From 1cd7e82d67930d143be30ec9f524137c2b13509e Mon Sep 17 00:00:00 2001 From: Eduard Urbach Date: Wed, 8 Nov 2017 10:53:27 +0100 Subject: [PATCH] Added default keys for testing --- main.go | 16 +++--- security.go | 33 ++++++++++++ security/.gitignore | 3 +- .../api-keys.json} | 0 security/default/fullchain.pem | 34 +++++++++++++ security/default/privkey.pem | 51 +++++++++++++++++++ 6 files changed, 128 insertions(+), 9 deletions(-) create mode 100644 security.go rename security/{default-api-keys.json => default/api-keys.json} (100%) create mode 100644 security/default/fullchain.pem create mode 100644 security/default/privkey.pem diff --git a/main.go b/main.go index 37390d3f..7358e6e6 100644 --- a/main.go +++ b/main.go @@ -19,12 +19,6 @@ func main() { } func configure(app *aero.Application) *aero.Application { - // HTTPS - app.Security.Load("security/fullchain.pem", "security/privkey.pem") - - // CSS - app.SetStyle(css.Bundle()) - // Sessions app.Sessions.Duration = 3600 * 24 * 30 * 6 app.Sessions.Store = nanostore.New(arn.DB.Collection("Session")) @@ -32,12 +26,18 @@ func configure(app *aero.Application) *aero.Application { // Layout app.Layout = layout.Render - // Pages - pages.Configure(app) + // CSS + app.SetStyle(css.Bundle()) + + // Security + configureHTTPS(app) // Assets configureAssets(app) + // Pages + pages.Configure(app) + // Rewrite app.Rewrite(rewrite) diff --git a/security.go b/security.go new file mode 100644 index 00000000..7cc64438 --- /dev/null +++ b/security.go @@ -0,0 +1,33 @@ +package main + +import ( + "os" + + "github.com/aerogo/aero" +) + +func configureHTTPS(app *aero.Application) { + fullCertPath := "security/fullchain.pem" + fullKeyPath := "security/privkey.pem" + + if _, err := os.Stat(fullCertPath); os.IsNotExist(err) { + defaultCertPath := "security/default/fullchain.pem" + err := os.Link(defaultCertPath, fullCertPath) + + if err != nil { + panic(err) + } + } + + if _, err := os.Stat(fullKeyPath); os.IsNotExist(err) { + defaultKeyPath := "security/default/privkey.pem" + err := os.Link(defaultKeyPath, fullKeyPath) + + if err != nil { + panic(err) + } + } + + // HTTPS + app.Security.Load(fullCertPath, fullKeyPath) +} diff --git a/security/.gitignore b/security/.gitignore index d3adb79a..a1f54f4f 100644 --- a/security/.gitignore +++ b/security/.gitignore @@ -1,4 +1,5 @@ * !.gitignore -!default-api-keys.json +!default +!default/* !README.md \ No newline at end of file diff --git a/security/default-api-keys.json b/security/default/api-keys.json similarity index 100% rename from security/default-api-keys.json rename to security/default/api-keys.json diff --git a/security/default/fullchain.pem b/security/default/fullchain.pem new file mode 100644 index 00000000..aa1443b6 --- /dev/null +++ b/security/default/fullchain.pem @@ -0,0 +1,34 @@ +-----BEGIN CERTIFICATE----- +MIIF9zCCA9+gAwIBAgIJAKf/LujsjzTPMA0GCSqGSIb3DQEBBQUAMFoxCzAJBgNV +BAYTAkFVMRMwEQYDVQQIEwpTb21lLVN0YXRlMRwwGgYDVQQKExNBbmltZSBOb3Rp +ZmllciBCZXRhMRgwFgYDVQQDEw9iZXRhLm5vdGlmeS5tb2UwHhcNMTcxMTA4MDkz +MDM3WhcNMTgxMTA4MDkzMDM3WjBaMQswCQYDVQQGEwJBVTETMBEGA1UECBMKU29t +ZS1TdGF0ZTEcMBoGA1UEChMTQW5pbWUgTm90aWZpZXIgQmV0YTEYMBYGA1UEAxMP +YmV0YS5ub3RpZnkubW9lMIICIjANBgkqhkiG9w0BAQEFAAOCAg8AMIICCgKCAgEA +5AxmKRZ+6tPM03UgZxbdQB2E8VsxOfALlPCaJJp+vnAWFnMgQ5SAsTH19egS7ZHa +GOy6xkIuKedWzlHYvzXjSp6ybO/ErLz6cEqc8Wi0CsJrgyZ0f2P40Bwmf2gBkOUZ +1Mu15YRs3wqDL/+eiEtHI0HIbVuSZ/1L9GfVQv77wGvspA3u/8E7Wc+VRsYz59yT +Vo+/lSWatiPu8rGTs5P9r+tguef9Zh3U+eN5Cheh+KFpWqJaHa/Zdt2A8KLsPaG0 +aTfWMC20w63GMgAwWH2fsSD7Lczu8eeA/7uIPIUlRj7CJK1UaGKZIFmJw5HTc6wO +6fRtlbdtaw43tGmTkeqPXANQiQyLw++1pdYdFKYdrcr0tDUFSpBaryaq4yZ6m2Lq +OLM/icHKt1j5c1yhuSTjpz+dX0VC/O3N8zw566yic/1AYbJBJDOx+FQRAgMEBEIl +wKXx+037n6qgFrODtDySOczswXb26UglhHVHr5bhyCnWr+En9Tc0S75drPFVHnUU +Wx49fL/Pxx/ZSHR/IGlJu3nA971h31RBeNsXwOvT9OfBAZLseLw1X3LauQh2MQBK +v7bnAK69TM+qS9Cd48JWOFJQmJDIK62EB7n+ZV/O13g3H1DGFQBurJpazWhWDXQ7 +febDuMrBWmmfDdoe4noTl2MFSLVvI7HP0RXaSpuRzc8CAwEAAaOBvzCBvDAdBgNV +HQ4EFgQUzuQ5jfpqKObuoVSnlBZqI8NAE/swgYwGA1UdIwSBhDCBgYAUzuQ5jfpq +KObuoVSnlBZqI8NAE/uhXqRcMFoxCzAJBgNVBAYTAkFVMRMwEQYDVQQIEwpTb21l +LVN0YXRlMRwwGgYDVQQKExNBbmltZSBOb3RpZmllciBCZXRhMRgwFgYDVQQDEw9i +ZXRhLm5vdGlmeS5tb2WCCQCn/y7o7I80zzAMBgNVHRMEBTADAQH/MA0GCSqGSIb3 +DQEBBQUAA4ICAQAoOqMm0/9Pc9ocGpJ8lJ4pvWZqlynO+oL8IUDX5y+Dz9mZy/sx +u/nj/oTz1BuFneLIIapyJ3EwZ6Szncy/L29YmveLwv2P0hp5uL1X7DCdrTb39rYB +u3sDfKfSaClSC7YWEd85y3sog8iBVxqloKqHcjy+JM8hQ2lDHmaFHb5WaC5ltWVm +ID0Xj+m6Bfui68CJYxAnj7lKYi8XwRbojTX6N4f5Kyk1Thc1evGK8IUwZKgMtj62 +xEkIijHDM7TdUfTyMVnpdO60SQyrzHNX4NV1V4c9TESASiopgh5HCvUcvb6Uuhst +kjtt/Kc1EJjVdqlCEeq1y1jx4babHaFy/EHXKmN9CmhY2X+YeFUj2y6qgyT9STOe +/jVFVFvGdxn7EA4/Gzzt09EH9cakf8C0CGUOZRLtlpmiDWSsza6FbVHv2MBdI1uq +9v8vUdqQXzny1b5R/oFXv+j/3u2uxLx6SJicbm6/taFJ0vMGjdqXDygsCtnEtGfX +6KGMTF4c4+9VryL6Zs8gE1knLfq8qzLPgGN6co71j4PmBAxJWnvx+NrOCngu1tDQ +YKXiVgwWua3uDHr3ka1YbQNVPWcE0S9UoKE5jXJnSEQfSNUYaELo785rz0QPMHjO +8zaZG+E9GglhW9NAiO4i8Ylq7JKUO4oSgBPmViFGJW0CH7f6HUwTp7yIkQ== +-----END CERTIFICATE----- diff --git a/security/default/privkey.pem b/security/default/privkey.pem new file mode 100644 index 00000000..4a260639 --- /dev/null +++ b/security/default/privkey.pem @@ -0,0 +1,51 @@ +-----BEGIN RSA PRIVATE KEY----- +MIIJKQIBAAKCAgEA5AxmKRZ+6tPM03UgZxbdQB2E8VsxOfALlPCaJJp+vnAWFnMg +Q5SAsTH19egS7ZHaGOy6xkIuKedWzlHYvzXjSp6ybO/ErLz6cEqc8Wi0CsJrgyZ0 +f2P40Bwmf2gBkOUZ1Mu15YRs3wqDL/+eiEtHI0HIbVuSZ/1L9GfVQv77wGvspA3u +/8E7Wc+VRsYz59yTVo+/lSWatiPu8rGTs5P9r+tguef9Zh3U+eN5Cheh+KFpWqJa +Ha/Zdt2A8KLsPaG0aTfWMC20w63GMgAwWH2fsSD7Lczu8eeA/7uIPIUlRj7CJK1U +aGKZIFmJw5HTc6wO6fRtlbdtaw43tGmTkeqPXANQiQyLw++1pdYdFKYdrcr0tDUF +SpBaryaq4yZ6m2LqOLM/icHKt1j5c1yhuSTjpz+dX0VC/O3N8zw566yic/1AYbJB +JDOx+FQRAgMEBEIlwKXx+037n6qgFrODtDySOczswXb26UglhHVHr5bhyCnWr+En +9Tc0S75drPFVHnUUWx49fL/Pxx/ZSHR/IGlJu3nA971h31RBeNsXwOvT9OfBAZLs +eLw1X3LauQh2MQBKv7bnAK69TM+qS9Cd48JWOFJQmJDIK62EB7n+ZV/O13g3H1DG +FQBurJpazWhWDXQ7febDuMrBWmmfDdoe4noTl2MFSLVvI7HP0RXaSpuRzc8CAwEA +AQKCAgAdeDC3fI24INimNsuSJtU+lNH6MpOg7hFBFPqGYmSgjXF9QzFXKlibDV7A +gVX411E8yVK1jhXTGm8QSGlfBEK0AOADzdQ3klA2tJ2lYKdrgIZOM2j4kV203v5m +lnUlWUXGRvDhkQRUqlIboMfGyxuNRdH1t9CqmYP4OHbJqpOz4P56kMZizICz8WxT +8gcBHnL3y6mxR2O/x9L4D9SLb0NoOV2NiJopWQ+Nn0Sj9jvbGli3+qT0kyXiA2vH +LPakXEIpGqsWHMHwS4OCMJ4OwWUiiaWL3KDAJ+92nLBVSctwUWnbPX7b4mnxUUDJ +Qg32M7TVrN2AbGy6WeL+8Gm+gHY36kxgbCo+DHroxS4rA8zy0yVuTGC2G7rlQXa5 +73XdzDzOrGqCKbNVxqSw/QCIg71yuReVS1Tq6UFKqQCUssfH0R7qsDxguOsJzx9j +rmxwwSqIAhIzx1sE0Lg07LBkXFj9rmhPfBhH1nUnIzXDw+05uWGx3kfmQwP52o+z +4VGko4g/9hQEGZIu7eGpiBnfgTCSxvU3DyXg+ojKQtEYt4oPF+UqZAAza0TV9S+A +P282JFZtqjODUOb/JnmqCPPJHNFXdKRRWnVnznKw09kwq4R8QB2QnKR5U7RV3E7c +IvA1cVAbAYuFuISHDw9rbNR2S5VKyHa2VuP0uNUd4hRQw+YiKQKCAQEA9ip9rXgz +sEI+lKamOaocj6IdaUyBztVOmg/g2lZEk96BkQ4PMBrRqJLASQ7udSkpdM144KXT +N91ULYFPpoSZuodAA1CKAWgAAPesdOQOzZChWW3HzKbI/YZqzo4unLquCetU5byP +qrAAHea3BnW5jpnO34cgOoQxYS0nGPJRGRIgDL1OiPPzVoWjpHDqFIjkP+7AWV+B +jHh/fV9s2D2y5FK6tdocoCgbETAFhQ1K33c2S1THWdVEMhkoxhTEFR+V/AUiie7t +TUzSYYcg430dfp+fII4tSMjrjnwdQW2qY3aGDwwyoykQIUCXPCUEmHsH3EM5GNT0 +xpk3B/dEVyg6xQKCAQEA7SifSlHqye0QIt+1jQIK7SVDlY2apSML1v8zzhj+7uM+ +L138qeJ0PpQ73e7w4uAM9yWsz7wzGzo6kjSFy6Qyjy10SqRHNkGLcFqC7tH3KPlS +jBRNVUuk5hRFfEUzgMmMr8+kWxEPkI1RjCjeZWh4cjS1uIOV0DcqRyL3pxGFSnMd +8vDlGwKf8ZKJGdReMyM0CibqFkPWC3ErEpfJfh3myXngLKTU2xWaaNEjVAddyKof +4Cef8VtCwnsV19lQ/YPjaxF0MIpHx/kU7MsqGwLO9xalwV6/uHGQTK/aBhHg27Pw +sG9U8USSW8LGaUMTK/BU1MqfFdZg882JySSAtsR/gwKCAQEA80BPyrBCG4WKg6ge +EFN6P7EJ8TjJ+RItxu2z2u1ufNReInHLLlUCIttJKaiYmKvhLGuybANRMh4DBaiH +hdv4cSsfZWcbyIH1pv8XqraFrjqiRlXGHwQdDvHZ71zu0K9kNacX0KFBMoESzHll +GPwSLcjtdVL41Po2NXnB7dPdsbGIfC5BQfIW3sPWTjPKDBqtukN6TZaj1KRqDwDR +9OkbMqZRnEv5B4Y6IQTcH3tgJmyN+WjASZQF/J+B/CMfFGSO+Gg2lijE1CL6racz +J7lGAQ9I1onIU+k/ZCBfZH0y53CCzrHWBAcaylEiYSuPXAIPZWgELvaZHvreN3/v +R1UYpQKCAQEA6TmjvPDmVwIddk5OOoehuymEV1TUmkXm5N5AUhRe0QsFIovpaCBd +dRVN8qmCl3sDBSI12m0YTVRsOVARq/ykBA4NaUI5DfBTcoBwdvBhghf+x+dHTfSA +DAwvcVCUn7iV9GfdF/mlNuDjK1UdsNiWaqnPc89jy0oU97Q5nEEstdSTxVCF3pQs +OuOClLY2lU+vY7R1TMQVgVcfpr9C1hYN2mFSxlSrR3DtUtspRP+hiS9U/Zm6Px8i +fiORjZ4Xedj0E10syHeUs+IOY/hARiPy6SeKhqnpHTgBUok1ffajDSzeLISwIjzv +OfJIMUhXWESXCFTjMhSLb/fX4slVE2gWhQKCAQANZZcYce91zSs9eWD+FfNC4M7j +Cjr1ONTuK9OpM+Gb3cWjSOCEoI4TjEIn2BW1cPQ9pPy1uYxb70wi0ABiK71ayPFb +JcPkiE626r379vMiKKFyY5VuhVP5TnooXPub4VfYvcSXG3y9t9Bb917GxFgGgBoY +jAHegdoen/szP1EOq6tPO9tX7j+51DBbBfQTjYRpn8xE1CGrgPDsjp0OK07hnynA +qb8gXcd1xFSQ8QlMYSjm0C7VzHfv614oaWvSB3u9ioEmR3dVqEKHqAjmyboomaE/ +cKQmFPf3yeZ+iiX+5eINry+Bb4uGU5guwZLEPrhcFwPlaVx7A4co0EOpVTvk +-----END RSA PRIVATE KEY-----