voltone/config.exs Secret

## config.exs
config :sample, SampleWeb.Endpoint,
  https: [
    port: 4001,
    sni_fun: &SampleWeb.Endpoint.ssloptions/1,
    keyfile: "priv/cert/privkey.pem",
    certfile: "priv/cert/cert.pem",
    cacertfile: "priv/cert/chain.pem",
    dhfile: "priv/cert/dhparams.pem",
    secure_renegotiate: true,
    versions: [:"tlsv1.2"]
  ],
  cache_static_manifest: "priv/static/cache_manifest.json"

# To create the OCSP request URL, create a binary request using OpenSSL
# as described here: http://unmitigatedrisk.com/?p=42
# Encode the result as base64 and URL-encode the result, then append
# it to server certificate's OCSP endpoint URL
config :sample, Sample.OCSPResponseCache,
  request:
    "http://ocsp.int-x3.letsencrypt.org/MFMwUTBPME0wSzAJBgUrDgMCGgUABBR%2B5mrncpqz%2FPiiIGRsFqEtYHEIXQQUqEpqYwR93brm0Tm3pkVl7%2FOo7KECEgSCMGvPKVhNmwWOxVUD3Ht%2Blg%3D%3D"

## ocsp_response_cache.ex
defmodule Sample.OCSPResponseCache do
  use GenServer

  require Logger

  @renew_interval 3_600_000
  @retry_interval 60_000

  def start_link([]) do
    GenServer.start_link(__MODULE__, [], name: __MODULE__)
  end

  def get() do
    case :ets.lookup(__MODULE__, :response) do
      [{:response, response}] ->
        response

      _ ->
        nil
    end
  end

  @impl GenServer
  def init([]) do
    config = Application.get_env(:sample, __MODULE__, [])

    case Keyword.get(config, :request) do
      nil ->
        :ignore

      request ->
        :ets.new(__MODULE__, [:set, :protected, :named_table, read_concurrency: true])
        {:ok, request, 0}
    end
  end

  @impl GenServer
  def handle_info(:timeout, request) do
    renew(request)
  end

  defp renew(request) do
    case :httpc.request(:get, {to_charlist(request), []}, [], body_format: :binary) do
      {:ok, {_, _, resp}} ->
        :ets.insert(__MODULE__, {:response, resp})
        Logger.info("OCSP response renewed")
        {:noreply, request, @renew_interval}

      error ->
        Logger.error("Failed to renew OCSP response:\n#{inspect(error)}")
        {:noreply, request, @retry_interval}
    end
  end
end
	config :sample, SampleWeb.Endpoint,
	https: [
	port: 4001,
	sni_fun: &SampleWeb.Endpoint.ssloptions/1,
	keyfile: "priv/cert/privkey.pem",
	certfile: "priv/cert/cert.pem",
	cacertfile: "priv/cert/chain.pem",
	dhfile: "priv/cert/dhparams.pem",
	secure_renegotiate: true,
	versions: [:"tlsv1.2"]
	],
	cache_static_manifest: "priv/static/cache_manifest.json"

	# To create the OCSP request URL, create a binary request using OpenSSL
	# as described here: http://unmitigatedrisk.com/?p=42
	# Encode the result as base64 and URL-encode the result, then append
	# it to server certificate's OCSP endpoint URL
	config :sample, Sample.OCSPResponseCache,
	request:
	"http://ocsp.int-x3.letsencrypt.org/MFMwUTBPME0wSzAJBgUrDgMCGgUABBR%2B5mrncpqz%2FPiiIGRsFqEtYHEIXQQUqEpqYwR93brm0Tm3pkVl7%2FOo7KECEgSCMGvPKVhNmwWOxVUD3Ht%2Blg%3D%3D"
	defmodule Sample.OCSPResponseCache do
	use GenServer

	require Logger

	@renew_interval 3_600_000
	@retry_interval 60_000

	def start_link([]) do
	GenServer.start_link(__MODULE__, [], name: __MODULE__)
	end

	def get() do
	case :ets.lookup(__MODULE__, :response) do
	[{:response, response}] ->
	response

	_ ->
	nil
	end
	end

	@impl GenServer
	def init([]) do
	config = Application.get_env(:sample, __MODULE__, [])

	case Keyword.get(config, :request) do
	nil ->
	:ignore

	request ->
	:ets.new(__MODULE__, [:set, :protected, :named_table, read_concurrency: true])
	{:ok, request, 0}
	end
	end

	@impl GenServer
	def handle_info(:timeout, request) do
	renew(request)
	end

	defp renew(request) do
	case :httpc.request(:get, {to_charlist(request), []}, [], body_format: :binary) do
	{:ok, {_, _, resp}} ->
	:ets.insert(__MODULE__, {:response, resp})
	Logger.info("OCSP response renewed")
	{:noreply, request, @renew_interval}

	error ->
	Logger.error("Failed to renew OCSP response:\n#{inspect(error)}")
	{:noreply, request, @retry_interval}
	end
	end
	end