From 21f4fa7d86f66f21a9946d2e18d12a28ea2b3c4d Mon Sep 17 00:00:00 2001 From: Toby Date: Sat, 19 Nov 2022 17:58:14 -0800 Subject: [PATCH] chore: disable certmagic's noisy default logger --- cmd/acme.go | 69 ++++++++++++++++++++++++++++++++++++++++++++++------- go.mod | 2 +- 2 files changed, 62 insertions(+), 9 deletions(-) diff --git a/cmd/acme.go b/cmd/acme.go index 991de94..9b2a26a 100644 --- a/cmd/acme.go +++ b/cmd/acme.go @@ -3,6 +3,11 @@ package main import ( "context" "crypto/tls" + "os" + "path/filepath" + "runtime" + + "go.uber.org/zap" "github.com/caddyserver/certmagic" ) @@ -10,12 +15,60 @@ import ( func acmeTLSConfig(domains []string, email string, disableHTTP bool, disableTLSALPN bool, altHTTPPort int, altTLSALPNPort int, ) (*tls.Config, error) { - certmagic.DefaultACME.Agreed = true - certmagic.DefaultACME.Email = email - certmagic.DefaultACME.DisableHTTPChallenge = disableHTTP - certmagic.DefaultACME.DisableTLSALPNChallenge = disableTLSALPN - certmagic.DefaultACME.AltHTTPPort = altHTTPPort - certmagic.DefaultACME.AltTLSALPNPort = altTLSALPNPort - cfg := certmagic.NewDefault() - return cfg.TLSConfig(), cfg.ManageSync(context.Background(), domains) + cfg := &certmagic.Config{ + RenewalWindowRatio: certmagic.DefaultRenewalWindowRatio, + KeySource: certmagic.DefaultKeyGenerator, + Storage: &certmagic.FileStorage{Path: dataDir()}, + Logger: zap.NewNop(), + } + issuer := certmagic.NewACMEIssuer(cfg, certmagic.ACMEIssuer{ + CA: certmagic.LetsEncryptProductionCA, + TestCA: certmagic.LetsEncryptStagingCA, + Email: email, + Agreed: true, + DisableHTTPChallenge: disableHTTP, + DisableTLSALPNChallenge: disableTLSALPN, + AltHTTPPort: altHTTPPort, + AltTLSALPNPort: altTLSALPNPort, + Logger: zap.NewNop(), + }) + cfg.Issuers = []certmagic.Issuer{issuer} + + cache := certmagic.NewCache(certmagic.CacheOptions{ + GetConfigForCert: func(cert certmagic.Certificate) (*certmagic.Config, error) { + return cfg, nil + }, + Logger: zap.NewNop(), + }) + cfg = certmagic.New(cache, *cfg) + + err := cfg.ManageSync(context.Background(), domains) + if err != nil { + return nil, err + } + return cfg.TLSConfig(), nil +} + +func homeDir() string { + home := os.Getenv("HOME") + if home == "" && runtime.GOOS == "windows" { + drive := os.Getenv("HOMEDRIVE") + path := os.Getenv("HOMEPATH") + home = drive + path + if drive == "" || path == "" { + home = os.Getenv("USERPROFILE") + } + } + if home == "" { + home = "." + } + return home +} + +func dataDir() string { + baseDir := filepath.Join(homeDir(), ".local", "share") + if xdgData := os.Getenv("XDG_DATA_HOME"); xdgData != "" { + baseDir = xdgData + } + return filepath.Join(baseDir, "certmagic") } diff --git a/go.mod b/go.mod index 1242e91..0f6dc79 100644 --- a/go.mod +++ b/go.mod @@ -24,6 +24,7 @@ require ( github.com/txthinking/socks5 v0.0.0-20220212043548-414499347d4a github.com/xjasonlyu/tun2socks/v2 v2.4.1 github.com/yosuke-furukawa/json5 v0.1.1 + go.uber.org/zap v1.23.0 golang.org/x/sys v0.1.1-0.20221102194838-fc697a31fa06 gvisor.dev/gvisor v0.0.0-20220405222207-795f4f0139bb ) @@ -72,7 +73,6 @@ require ( github.com/txthinking/x v0.0.0-20210326105829-476fab902fbe // indirect go.uber.org/atomic v1.9.0 // indirect go.uber.org/multierr v1.8.0 // indirect - go.uber.org/zap v1.23.0 // indirect golang.org/x/crypto v0.0.0-20220722155217-630584e8d5aa // indirect golang.org/x/exp v0.0.0-20220722155223-a9213eeb770e // indirect golang.org/x/mod v0.6.0-dev.0.20220419223038-86c51ed26bb4 // indirect