newKeyCmd))
rootCmd.AddCommand(basicCmd("dev", "Dev Function", devCmd))
var domainCertDir string
newDomainCmd := &cobra.Command{
Use: "new-domain",
Short: "Create config and directories for new domain",
Args: cobra.ExactArgs(1),
SilenceUsage: true,
SilenceErrors: true,
RunE: func(cmd *cobra.Command, args []string) error {
dirOverridden := cmd.Flags().Changed("dir")
return newDomain(args[0], domainCertDir, dirOverridden)
},
}
newDomainCmd.Flags().StringVar(&domainCertDir, "dir", "/var/local/certman/certificates/", "Alternate directory for certificates")
rootCmd.AddCommand(newDomainCmd)
if *helpFlag {
fmt.Printf(`CertManager (certman) - Steven Tracey
Version: %s build-%s
Subcommands: certman -subcommand
- version Shows the current version and build
- help Displays this help message
- newkey Creates a new random 256 bit base64 key
Daemon Controls: certman -command
- d Start in daemon mode
- reload Reload configs
- stop Stop Daemon
Installation: certman -install -mode (mode) [-t] [-config /path/to/file]
- install
- mode [mode] Uses the specified config file [server, client]
- t Thin install (skip creating directories)
- config /path/to/file Create config file at the specified path
New Domain Options: certman -new-domain example.com [-new-domain-dir /path/to/certs]
- new-domain Creates a new domain config
- new-domain-dir Specifies directory for new domain certificates to be stored
`, version, build)
os.Exit(0)
}
if *newDomainFlag != "example.com" {
fmt.Printf("Creating new domain %s\n", *newDomainFlag)
createNewDomainConfig(*newDomainFlag)
createNewDomainCertsDir(*newDomainFlag, *newDomainDirFlag)
fmt.Println("Successfully created domain entry for " + *newDomainFlag + "\nUpdate config file as needed in /etc/certman/domains/" + *newDomainFlag + ".conf")
os.Exit(0)
}
if *installFlag {
if !*thinInstallFlag {
makeDirs()
}
var err error
config, err = ezconf.NewConfiguration(*configFile, strings.ReplaceAll(defaultConfig, "{mode}", *modeFlag))
if err != nil {
log.Fatalf("Error creating config: %s\n", err)
}
os.Exit(0)
}
if *newKeyFlag {
key, err := GenerateKey()
if err != nil {
log.Fatalf("%v", err)
}
fmt.Printf(key)
os.Exit(0)
}
if *reloadFlag {
proc, err := getDaemonProcess()
if err != nil {
log.Fatalf("Error getting daemon process: %v", err)
}
err = proc.Signal(syscall.SIGHUP)
if err != nil {
log.Fatalf("Error sending SIGHUP to daemon PID: %v\n", err)
}
os.Exit(0)
}
if *stopFlag {
proc, err := getDaemonProcess()
if err != nil {
log.Fatalf("Error getting daemon process: %v", err)
}
err = proc.Signal(syscall.SIGTERM)
if err != nil {
log.Fatalf("Error sending SIGTERM to daemon PID: %v\n", err)
}
os.Exit(0)
}
if *daemonFlag {
err := createOrUpdatePIDFile("/var/run/certman.pid")
if err != nil {
if errors.Is(err, ErrorPIDInUse) {
log.Fatalf("Deemon process is already running\n")
var (
modeFlag string
thinInstallFlag bool
)
installCmd := &cobra.Command{
Use: "install",
Short: "Create certman files and directories",
RunE: func(cmd *cobra.Command, args []string) error {
switch modeFlag {
case "server", "client":
return install(thinInstallFlag, modeFlag)
default:
return fmt.Errorf("invalid --mode %q (must be server or client)", modeFlag)
}
log.Fatalf("Error creating pidfile: %v\n", err)
}
},
}
installCmd.Flags().StringVar(&modeFlag, "mode", "client", "CertManager mode [server, client]")
installCmd.Flags().BoolVarP(&thinInstallFlag, "thin", "t", false, "Thin install (skip creating dirs)")
rootCmd.AddCommand(installCmd)
ctx, cancel = context.WithCancel(context.Background())
daemonCmd := &cobra.Command{
Use: "daemon",
Short: "Daemon management",
RunE: func(cmd *cobra.Command, args []string) error {
return cmd.Help()
},
}
// Check if main config exists
if _, err := os.Stat(*configFile); os.IsNotExist(err) {
log.Fatalf("Main config file not found, please run 'certman --install', then properly configure /etc/certman/certman.conf.")
} else if err != nil {
fmt.Printf("Error opening %s: %v\n", *configFile, err)
}
config, err = ezconf.LoadConfiguration(*configFile)
if err != nil {
log.Fatalf("Error loading configuration: %v\n", err)
}
daemonCmd.AddCommand(&cobra.Command{
Use: "start",
Short: "Start the daemon",
Args: cobra.NoArgs,
RunE: func(cmd *cobra.Command, args []string) error {
return runDaemonCmd()
},
})
// Setup SIGINT and SIGTERM listeners
sigChannel := make(chan os.Signal, 1)
signal.Notify(sigChannel, syscall.SIGINT, syscall.SIGTERM)
defer signal.Stop(sigChannel)
daemonCmd.AddCommand(&cobra.Command{
Use: "stop",
Short: "Stop the daemon",
Args: cobra.NoArgs,
RunE: func(cmd *cobra.Command, args []string) error {
return stopDaemonCmd()
},
})
reloadSigChan := make(chan os.Signal, 1)
signal.Notify(reloadSigChan, syscall.SIGHUP)
defer signal.Stop(reloadSigChan)
daemonCmd.AddCommand(&cobra.Command{
Use: "reload",
Short: "Reload daemon configs",
Args: cobra.NoArgs,
RunE: func(cmd *cobra.Command, args []string) error {
return reloadDaemonCmd()
},
})
ticker := time.NewTicker(30 * time.Second)
defer ticker.Stop()
daemonCmd.AddCommand(&cobra.Command{
Use: "status",
Short: "Show daemon status",
Args: cobra.NoArgs,
RunE: func(cmd *cobra.Command, args []string) error {
return statusDaemonCmd()
},
})
wg.Add(1)
if config.GetAsString("App.mode") == "server" {
fmt.Println("Starting CertManager in server mode...")
// Server Task loop
go func() {
initServer()
defer wg.Done()
for {
select {
case <-ctx.Done():
stopServer()
return
case <-reloadSigChan:
reloadServer()
case <-ticker.C:
serverTick()
}
}
}()
} else if config.GetAsString("App.mode") == "client" {
fmt.Println("Starting CertManager in client mode...")
// Client Task loop
go func() {
initClient()
defer wg.Done()
for {
select {
case <-ctx.Done():
stopClient()
return
case <-reloadSigChan:
reloadClient()
case <-ticker.C:
clientTick()
}
}
}()
} else {
fmt.Println("Invalid operating mode \"" + config.GetAsString("App.mode") + "\"")
}
rootCmd.AddCommand(daemonCmd)
// Cleanup on stop
sig := <-sigChannel
fmt.Printf("Program terminated with %v\n", sig)
stop()
wg.Wait()
if err := rootCmd.Execute(); err != nil {
fmt.Fprintln(os.Stderr, err)
os.Exit(1)
}
}
func stop() {
cancel()
clearPIDFile()
func basicCmd(use, short string, commandFunc func(cmd *cobra.Command, args []string)) *cobra.Command {
return &cobra.Command{
Use: use,
Short: short,
Run: commandFunc,
}
}
//var legoBaseArgs []string
//
//func maindis() {
// config, err := ezconf.NewConfiguration("/etc/certman/certman.conf", "")
// var domain string
// if err != nil {
// log.Fatalf("Error loading configuration: %v\n", err)
// }
//
// args := os.Args
//
// // -d
// hasDomain, domainIndex := contains(args, "-d")
// if hasDomain {
// domain = args[domainIndex+1]
// } else {
// log.Fatalf("Error, no domain passed. Please add '-d domain.tld' to the command\n")
// }
//
// hasDns, dnsIndex := contains(args, "--dns")
//
// legoBaseArgs = []string{
// "-a",
// "--dns",
// "cloudflare",
// "--email=" + config.GetAsString("Cloudflare.cf_email"),
// "--domains=" + domain,
// "--domains=*." + domain,
// "--path=" + config.GetAsString("Certificates.certs_path"),
// }
// legoNewSiteArgs := append(legoBaseArgs, "run")
// legoRenewSiteArgs := append(legoBaseArgs, "renew", "--days", "90")
//
// subdomains := config.GetAsStrings("Certificates.subdomains")
// if subdomains != nil {
// for i, subdomain := range subdomains {
// legoBaseArgs = insert(legoBaseArgs, 5+i, "--domains=*."+subdomain+"."+domain)
// }
// }
//
// if hasDns {
// legoBaseArgs = insert(legoBaseArgs, 3, "--dns.resolvers="+args[dnsIndex+1])
// }
//
// giteaClient = createGiteaClient()
// gitWorkspace := &GitWorkspace{
// Storage: memory.NewStorage(),
// FS: memfs.New(),
// }
//
// var cmd *exec.Cmd
// switch args[len(args)-1] {
// case "gen":
// {
// url := createGiteaRepo(domain)
@@ -343,44 +176,3 @@ func stop() {
// }
// os.Exit(0)
// }
// default:
// {
// fmt.Println("Missing arguments: conclude command with 'gen' or 'renew'")
// os.Exit(1)
// }
// }
// cmd.Env = append(cmd.Environ(),
// "CLOUDFLARE_DNS_API_TOKEN="+config.GetAsString("Cloudflare.cf_api_token"),
// "CLOUDFLARE_ZONE_API_TOKEN"+config.GetAsString("Cloudflare.cf_api_token"),
// "CLOUDFLARE_EMAIL="+config.GetAsString("Cloudflare.cf_email"),
// )
// stdout, err := cmd.StdoutPipe()
// if err != nil {
// fmt.Printf("Error getting stdout from lego process: %v\n", err)
// os.Exit(1)
// }
// err = cmd.Start()
// if err != nil {
// fmt.Printf("Error creating certs with lego: %v\n", err)
// os.Exit(1)
// }
// scanner := bufio.NewScanner(stdout)
// go func() {
// for scanner.Scan() {
// fmt.Println(scanner.Text())
// }
// if err := scanner.Err(); err != nil {
// fmt.Fprintln(os.Stderr, "reading standard input:", err)
// }
// }()
// err = cmd.Wait()
// if err != nil {
// fmt.Printf("Error waiting for lego command to finish: %v\n", err)
// os.Exit(1)
// }
// err = addAndPushCerts(domain, gitWorkspace)
// if err != nil {
// fmt.Printf("Error adding and pushing certs: %v\n", err)
// return
// }
//}