Update linter
This commit is contained in:
parent
f12c27aa7c
commit
328611c619
157 changed files with 489 additions and 508 deletions
|
@ -12,7 +12,7 @@ import (
|
|||
"github.com/go-acme/lego/v3/registration"
|
||||
)
|
||||
|
||||
// Account is used to store lets encrypt registration info
|
||||
// Account is used to store lets encrypt registration info.
|
||||
type Account struct {
|
||||
Email string
|
||||
Registration *registration.Resource
|
||||
|
@ -21,11 +21,11 @@ type Account struct {
|
|||
}
|
||||
|
||||
const (
|
||||
// RegistrationURLPathV1Regexp is a regexp which match ACME registration URL in the V1 format
|
||||
// RegistrationURLPathV1Regexp is a regexp which match ACME registration URL in the V1 format.
|
||||
RegistrationURLPathV1Regexp = `^.*/acme/reg/\d+$`
|
||||
)
|
||||
|
||||
// NewAccount creates an account
|
||||
// NewAccount creates an account.
|
||||
func NewAccount(ctx context.Context, email string, keyTypeValue string) (*Account, error) {
|
||||
keyType := GetKeyType(ctx, keyTypeValue)
|
||||
|
||||
|
@ -42,17 +42,17 @@ func NewAccount(ctx context.Context, email string, keyTypeValue string) (*Accoun
|
|||
}, nil
|
||||
}
|
||||
|
||||
// GetEmail returns email
|
||||
// GetEmail returns email.
|
||||
func (a *Account) GetEmail() string {
|
||||
return a.Email
|
||||
}
|
||||
|
||||
// GetRegistration returns lets encrypt registration resource
|
||||
// GetRegistration returns lets encrypt registration resource.
|
||||
func (a *Account) GetRegistration() *registration.Resource {
|
||||
return a.Registration
|
||||
}
|
||||
|
||||
// GetPrivateKey returns private key
|
||||
// GetPrivateKey returns private key.
|
||||
func (a *Account) GetPrivateKey() crypto.PrivateKey {
|
||||
privateKey, err := x509.ParsePKCS1PrivateKey(a.PrivateKey)
|
||||
if err != nil {
|
||||
|
@ -64,7 +64,7 @@ func (a *Account) GetPrivateKey() crypto.PrivateKey {
|
|||
return privateKey
|
||||
}
|
||||
|
||||
// GetKeyType used to determine which algo to used
|
||||
// GetKeyType used to determine which algo to used.
|
||||
func GetKeyType(ctx context.Context, value string) certcrypto.KeyType {
|
||||
logger := log.FromContext(ctx)
|
||||
|
||||
|
|
|
@ -13,7 +13,7 @@ import (
|
|||
|
||||
var _ Store = (*LocalStore)(nil)
|
||||
|
||||
// LocalStore Stores implementation for local file
|
||||
// LocalStore Stores implementation for local file.
|
||||
type LocalStore struct {
|
||||
saveDataChan chan map[string]*StoredData
|
||||
filename string
|
||||
|
@ -22,7 +22,7 @@ type LocalStore struct {
|
|||
storedData map[string]*StoredData
|
||||
}
|
||||
|
||||
// NewLocalStore initializes a new LocalStore with a file name
|
||||
// NewLocalStore initializes a new LocalStore with a file name.
|
||||
func NewLocalStore(filename string) *LocalStore {
|
||||
store := &LocalStore{filename: filename, saveDataChan: make(chan map[string]*StoredData)}
|
||||
store.listenSaveAction()
|
||||
|
@ -93,7 +93,7 @@ func (s *LocalStore) get(resolverName string) (*StoredData, error) {
|
|||
return s.storedData[resolverName], nil
|
||||
}
|
||||
|
||||
// listenSaveAction listens to a chan to store ACME data in json format into LocalStore.filename
|
||||
// listenSaveAction listens to a chan to store ACME data in json format into `LocalStore.filename`.
|
||||
func (s *LocalStore) listenSaveAction() {
|
||||
safe.Go(func() {
|
||||
logger := log.WithoutContext().WithField(log.ProviderName, "acme")
|
||||
|
@ -111,7 +111,7 @@ func (s *LocalStore) listenSaveAction() {
|
|||
})
|
||||
}
|
||||
|
||||
// GetAccount returns ACME Account
|
||||
// GetAccount returns ACME Account.
|
||||
func (s *LocalStore) GetAccount(resolverName string) (*Account, error) {
|
||||
storedData, err := s.get(resolverName)
|
||||
if err != nil {
|
||||
|
@ -121,7 +121,7 @@ func (s *LocalStore) GetAccount(resolverName string) (*Account, error) {
|
|||
return storedData.Account, nil
|
||||
}
|
||||
|
||||
// SaveAccount stores ACME Account
|
||||
// SaveAccount stores ACME Account.
|
||||
func (s *LocalStore) SaveAccount(resolverName string, account *Account) error {
|
||||
storedData, err := s.get(resolverName)
|
||||
if err != nil {
|
||||
|
@ -134,7 +134,7 @@ func (s *LocalStore) SaveAccount(resolverName string, account *Account) error {
|
|||
return nil
|
||||
}
|
||||
|
||||
// GetCertificates returns ACME Certificates list
|
||||
// GetCertificates returns ACME Certificates list.
|
||||
func (s *LocalStore) GetCertificates(resolverName string) ([]*CertAndStore, error) {
|
||||
storedData, err := s.get(resolverName)
|
||||
if err != nil {
|
||||
|
@ -144,7 +144,7 @@ func (s *LocalStore) GetCertificates(resolverName string) ([]*CertAndStore, erro
|
|||
return storedData.Certificates, nil
|
||||
}
|
||||
|
||||
// SaveCertificates stores ACME Certificates list
|
||||
// SaveCertificates stores ACME Certificates list.
|
||||
func (s *LocalStore) SaveCertificates(resolverName string, certificates []*CertAndStore) error {
|
||||
storedData, err := s.get(resolverName)
|
||||
if err != nil {
|
||||
|
@ -173,7 +173,7 @@ func NewLocalChallengeStore() *LocalChallengeStore {
|
|||
}
|
||||
}
|
||||
|
||||
// GetHTTPChallengeToken Get the http challenge token from the store
|
||||
// GetHTTPChallengeToken Get the http challenge token from the store.
|
||||
func (s *LocalChallengeStore) GetHTTPChallengeToken(token, domain string) ([]byte, error) {
|
||||
s.lock.RLock()
|
||||
defer s.lock.RUnlock()
|
||||
|
@ -193,7 +193,7 @@ func (s *LocalChallengeStore) GetHTTPChallengeToken(token, domain string) ([]byt
|
|||
return result, nil
|
||||
}
|
||||
|
||||
// SetHTTPChallengeToken Set the http challenge token in the store
|
||||
// SetHTTPChallengeToken Set the http challenge token in the store.
|
||||
func (s *LocalChallengeStore) SetHTTPChallengeToken(token, domain string, keyAuth []byte) error {
|
||||
s.lock.Lock()
|
||||
defer s.lock.Unlock()
|
||||
|
@ -210,7 +210,7 @@ func (s *LocalChallengeStore) SetHTTPChallengeToken(token, domain string, keyAut
|
|||
return nil
|
||||
}
|
||||
|
||||
// RemoveHTTPChallengeToken Remove the http challenge token in the store
|
||||
// RemoveHTTPChallengeToken Remove the http challenge token in the store.
|
||||
func (s *LocalChallengeStore) RemoveHTTPChallengeToken(token, domain string) error {
|
||||
s.lock.Lock()
|
||||
defer s.lock.Unlock()
|
||||
|
@ -228,7 +228,7 @@ func (s *LocalChallengeStore) RemoveHTTPChallengeToken(token, domain string) err
|
|||
return nil
|
||||
}
|
||||
|
||||
// AddTLSChallenge Add a certificate to the ACME TLS-ALPN-01 certificates storage
|
||||
// AddTLSChallenge Add a certificate to the ACME TLS-ALPN-01 certificates storage.
|
||||
func (s *LocalChallengeStore) AddTLSChallenge(domain string, cert *Certificate) error {
|
||||
s.lock.Lock()
|
||||
defer s.lock.Unlock()
|
||||
|
@ -241,7 +241,7 @@ func (s *LocalChallengeStore) AddTLSChallenge(domain string, cert *Certificate)
|
|||
return nil
|
||||
}
|
||||
|
||||
// GetTLSChallenge Get a certificate from the ACME TLS-ALPN-01 certificates storage
|
||||
// GetTLSChallenge Get a certificate from the ACME TLS-ALPN-01 certificates storage.
|
||||
func (s *LocalChallengeStore) GetTLSChallenge(domain string) (*Certificate, error) {
|
||||
s.lock.Lock()
|
||||
defer s.lock.Unlock()
|
||||
|
@ -253,7 +253,7 @@ func (s *LocalChallengeStore) GetTLSChallenge(domain string) (*Certificate, erro
|
|||
return s.storedData.TLSChallenges[domain], nil
|
||||
}
|
||||
|
||||
// RemoveTLSChallenge Remove a certificate from the ACME TLS-ALPN-01 certificates storage
|
||||
// RemoveTLSChallenge Remove a certificate from the ACME TLS-ALPN-01 certificates storage.
|
||||
func (s *LocalChallengeStore) RemoveTLSChallenge(domain string) error {
|
||||
s.lock.Lock()
|
||||
defer s.lock.Unlock()
|
||||
|
|
|
@ -7,7 +7,7 @@ import (
|
|||
"os"
|
||||
)
|
||||
|
||||
// CheckFile checks file permissions and content size
|
||||
// CheckFile checks file permissions and content size.
|
||||
func CheckFile(name string) (bool, error) {
|
||||
f, err := os.Open(name)
|
||||
if err != nil {
|
||||
|
|
|
@ -28,11 +28,11 @@ import (
|
|||
)
|
||||
|
||||
var (
|
||||
// oscpMustStaple enables OSCP stapling as from https://github.com/go-acme/lego/issues/270
|
||||
// oscpMustStaple enables OSCP stapling as from https://github.com/go-acme/lego/issues/270.
|
||||
oscpMustStaple = false
|
||||
)
|
||||
|
||||
// Configuration holds ACME configuration provided by users
|
||||
// Configuration holds ACME configuration provided by users.
|
||||
type Configuration struct {
|
||||
Email string `description:"Email address used for registration." json:"email,omitempty" toml:"email,omitempty" yaml:"email,omitempty"`
|
||||
CAServer string `description:"CA server to use." json:"caServer,omitempty" toml:"caServer,omitempty" yaml:"caServer,omitempty"`
|
||||
|
@ -56,14 +56,14 @@ type CertAndStore struct {
|
|||
Store string
|
||||
}
|
||||
|
||||
// Certificate is a struct which contains all data needed from an ACME certificate
|
||||
// Certificate is a struct which contains all data needed from an ACME certificate.
|
||||
type Certificate struct {
|
||||
Domain types.Domain `json:"domain,omitempty" toml:"domain,omitempty" yaml:"domain,omitempty"`
|
||||
Certificate []byte `json:"certificate,omitempty" toml:"certificate,omitempty" yaml:"certificate,omitempty"`
|
||||
Key []byte `json:"key,omitempty" toml:"key,omitempty" yaml:"key,omitempty"`
|
||||
}
|
||||
|
||||
// DNSChallenge contains DNS challenge Configuration
|
||||
// DNSChallenge contains DNS challenge Configuration.
|
||||
type DNSChallenge struct {
|
||||
Provider string `description:"Use a DNS-01 based challenge provider rather than HTTPS." json:"provider,omitempty" toml:"provider,omitempty" yaml:"provider,omitempty"`
|
||||
DelayBeforeCheck types.Duration `description:"Assume DNS propagates after a delay in seconds rather than finding and querying nameservers." json:"delayBeforeCheck,omitempty" toml:"delayBeforeCheck,omitempty" yaml:"delayBeforeCheck,omitempty"`
|
||||
|
@ -71,12 +71,12 @@ type DNSChallenge struct {
|
|||
DisablePropagationCheck bool `description:"Disable the DNS propagation checks before notifying ACME that the DNS challenge is ready. [not recommended]" json:"disablePropagationCheck,omitempty" toml:"disablePropagationCheck,omitempty" yaml:"disablePropagationCheck,omitempty"`
|
||||
}
|
||||
|
||||
// HTTPChallenge contains HTTP challenge Configuration
|
||||
// HTTPChallenge contains HTTP challenge Configuration.
|
||||
type HTTPChallenge struct {
|
||||
EntryPoint string `description:"HTTP challenge EntryPoint" json:"entryPoint,omitempty" toml:"entryPoint,omitempty" yaml:"entryPoint,omitempty"`
|
||||
}
|
||||
|
||||
// TLSChallenge contains TLS challenge Configuration
|
||||
// TLSChallenge contains TLS challenge Configuration.
|
||||
type TLSChallenge struct{}
|
||||
|
||||
// Provider holds configurations of the provider.
|
||||
|
@ -98,22 +98,22 @@ type Provider struct {
|
|||
resolvingDomainsMutex sync.RWMutex
|
||||
}
|
||||
|
||||
// SetTLSManager sets the tls manager to use
|
||||
// SetTLSManager sets the tls manager to use.
|
||||
func (p *Provider) SetTLSManager(tlsManager *traefiktls.Manager) {
|
||||
p.tlsManager = tlsManager
|
||||
}
|
||||
|
||||
// SetConfigListenerChan initializes the configFromListenerChan
|
||||
// SetConfigListenerChan initializes the configFromListenerChan.
