Created
September 18, 2018 07:36
-
-
Save NHOrus/50a74986e2414dd9d5976c1396c047b6 to your computer and use it in GitHub Desktop.
Currently cobbled autocerted file server thingy
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
package main | |
import ( | |
"crypto/tls" | |
"fmt" | |
"golang.org/x/crypto/acme/autocert" | |
"io" | |
"log" | |
"net/http" | |
"time" | |
) | |
func main() { | |
m := &autocert.Manager{ | |
Prompt: autocert.AcceptTOS, | |
HostPolicy: autocert.HostWhitelist("localhost"), | |
} | |
tlsConfig := &tls.Config{ | |
// Causes servers to use Go's default ciphersuite preferences, | |
// which are tuned to avoid attacks. Does nothing on clients. | |
PreferServerCipherSuites: true, | |
// Only use curves which have assembly implementations | |
CurvePreferences: []tls.CurveID{ | |
tls.CurveP256, | |
tls.X25519, // Go 1.8 only | |
}, | |
MinVersion: tls.VersionTLS12, | |
GetCertificate: m.GetCertificate, | |
CipherSuites: []uint16{ | |
tls.TLS_ECDHE_ECDSA_WITH_AES_256_GCM_SHA384, | |
tls.TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384, | |
tls.TLS_ECDHE_ECDSA_WITH_CHACHA20_POLY1305, // Go 1.8 only | |
tls.TLS_ECDHE_RSA_WITH_CHACHA20_POLY1305, // Go 1.8 only | |
tls.TLS_ECDHE_ECDSA_WITH_AES_128_GCM_SHA256, | |
tls.TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256, | |
// Best disabled, as they don't provide Forward Secrecy, | |
// but might be necessary for some clients | |
// tls.TLS_RSA_WITH_AES_256_GCM_SHA384, | |
// tls.TLS_RSA_WITH_AES_128_GCM_SHA256, | |
}, | |
} | |
go http.ListenAndServe(":http", m.HTTPHandler(nil)) | |
fmt.Println(time.Now().Format("Mon Jan 2 15:04:05 -0700 MST 2006"), ": Startup") | |
mux := http.NewServeMux() | |
mux.Handle("/test/", middle(http.StripPrefix("/test/", http.FileServer(http.Dir("~/test/"))))) | |
mux.Handle("/robots.txt", middle(http.HandlerFunc(robots))) | |
s := &http.Server{ | |
ReadTimeout: 5 * time.Second, | |
// WriteTimeout: 10 * time.Second, | |
IdleTimeout: 120 * time.Second, | |
Addr: ":https", | |
Handler: mux, | |
TLSConfig: tlsConfig, | |
} | |
err := s.ListenAndServeTLS("", "") | |
log.Fatal(err) | |
} | |
func middle(h http.Handler) http.Handler { | |
return http.HandlerFunc(func(w http.ResponseWriter, r *http.Request) { | |
start := time.Now() | |
url := r.URL | |
fmt.Println(start.Format("Mon Jan 2 15:04:05 -0700 MST 2006"), ":", url, "from", r.RemoteAddr) | |
h.ServeHTTP(w, r) | |
finish := time.Now() | |
fmt.Println(finish.Format("Mon Jan 2 15:04:05 -0700 MST 2006"), ":", url, "from", r.RemoteAddr, "done") | |
}) | |
} | |
func robots(w http.ResponseWriter, r *http.Request) { | |
io.WriteString(w, "User-agent: *\n") | |
io.WriteString(w, "Disallow: /") | |
} |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment