mirror of
https://github.com/golang/go
synced 2024-11-19 02:54:42 -07:00
3fd990c6be
https://golang.org/cl/52390 was submitted too early with failing trybots. This fixes it, hiding the cloud.google.com stuff behind a build tag, used by the Dockerfile but not the Go build system. Change-Id: I66c6b40d4b06bf6c763f3ab221c7997856bfc910 Reviewed-on: https://go-review.googlesource.com/52470 Run-TryBot: Brad Fitzpatrick <bradfitz@golang.org> TryBot-Result: Gobot Gobot <gobot@golang.org> Reviewed-by: Jessie Frazelle <me@jessfraz.com>
51 lines
1.3 KiB
Go
51 lines
1.3 KiB
Go
// Copyright 2017 The Go Authors. All rights reserved.
|
|
// Use of this source code is governed by the Apache 2.0
|
|
// license that can be found in the LICENSE file.
|
|
|
|
// +build autocert
|
|
|
|
// This file contains autocert and cloud.google.com/go/storage
|
|
// dependencies we want to hide by default from the Go build system,
|
|
// which currently doesn't know how to fetch non-golang.org/x/*
|
|
// dependencies. The Dockerfile builds the production binary
|
|
// with this code using --tags=autocert.
|
|
|
|
package main
|
|
|
|
import (
|
|
"context"
|
|
"crypto/tls"
|
|
"log"
|
|
"net/http"
|
|
|
|
"cloud.google.com/go/storage"
|
|
"golang.org/x/build/autocertcache"
|
|
"golang.org/x/crypto/acme/autocert"
|
|
)
|
|
|
|
func init() {
|
|
runHTTPS = runHTTPSAutocert
|
|
}
|
|
|
|
func runHTTPSAutocert(h http.Handler) error {
|
|
var cache autocert.Cache
|
|
if b := *autoCertCacheBucket; b != "" {
|
|
sc, err := storage.NewClient(context.Background())
|
|
if err != nil {
|
|
log.Fatalf("storage.NewClient: %v", err)
|
|
}
|
|
cache = autocertcache.NewGoogleCloudStorageCache(sc, b)
|
|
}
|
|
m := autocert.Manager{
|
|
Prompt: autocert.AcceptTOS,
|
|
HostPolicy: autocert.HostWhitelist(*autoCertDomain),
|
|
Cache: cache,
|
|
}
|
|
s := &http.Server{
|
|
Addr: ":https",
|
|
Handler: h,
|
|
TLSConfig: &tls.Config{GetCertificate: m.GetCertificate},
|
|
}
|
|
return s.ListenAndServeTLS("", "")
|
|
}
|