summaryrefslogtreecommitdiff
path: root/pkg/config/main.go
blob: fa23257621c6b4c88f5dd54b7e85a52a5c549207 (plain) 
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95

package config

import (
	"flag"
	"log"
	"os"
)

const DefaultAuthenticationModule = "anonymous"

type Opts struct {
	Notls      bool
	CaCrt      string
	CaKey      string
	TlsCrt     string
	TlsKey     string
	Port       string
	Auth       string
	AuthSecret string
}

func fallbackToEnv(variable *string, envVar, defaultVar string) {

	if *variable == "" {
		val, exists := os.LookupEnv(envVar)
		if exists && val != "" {
			*variable = val
		} else {
			*variable = defaultVar
		}
	}
}

func doCaFilesSanityCheck(caCrt string, caKey string) {
	if _, err := os.Stat(caCrt); os.IsNotExist(err) {
		log.Fatal("cannot find caCrt file")
	}
	if _, err := os.Stat(caKey); os.IsNotExist(err) {
		log.Fatal("cannot find caKey file")
	}
}

func doTlsFilesSanityCheck(tlsCrt string, tlsKey string) {
	if _, err := os.Stat(tlsCrt); os.IsNotExist(err) {
		log.Fatal("cannot find tlsCrt file")
	}
	if _, err := os.Stat(tlsKey); os.IsNotExist(err) {
		log.Fatal("cannot find tlsKey file")
	}
}

func InitializeFlags(opts *Opts) {
	flag.BoolVar(&opts.Notls, "notls", false, "Disable TLS on the service")
	flag.StringVar(&opts.CaCrt, "caCrt", "", "Path to the CA public key")
	flag.StringVar(&opts.CaKey, "caKey", "", "Path to the CA private key")
	flag.StringVar(&opts.TlsCrt, "tlsCrt", "", "Path to the cert file for TLS")
	flag.StringVar(&opts.TlsKey, "tlsKey", "", "Path to the key file for TLS")
	flag.StringVar(&opts.Port, "port", "", "Port where the server will listen (default: 8000)")
	flag.StringVar(&opts.Auth, "auth", "", "Authentication module (anonymous, sip)")
	flag.StringVar(&opts.AuthSecret, "authSecret", "", "Authentication secret (optional)")
	flag.Parse()

	fallbackToEnv(&opts.CaCrt, "VPNWEB_CACRT", "")
	fallbackToEnv(&opts.CaKey, "VPNWEB_CAKEY", "")
	fallbackToEnv(&opts.TlsCrt, "VPNWEB_TLSCRT", "")
	fallbackToEnv(&opts.TlsKey, "VPNWEB_TLSKEY", "")
	fallbackToEnv(&opts.Port, "VPNWEB_PORT", "8000")
	fallbackToEnv(&opts.Auth, "VPNWEB_AUTH", DefaultAuthenticationModule)
	fallbackToEnv(&opts.AuthSecret, "VPNWEB_AUTHSECRET", "")
}

func CheckConfigurationOptions(opts *Opts) {
	if opts.CaCrt == "" {
		log.Fatal("missing caCrt parameter")
	}
	if opts.CaKey == "" {
		log.Fatal("missing caKey parameter")
	}

	if opts.Notls == false {
		if opts.TlsCrt == "" {
			log.Fatal("missing tls_crt parameter. maybe use -notls?")
		}
		if opts.TlsKey == "" {
			log.Fatal("missing tls_key parameter. maybe use -notls?")
		}
	}

	doCaFilesSanityCheck(opts.CaCrt, opts.CaKey)
	if opts.Notls == false {
		doTlsFilesSanityCheck(opts.TlsCrt, opts.TlsKey)
	}

	log.Println("Authentication module:", opts.Auth)
}
generated by cgit v1.2.3 (git 2.25.1) at 2024-05-19 07:25:21 +0000