|
||||
func (p *Provider) SetConfigListenerChan(configFromListenerChan chan dynamic.Configuration) {
|
||||
p.configFromListenerChan = configFromListenerChan
|
||||
}
|
||||
|
||||
// ListenConfiguration sets a new Configuration into the configFromListenerChan
|
||||
// ListenConfiguration sets a new Configuration into the configFromListenerChan.
|
||||
func (p *Provider) ListenConfiguration(config dynamic.Configuration) {
|
||||
p.configFromListenerChan <- config
|
||||
}
|
||||
|
||||
// Init for compatibility reason the BaseProvider implements an empty Init
|
||||
// Init for compatibility reason the BaseProvider implements an empty Init.
|
||||
func (p *Provider) Init() error {
|
||||
ctx := log.With(context.Background(), log.Str(log.ProviderName, p.ResolverName+".acme"))
|
||||
logger := log.FromContext(ctx)
|
||||
|
@ -125,7 +125,7 @@ func (p *Provider) Init() error {
|
|||
var err error
|
||||
p.account, err = p.Store.GetAccount(p.ResolverName)
|
||||
if err != nil {
|
||||
return fmt.Errorf("unable to get ACME account: %v", err)
|
||||
return fmt.Errorf("unable to get ACME account: %w", err)
|
||||
}
|
||||
|
||||
// Reset Account if caServer changed, thus registration URI can be updated
|
||||
|
@ -136,7 +136,7 @@ func (p *Provider) Init() error {
|
|||
|
||||
p.certificates, err = p.Store.GetCertificates(p.ResolverName)
|
||||
if err != nil {
|
||||
return fmt.Errorf("unable to get ACME certificates : %v", err)
|
||||
return fmt.Errorf("unable to get ACME certificates : %w", err)
|
||||
}
|
||||
|
||||
// Init the currently resolved domain map
|
||||
|
@ -442,7 +442,7 @@ func (p *Provider) resolveCertificate(ctx context.Context, domain types.Domain,
|
|||
|
||||
client, err := p.getClient()
|
||||
if err != nil {
|
||||
return nil, fmt.Errorf("cannot get ACME client %v", err)
|
||||
return nil, fmt.Errorf("cannot get ACME client %w", err)
|
||||
}
|
||||
|
||||
request := certificate.ObtainRequest{
|
||||
|
@ -453,7 +453,7 @@ func (p *Provider) resolveCertificate(ctx context.Context, domain types.Domain,
|
|||
|
||||
cert, err := client.Certificate.Obtain(request)
|
||||
if err != nil {
|
||||
return nil, fmt.Errorf("unable to generate a certificate for the domains %v: %v", uncheckedDomains, err)
|
||||
return nil, fmt.Errorf("unable to generate a certificate for the domains %v: %w", uncheckedDomains, err)
|
||||
}
|
||||
if cert == nil {
|
||||
return nil, fmt.Errorf("domains %v do not generate a certificate", uncheckedDomains)
|
||||
|
@ -498,7 +498,7 @@ func (p *Provider) addCertificateForDomain(domain types.Domain, certificate []by
|
|||
|
||||
// deleteUnnecessaryDomains deletes from the configuration :
|
||||
// - Duplicated domains
|
||||
// - Domains which are checked by wildcard domain
|
||||
// - Domains which are checked by wildcard domain.
|
||||
func deleteUnnecessaryDomains(ctx context.Context, domains []types.Domain) []types.Domain {
|
||||
var newDomains []types.Domain
|
||||
|
||||
|
@ -657,7 +657,7 @@ func (p *Provider) renewCertificates(ctx context.Context) {
|
|||
}
|
||||
|
||||
// Get provided certificate which check a domains list (Main and SANs)
|
||||
// from static and dynamic provided certificates
|
||||
// from static and dynamic provided certificates.
|
||||
func (p *Provider) getUncheckedDomains(ctx context.Context, domainsToCheck []string, tlsStore string) []string {
|
||||
p.resolvingDomainsMutex.RLock()
|
||||
defer p.resolvingDomainsMutex.RUnlock()
|
||||
|
@ -716,7 +716,7 @@ func getX509Certificate(ctx context.Context, cert *Certificate) (*x509.Certifica
|
|||
return crt, err
|
||||
}
|
||||
|
||||
// getValidDomains checks if given domain is allowed to generate a ACME certificate and return it
|
||||
// getValidDomains checks if given domain is allowed to generate a ACME certificate and return it.
|
||||
func (p *Provider) getValidDomains(ctx context.Context, domain types.Domain) ([]string, error) {
|
||||
domains := domain.ToStrArray()
|
||||
if len(domains) == 0 {
|
||||
|
|
Loading…
Add table
Add a link
Reference in a new issue