-
-
Save ego008/8aea7ef480f00172f45a161ac67edcee to your computer and use it in GitHub Desktop.
Currently cobbled autocerted file server thingy
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
package main | |
import ( | |
"crypto/tls" | |
"fmt" | |
"golang.org/x/crypto/acme/autocert" | |
"io" | |
"log" | |
"net/http" | |
"time" | |
) | |
func main() { | |
m := &autocert.Manager{ | |
Prompt: autocert.AcceptTOS, | |
HostPolicy: autocert.HostWhitelist("localhost"), | |
} | |
tlsConfig := &tls.Config{ | |
// Causes servers to use Go's default ciphersuite preferences, | |
// which are tuned to avoid attacks. Does nothing on clients. | |
PreferServerCipherSuites: true, | |
// Only use curves which have assembly implementations | |
CurvePreferences: []tls.CurveID{ | |
tls.CurveP256, | |
tls.X25519, // Go 1.8 only | |
}, | |
MinVersion: tls.VersionTLS12, | |
GetCertificate: m.GetCertificate, | |
CipherSuites: []uint16{ | |
tls.TLS_ECDHE_ECDSA_WITH_AES_256_GCM_SHA384, | |
tls.TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384, | |
tls.TLS_ECDHE_ECDSA_WITH_CHACHA20_POLY1305, // Go 1.8 only | |
tls.TLS_ECDHE_RSA_WITH_CHACHA20_POLY1305, // Go 1.8 only | |
tls.TLS_ECDHE_ECDSA_WITH_AES_128_GCM_SHA256, | |
tls.TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256, | |
// Best disabled, as they don't provide Forward Secrecy, | |
// but might be necessary for some clients | |
// tls.TLS_RSA_WITH_AES_256_GCM_SHA384, | |
// tls.TLS_RSA_WITH_AES_128_GCM_SHA256, | |
}, | |
} | |
go http.ListenAndServe(":http", m.HTTPHandler(nil)) | |
fmt.Println(time.Now().Format("Mon Jan 2 15:04:05 -0700 MST 2006"), ": Startup") | |
mux := http.NewServeMux() | |
mux.Handle("/test/", middle(http.StripPrefix("/test/", http.FileServer(http.Dir("~/test/"))))) | |
mux.Handle("/robots.txt", middle(http.HandlerFunc(robots))) | |
s := &http.Server{ | |
ReadTimeout: 5 * time.Second, | |
// WriteTimeout: 10 * time.Second, | |
IdleTimeout: 120 * time.Second, | |
Addr: ":https", | |
Handler: mux, | |
TLSConfig: tlsConfig, | |
} | |
err := s.ListenAndServeTLS("", "") | |
log.Fatal(err) | |
} | |
func middle(h http.Handler) http.Handler { | |
return http.HandlerFunc(func(w http.ResponseWriter, r *http.Request) { | |
start := time.Now() | |
url := r.URL | |
fmt.Println(start.Format("Mon Jan 2 15:04:05 -0700 MST 2006"), ":", url, "from", r.RemoteAddr) | |
h.ServeHTTP(w, r) | |
finish := time.Now() | |
fmt.Println(finish.Format("Mon Jan 2 15:04:05 -0700 MST 2006"), ":", url, "from", r.RemoteAddr, "done") | |
}) | |
} | |
func robots(w http.ResponseWriter, r *http.Request) { | |
io.WriteString(w, "User-agent: *\n") | |
io.WriteString(w, "Disallow: /") | |
} |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment