From 9a495fa942b171f163d521494813a8d88ab940e2 Mon Sep 17 00:00:00 2001 From: Diogo Monica Date: Tue, 31 Mar 2015 18:22:13 -0700 Subject: [PATCH] Initial working server commit --- Dockerfile | 9 ++++ cmd/vetinari-server/main.go | 89 ++++++++++++++++++++++++++++++++ cmd/vetinari-server/main_test.go | 1 + fixtures/ca-key.pem | 27 ++++++++++ fixtures/ca.pem | 18 +++++++ server/handlers/default.go | 17 ++++++ server/handlers/default_test.go | 1 + 7 files changed, 162 insertions(+) create mode 100644 Dockerfile create mode 100644 cmd/vetinari-server/main.go create mode 100644 cmd/vetinari-server/main_test.go create mode 100644 fixtures/ca-key.pem create mode 100644 fixtures/ca.pem create mode 100644 server/handlers/default.go create mode 100644 server/handlers/default_test.go diff --git a/Dockerfile b/Dockerfile new file mode 100644 index 0000000000..c46f05897a --- /dev/null +++ b/Dockerfile @@ -0,0 +1,9 @@ +FROM golang + +COPY . /go/src/github.com/docker/vetinari + +RUN go get github.com/docker/vetinari/cmd/vetinari-server + +EXPOSE 4443 + +CMD vetinari-server -cert /go/src/github.com/docker/vetinari/fixtures/ca.pem -key /go/src/github.com/docker/vetinari/fixtures/ca-key.pem -debug diff --git a/cmd/vetinari-server/main.go b/cmd/vetinari-server/main.go new file mode 100644 index 0000000000..d58152323b --- /dev/null +++ b/cmd/vetinari-server/main.go @@ -0,0 +1,89 @@ +package main + +import ( + "crypto/rand" + "crypto/tls" + _ "expvar" + "flag" + "log" + "net/http" + "os" + + _ "github.com/docker/distribution/health" + "github.com/docker/vetinari/server/handlers" + "github.com/gorilla/mux" +) + +const ADDR = ":4443" +const DEBUG_ADDR = "localhost:8080" + +var debug bool +var certFile, keyFile string + +func init() { + flag.StringVar(&certFile, "cert", "", "Intermediate certificates") + flag.StringVar(&keyFile, "key", "", "Private key file") + flag.BoolVar(&debug, "debug", false, "show the version and exit") +} + +func main() { + flag.Usage = usage + flag.Parse() + + if DEBUG_ADDR != "" { + go debugServer(DEBUG_ADDR) + } + + if certFile == "" || keyFile == "" { + usage() + log.Fatalf("Certificate and key are mandatory") + } + + tlsConfig := &tls.Config{ + MinVersion: tls.VersionTLS12, + PreferServerCipherSuites: true, + CipherSuites: []uint16{ + tls.TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256, + tls.TLS_ECDHE_ECDSA_WITH_AES_128_GCM_SHA256, + tls.TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA, + tls.TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA, + tls.TLS_ECDHE_ECDSA_WITH_AES_256_CBC_SHA, + tls.TLS_ECDHE_ECDSA_WITH_AES_128_CBC_SHA, + tls.TLS_RSA_WITH_AES_128_CBC_SHA, + tls.TLS_RSA_WITH_AES_256_CBC_SHA}, + } + tlsConfig.Rand = rand.Reader + + r := mux.NewRouter() + r.HandleFunc("/", handlers.MainHandler) + + server := http.Server{ + Addr: ADDR, + Handler: r, + TLSConfig: tlsConfig, + } + + if debug { + log.Println("[Vetinari Server] : Listening on", ADDR) + } + + err := server.ListenAndServeTLS(certFile, keyFile) + if err != nil { + log.Fatalf("[Vetinari Server] : Failed to start %s", err) + } +} + +func usage() { + log.Println(os.Stderr, "usage:", os.Args[0], "") + flag.PrintDefaults() +} + +// debugServer starts the debug server with pprof, expvar among other +// endpoints. The addr should not be exposed externally. For most of these to +// work, tls cannot be enabled on the endpoint, so it is generally separate. +func debugServer(addr string) { + log.Println("[Vetinari Debug Server] server listening on", addr) + if err := http.ListenAndServe(addr, nil); err != nil { + log.Fatalf("[Vetinari Debug Server] error listening on debug interface: %v", err) + } +} diff --git a/cmd/vetinari-server/main_test.go b/cmd/vetinari-server/main_test.go new file mode 100644 index 0000000000..06ab7d0f9a --- /dev/null +++ b/cmd/vetinari-server/main_test.go @@ -0,0 +1 @@ +package main diff --git a/fixtures/ca-key.pem b/fixtures/ca-key.pem new file mode 100644 index 0000000000..e799d2fde3 --- /dev/null +++ b/fixtures/ca-key.pem @@ -0,0 +1,27 @@ +-----BEGIN RSA PRIVATE KEY----- +MIIEpAIBAAKCAQEA4zWKzehx/YuLfvbphGLLAnxHiAizsqR17Ch9zN5wxZInJduz +9v2HZCFgqV/4ZqITsA/y5ibr6X31KLkiSgPABc/AZiBcgONz41TmGVIy7lzU9xsq +vDwTqzyYyoBXN+TbJk6NAHglhHpbOa6T1Pwf2K9D6ypSytpFkz6JltLJFbpIxYtz +g3cpCwR/ZBOS5f4bqzMnrIlfZUbta50/wc5HIgU6Q3Ggx/CIiICMEgtWZxoPM5Oq +tt0tnVZPJoSA9xUOVRXOnb9NZVrHgvyCpL8D9qsGISOUveV/fvYOw/+Iy+2y5rc7 +dSfSH1XbczE8RLdhTMLYgmg6km7rq4JQBvtIlwIDAQABAoIBAQCNweUlTQZ502uo +PnM5hs30cgfLJuq+5X8xZZ3/iTVA/0vvgeEJk+q6HV0Kr/bySeMQsRKyZ8w+tLiV +vNRY63gN6C25Si2MuNygFGMvnyppr3+r4MZMBQuchcUqauJ/3AijINU2Wr/FpPVv +yq0vcFKKReeRPKnFKGPKV3VOpZqSM6ds1fqjG0vJPtW4OYhii9QWBky94kb9P9ef +52X7EcESY+G+gLOxEt95KYCY5gLvyOxObUtk9xGzmcKMmYr80fgqDllavMie7BQ6 +BHm5EUfxtPd1Q0Pd8ZYYZusYD1dxiBISlncf0kDG0PYWifb8HTPOEddX9CwzYfnV +alea2ENZAoGBAOeoQW+dwTU9OBDOUADysBoR0EU2F/+wbCLsQTj4QBZXg91+CR0P +o57v56yoCEz4dsVi2YtphFbM2Gb8ByqMDa4/onlUrnbkb+bUR4mJ34vF78kSrMnu +3HwP1SBvucleaRpr7O8Qh6A5+AHs8O4ApMU3DJyBeo0BO37XjBpMFIhTAoGBAPsV +oStqT0zS1axXeR/wlg7181e9ZAbJWo6YYktabud7V+iPn+8zjecpD2rNn92wWkYR +tGUL4XJeC/vF0IP9EdmOg275IFgC22svNnli7daMOMeznuxoz7nzVscHqw7HVTp+ +bkDPBs55IwrIG9hy3XlvgD6VmgaZa5cBQG0H8SYtAoGAGdB3EkALEqqyv7St150z +oIQRqFTB0d1P/4hCMF4BjjvMVvc/fryKaCCluWi0HBen7JD6Wv20IJQNHVTCW6xl +reArc8fK9Ta5fYh0PFBf18yDzu1E0e/LJAwDnOy2UEkz/xy9t1opMuKiz1we8Paj +ZdKfliUbifD0N0s/soJ92z8CgYEAz/vPwJXUUG/I3XSr+eAhfQ0Q4NoaFGEQaVQj +AAZOHeOXIyZttgf/gL8LbU4dIdbmQGqEAru/qSvsQ0dN/TdRZORfTTqCJ0Vemj/G +oPBo0TLgCdRpTa1YfNDsTfu1H43QtJ5sF7UmDzxa4aB3KGmlueS51522s8a8T56S +zn4orJUCgYBNdWYT6HZEyhcCwchFCDGurSFDP1NEO4chMS4R4fFKulOA9reL7xAP +KSkKGTgZwNF6fjY7+iVnK533dPsi3aWdnkSNi0inXCeUCwbUUosENtmPslltGbYL +qC7m5yTyCi/nh0dXh23bTCRuxqVcTNnPENZ5uXt3T7kiw2IGIXKqEQ== +-----END RSA PRIVATE KEY----- diff --git a/fixtures/ca.pem b/fixtures/ca.pem new file mode 100644 index 0000000000..e0c35d4803 --- /dev/null +++ b/fixtures/ca.pem @@ -0,0 +1,18 @@ +-----BEGIN CERTIFICATE----- +MIIC1jCCAcCgAwIBAgIRAP8N1ySxBPApJwblEm6nP14wCwYJKoZIhvcNAQELMBYx +FDASBgNVBAoTC0Jvb3QyRG9ja2VyMB4XDTE1MDMzMTIzMTQyN1oXDTE4MDMxNTIz +MTQyN1owFjEUMBIGA1UEChMLQm9vdDJEb2NrZXIwggEiMA0GCSqGSIb3DQEBAQUA +A4IBDwAwggEKAoIBAQDjNYrN6HH9i4t+9umEYssCfEeICLOypHXsKH3M3nDFkicl +27P2/YdkIWCpX/hmohOwD/LmJuvpffUouSJKA8AFz8BmIFyA43PjVOYZUjLuXNT3 +Gyq8PBOrPJjKgFc35NsmTo0AeCWEels5rpPU/B/Yr0PrKlLK2kWTPomW0skVukjF +i3ODdykLBH9kE5Ll/hurMyesiV9lRu1rnT/BzkciBTpDcaDH8IiIgIwSC1ZnGg8z +k6q23S2dVk8mhID3FQ5VFc6dv01lWseC/IKkvwP2qwYhI5S95X9+9g7D/4jL7bLm +tzt1J9IfVdtzMTxEt2FMwtiCaDqSbuurglAG+0iXAgMBAAGjIzAhMA4GA1UdDwEB +/wQEAwIApDAPBgNVHRMBAf8EBTADAQH/MAsGCSqGSIb3DQEBCwOCAQEAzJ8XzvTU +jV3p38Oe6tzzJmL51MVbJ0+FTGAVBXxiS50Gmb7bTgG6VpDVn4mzBFxbZHKmljDZ +mWDO2S6AH+Z8La+81cStoRxhcHrHPRu676qQlmZCXOgScyjccMJShsz26fWTcafh +cbSBzY8CvtSNvbk8SV1+r4Yq91cII6HHUsYE78GblW6y6SP3gqTP55vATJajaEqp +0mcX4JaFg3+hnTVZlRlKbR5BsYKDaR2bp2PE2EE7KQv4PrsqvVq4iJ0nxjMkdC4R +OcFjUgb5uplOnuhm6u287mSVsTbbFGQeojL9RpBcrwXr2Lbkh9MuEHxMyW2FtkFU +vsnNyfVXIR+xOA== +-----END CERTIFICATE----- diff --git a/server/handlers/default.go b/server/handlers/default.go new file mode 100644 index 0000000000..6845e093fe --- /dev/null +++ b/server/handlers/default.go @@ -0,0 +1,17 @@ +package handlers + +import ( + "encoding/json" + "net/http" +) + +func MainHandler(w http.ResponseWriter, r *http.Request) { + if r.Method == "GET" { + err := json.NewEncoder(w).Encode("{}") + if err != nil { + w.Write([]byte("{server_error: 'Could not parse error message'}")) + } + } else { + w.WriteHeader(http.StatusNotFound) + } +} diff --git a/server/handlers/default_test.go b/server/handlers/default_test.go new file mode 100644 index 0000000000..5ac8282f4b --- /dev/null +++ b/server/handlers/default_test.go @@ -0,0 +1 @@ +package handlers