-
Notifications
You must be signed in to change notification settings - Fork 0
/
Copy pathmain.go
86 lines (79 loc) · 2.73 KB
/
main.go
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
package main
import (
"fmt"
"os"
"strconv"
"text/template"
)
var tmpl = `
# {{.Service}}.uss-lib-staging.uoregon.edu
upstream {{.Service}}.uss-lib-staging.uoregon.edu {
server 127.0.0.1:{{.Port}};
}
server {
server_name {{.Service}}.uss-lib-staging.uoregon.edu;
listen 80;
access_log /var/log/nginx/access.log vhost;
return 301 https://$host$request_uri;
}
server {
server_name {{.Service}}.uss-lib-staging.uoregon.edu;
listen 443 ssl http2;
access_log /var/log/nginx/access.log vhost;
ssl_protocols TLSv1 TLSv1.1 TLSv1.2;
ssl_ciphers 'ECDHE-ECDSA-CHACHA20-POLY1305:ECDHE-RSA-CHACHA20-POLY1305:ECDHE-ECDSA-AES128-GCM-SHA256:ECDHE-RSA-AES128-GCM-SHA256:ECDHE-ECDSA-AES256-GCM-SHA384:ECDHE-RSA-AES256-GCM-SHA384:DHE-RSA-AES128-GCM-SHA256:DHE-RSA-AES256-GCM-SHA384:ECDHE-ECDSA-AES128-SHA256:ECDHE-RSA-AES128-SHA256:ECDHE-ECDSA-AES128-SHA:ECDHE-RSA-AES256-SHA384:ECDHE-RSA-AES128-SHA:ECDHE-ECDSA-AES256-SHA384:ECDHE-ECDSA-AES256-SHA:ECDHE-RSA-AES256-SHA:DHE-RSA-AES128-SHA256:DHE-RSA-AES128-SHA:DHE-RSA-AES256-SHA256:DHE-RSA-AES256-SHA:AES128-GCM-SHA256:AES256-GCM-SHA384:AES128-SHA256:AES256-SHA256:AES128-SHA:AES256-SHA:!DSS';
ssl_prefer_server_ciphers on;
ssl_session_timeout 5m;
ssl_session_cache shared:SSL:50m;
ssl_session_tickets off;
ssl_certificate /etc/nginx/certs/default.crt;
ssl_certificate_key /etc/nginx/certs/default.key;
add_header Strict-Transport-Security "max-age=31536000";
location / {
proxy_pass http://{{.Service}}.uss-lib-staging.uoregon.edu;
}
}
`
type Definition struct {
Service string
Port int
}
func main() {
var service = os.Getenv("SERVICE")
var port = os.Getenv("PORT")
var errs []string
if service == "" {
errs = append(errs, "SERVICE environment variable must be set")
}
var pnum, _ = strconv.Atoi(port)
if pnum < 1 {
errs = append(errs, "PORT environment variable must be set to a positive number")
}
if len(errs) > 0 {
fmt.Fprintln(os.Stderr, "Cannot generate config:")
for _, e := range errs {
fmt.Fprintln(os.Stderr, " - "+e)
}
fmt.Fprintln(os.Stderr)
fmt.Fprintln(os.Stderr, "Usage example:")
fmt.Fprintln(os.Stderr)
fmt.Fprintf(os.Stderr, "SERVICE=foo PORT=18333 %s\n", os.Args[0])
fmt.Fprintln(os.Stderr)
os.Exit(1)
}
var t = template.Must(template.New("conf").Parse(tmpl))
var data = Definition{Service: service, Port: pnum}
var fname = service+"-"+port+".conf"
var f, err = os.Create(fname)
if err != nil {
fmt.Fprintf(os.Stderr, "Unable to create config file %q: %s\n", fname, err)
os.Exit(1)
}
defer f.Close()
err = t.Execute(f, data)
if err != nil {
fmt.Fprintf(os.Stderr, "Unable to process config template: %s\n", err)
os.Exit(1)
}
fmt.Printf("Config file %q created. Copy this to /etc/nginx/conf.d/%s, then reload nginx\n", fname, fname)
}