Remove old global config and use new static config

old/tls/tls.go

@@ -0,0 +1,101 @@
+package tls
+
+import (
+	"crypto/tls"
+	"fmt"
+	"strings"
+
+	"github.com/containous/traefik/log"
+	"github.com/sirupsen/logrus"
+)
+
+const (
+	certificateHeader = "-----BEGIN CERTIFICATE-----\n"
+)
+
+// ClientCA defines traefik CA files for a entryPoint
+// and it indicates if they are mandatory or have just to be analyzed if provided
+type ClientCA struct {
+	Files    FilesOrContents
+	Optional bool
+}
+
+// TLS configures TLS for an entry point
+type TLS struct {
+	MinVersion         string `export:"true"`
+	CipherSuites       []string
+	Certificates       Certificates
+	ClientCA           ClientCA
+	DefaultCertificate *Certificate
+	SniStrict          bool `export:"true"`
+}
+
+// FilesOrContents hold the CA we want to have in root
+type FilesOrContents []FileOrContent
+
+// Configuration allows mapping a TLS certificate to a list of entrypoints
+type Configuration struct {
+	EntryPoints []string
+	Certificate *Certificate
+}
+
+// String is the method to format the flag's value, part of the flag.Value interface.
+// The String method's output will be used in diagnostics.
+func (r *FilesOrContents) String() string {
+	sliceOfString := make([]string, len([]FileOrContent(*r)))
+	for key, value := range *r {
+		sliceOfString[key] = value.String()
+	}
+	return strings.Join(sliceOfString, ",")
+}
+
+// Set is the method to set the flag value, part of the flag.Value interface.
+// Set's argument is a string to be parsed to set the flag.
+// It's a comma-separated list, so we split it.
+func (r *FilesOrContents) Set(value string) error {
+	filesOrContents := strings.Split(value, ",")
+	if len(filesOrContents) == 0 {
+		return fmt.Errorf("bad FilesOrContents format: %s", value)
+	}
+	for _, fileOrContent := range filesOrContents {
+		*r = append(*r, FileOrContent(fileOrContent))
+	}
+	return nil
+}
+
+// Get return the FilesOrContents list
+func (r *FilesOrContents) Get() interface{} {
+	return *r
+}
+
+// SetValue sets the FilesOrContents with val
+func (r *FilesOrContents) SetValue(val interface{}) {
+	*r = val.(FilesOrContents)
+}
+
+// Type is type of the struct
+func (r *FilesOrContents) Type() string {
+	return "filesorcontents"
+}
+
+// SortTLSPerEntryPoints converts TLS configuration sorted by Certificates into TLS configuration sorted by EntryPoints
+func SortTLSPerEntryPoints(configurations []*Configuration, epConfiguration map[string]map[string]*tls.Certificate, defaultEntryPoints []string) {
+	if epConfiguration == nil {
+		epConfiguration = make(map[string]map[string]*tls.Certificate)
+	}
+	for _, conf := range configurations {
+		if conf.EntryPoints == nil || len(conf.EntryPoints) == 0 {
+			if log.GetLevel() >= logrus.DebugLevel {
+				log.Debugf("No entryPoint is defined to add the certificate %s, it will be added to the default entryPoints: %s",
+					conf.Certificate.getTruncatedCertificateName(),
+					strings.Join(defaultEntryPoints, ", "))
+			}
+			conf.EntryPoints = append(conf.EntryPoints, defaultEntryPoints...)
+		}
+		for _, ep := range conf.EntryPoints {
+			if err := conf.Certificate.AppendCertificates(epConfiguration, ep); err != nil {
+				log.Errorf("Unable to append certificate %s to entrypoint %s: %v", conf.Certificate.getTruncatedCertificateName(), ep, err)
+			}
+		}
+	}
+}