/autocert.go
Created Sep 18, 2018
Currently cobbled autocerted file server thingy
| package main | |
| import ( | |
| "crypto/tls" | |
| "fmt" | |
| "golang.org/x/crypto/acme/autocert" | |
| "io" | |
| "log" | |
| "net/http" | |
| "time" | |
| ) | |
| func main() { | |
| m := &autocert.Manager{ | |
| Prompt: autocert.AcceptTOS, | |
| HostPolicy: autocert.HostWhitelist("localhost"), | |
| } | |
| tlsConfig := &tls.Config{ | |
| // Causes servers to use Go's default ciphersuite preferences, | |
| // which are tuned to avoid attacks. Does nothing on clients. | |
| PreferServerCipherSuites: true, | |
| // Only use curves which have assembly implementations | |
| CurvePreferences: []tls.CurveID{ | |
| tls.CurveP256, | |
| tls.X25519, // Go 1.8 only | |
| }, | |
| MinVersion: tls.VersionTLS12, | |
| GetCertificate: m.GetCertificate, | |
| CipherSuites: []uint16{ | |
| tls.TLS_ECDHE_ECDSA_WITH_AES_256_GCM_SHA384, | |
| tls.TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384, | |
| tls.TLS_ECDHE_ECDSA_WITH_CHACHA20_POLY1305, // Go 1.8 only | |
| tls.TLS_ECDHE_RSA_WITH_CHACHA20_POLY1305, // Go 1.8 only | |
| tls.TLS_ECDHE_ECDSA_WITH_AES_128_GCM_SHA256, | |
| tls.TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256, | |
| // Best disabled, as they don't provide Forward Secrecy, | |
| // but might be necessary for some clients | |
| // tls.TLS_RSA_WITH_AES_256_GCM_SHA384, | |
| // tls.TLS_RSA_WITH_AES_128_GCM_SHA256, | |
| }, | |
| } | |
| go http.ListenAndServe(":http", m.HTTPHandler(nil)) | |
| fmt.Println(time.Now().Format("Mon Jan 2 15:04:05 -0700 MST 2006"), ": Startup") | |
| mux := http.NewServeMux() | |
| mux.Handle("/test/", middle(http.StripPrefix("/test/", http.FileServer(http.Dir("~/test/"))))) | |
| mux.Handle("/robots.txt", middle(http.HandlerFunc(robots))) | |
| s := &http.Server{ | |
| ReadTimeout: 5 * time.Second, | |
| // WriteTimeout: 10 * time.Second, | |
| IdleTimeout: 120 * time.Second, | |
| Addr: ":https", | |
| Handler: mux, | |
| TLSConfig: tlsConfig, | |
| } | |
| err := s.ListenAndServeTLS("", "") | |
| log.Fatal(err) | |
| } | |
| func middle(h http.Handler) http.Handler { | |
| return http.HandlerFunc(func(w http.ResponseWriter, r *http.Request) { | |
| start := time.Now() | |
| url := r.URL | |
| fmt.Println(start.Format("Mon Jan 2 15:04:05 -0700 MST 2006"), ":", url, "from", r.RemoteAddr) | |
| h.ServeHTTP(w, r) | |
| finish := time.Now() | |
| fmt.Println(finish.Format("Mon Jan 2 15:04:05 -0700 MST 2006"), ":", url, "from", r.RemoteAddr, "done") | |
| }) | |
| } | |
| func robots(w http.ResponseWriter, r *http.Request) { | |
| io.WriteString(w, "User-agent: *\n") | |
| io.WriteString(w, "Disallow: /") | |
| } |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment