Skip to content

Commit

Permalink
Fix datarhei/restreamer#425
Browse files Browse the repository at this point in the history
  • Loading branch information
@ioppermann
ioppermann committed Oct 10, 2022
1 parent eb57fb5 commit f896c1a
Showing 1 changed file with 80 additions and 75 deletions.
155 changes: 80 additions & 75 deletions app/api/api.go
View file
Original file line number Diff line number Diff line change
Expand Up @@ -649,98 +649,102 @@ func (a *api) start() error {

var autocertManager *certmagic.Config

if cfg.TLS.Enable && cfg.TLS.Auto {
if len(cfg.Host.Name) == 0 {
return fmt.Errorf("at least one host must be provided in host.name or RS_HOST_NAME")
}
if cfg.TLS.Enable {
if cfg.TLS.Auto {
if len(cfg.Host.Name) == 0 {
return fmt.Errorf("at least one host must be provided in host.name or RS_HOST_NAME")
}

certmagic.DefaultACME.Agreed = true
certmagic.DefaultACME.Email = cfg.TLS.Email
certmagic.DefaultACME.CA = certmagic.LetsEncryptProductionCA
certmagic.DefaultACME.DisableHTTPChallenge = false
certmagic.DefaultACME.DisableTLSALPNChallenge = true
certmagic.DefaultACME.Logger = nil
certmagic.DefaultACME.Agreed = true
certmagic.DefaultACME.Email = cfg.TLS.Email
certmagic.DefaultACME.CA = certmagic.LetsEncryptProductionCA
certmagic.DefaultACME.DisableHTTPChallenge = false
certmagic.DefaultACME.DisableTLSALPNChallenge = true
certmagic.DefaultACME.Logger = nil

certmagic.Default.Storage = &certmagic.FileStorage{
Path: cfg.DB.Dir + "/cert",
}
certmagic.Default.DefaultServerName = cfg.Host.Name[0]
certmagic.Default.Logger = nil
certmagic.Default.OnEvent = func(event string, data interface{}) {
message := ""

switch data := data.(type) {
case string:
message = data
case fmt.Stringer:
message = data.String()
certmagic.Default.Storage = &certmagic.FileStorage{
Path: cfg.DB.Dir + "/cert",
}
certmagic.Default.DefaultServerName = cfg.Host.Name[0]
certmagic.Default.Logger = nil
certmagic.Default.OnEvent = func(event string, data interface{}) {
message := ""

switch data := data.(type) {
case string:
message = data
case fmt.Stringer:
message = data.String()
}

if len(message) != 0 {
a.log.logger.core.WithComponent("certmagic").Info().WithField("event", event).Log(message)
if len(message) != 0 {
a.log.logger.core.WithComponent("certmagic").Info().WithField("event", event).Log(message)
}
}
}

magic := certmagic.NewDefault()
acme := certmagic.NewACMEIssuer(magic, certmagic.DefaultACME)
magic := certmagic.NewDefault()
acme := certmagic.NewACMEIssuer(magic, certmagic.DefaultACME)

magic.Issuers = []certmagic.Issuer{acme}
magic.Issuers = []certmagic.Issuer{acme}

autocertManager = magic
autocertManager = magic

// Start temporary http server on configured port
tempserver := &gohttp.Server{
Addr: cfg.Address,
Handler: acme.HTTPChallengeHandler(gohttp.HandlerFunc(func(w gohttp.ResponseWriter, r *gohttp.Request) {
w.WriteHeader(gohttp.StatusNotFound)
})),
ReadTimeout: 10 * time.Second,
WriteTimeout: 10 * time.Second,
MaxHeaderBytes: 1 << 20,
}
// Start temporary http server on configured port
tempserver := &gohttp.Server{
Addr: cfg.Address,
Handler: acme.HTTPChallengeHandler(gohttp.HandlerFunc(func(w gohttp.ResponseWriter, r *gohttp.Request) {
w.WriteHeader(gohttp.StatusNotFound)
})),
ReadTimeout: 10 * time.Second,
WriteTimeout: 10 * time.Second,
MaxHeaderBytes: 1 << 20,
}

wg := sync.WaitGroup{}
wg.Add(1)
wg := sync.WaitGroup{}
wg.Add(1)

go func() {
tempserver.ListenAndServe()
wg.Done()
}()
go func() {
tempserver.ListenAndServe()
wg.Done()
}()

var certerror bool
var certerror bool

// For each domain, get the certificate
for _, host := range cfg.Host.Name {
logger := a.log.logger.core.WithComponent("Let's Encrypt").WithField("host", host)
logger.Info().Log("Acquiring certificate ...")
// For each domain, get the certificate
for _, host := range cfg.Host.Name {
logger := a.log.logger.core.WithComponent("Let's Encrypt").WithField("host", host)
logger.Info().Log("Acquiring certificate ...")

ctx, cancel := context.WithDeadline(context.Background(), time.Now().Add(5*time.Minute))
ctx, cancel := context.WithDeadline(context.Background(), time.Now().Add(5*time.Minute))

err := autocertManager.ManageSync(ctx, []string{host})
err := autocertManager.ManageSync(ctx, []string{host})

cancel()
cancel()

if err != nil {
logger.Error().WithField("error", err).Log("Failed to acquire certificate")
certerror = true
break
}
if err != nil {
logger.Error().WithField("error", err).Log("Failed to acquire certificate")
certerror = true
break
}

logger.Info().Log("Successfully acquired certificate")
}
logger.Info().Log("Successfully acquired certificate")
}

// Shut down the temporary http server
tempserver.Close()
// Shut down the temporary http server
tempserver.Close()

wg.Wait()
wg.Wait()

if certerror {
a.log.logger.core.Warn().Log("Continuing with disabled TLS")
autocertManager = nil
cfg.TLS.Enable = false
if certerror {
a.log.logger.core.Warn().Log("Continuing with disabled TLS")
autocertManager = nil
cfg.TLS.Enable = false
} else {
cfg.TLS.CertFile = ""
cfg.TLS.KeyFile = ""
}
} else {
cfg.TLS.CertFile = ""
cfg.TLS.KeyFile = ""
a.log.logger.core.Info().Log("Enabling TLS with cert and key files")
}
}

Expand All @@ -756,14 +760,15 @@ func (a *api) start() error {
Collector: a.sessions.Collector("rtmp"),
}

if autocertManager != nil && cfg.RTMP.EnableTLS {
config.TLSConfig = &tls.Config{
GetCertificate: autocertManager.GetCertificate,
}

if cfg.RTMP.EnableTLS {
config.Logger = config.Logger.WithComponent("RTMP/S")

a.log.logger.rtmps = a.log.logger.core.WithComponent("RTMPS").WithField("address", cfg.RTMP.AddressTLS)
if autocertManager != nil {
config.TLSConfig = &tls.Config{
GetCertificate: autocertManager.GetCertificate,
}
}
}

rtmpserver, err := rtmp.New(config)
Expand Down

0 comments on commit f896c1a

Please sign in to comment.