diff --git a/src/main.rs b/src/main.rs index 552a4ef..a6734b9 100644 --- a/src/main.rs +++ b/src/main.rs @@ -30,7 +30,8 @@ struct Cli { long, help = "E.g. '[::]:443', if given then SSL certs will automatically be retrieved for all domains using LetsEncrypt", env = "DOMIPLY_HTTPS_LISTEN_ADDR", - requires = "domain_acme_contact_email" + requires = "domain_acme_contact_email", + requires = "domain_acme_store_dir_path" )] https_listen_addr: Option, @@ -49,13 +50,24 @@ struct Cli { #[arg(long, required = true, env = "DOMIPLY_DOMAIN_CONFIG_STORE_DIR_PATH")] domain_config_store_dir_path: path::PathBuf, - #[arg(long, required = true, env = "DOMIPLY_DOMAIN_ACME_STORE_DIR_PATH")] - domain_acme_store_dir_path: path::PathBuf, + #[arg(long, env = "DOMIPLY_DOMAIN_ACME_STORE_DIR_PATH")] + domain_acme_store_dir_path: Option, #[arg(long, env = "DOMIPLY_DOMAIN_ACME_CONTACT_EMAIL")] domain_acme_contact_email: Option, } +#[derive(Clone)] +struct HTTPSParams +where + DomainAcmeStore: domiply::domain::acme::store::BoxedStore, + DomainAcmeManager: domiply::domain::acme::manager::BoxedManager, +{ + https_listen_addr: SocketAddr, + domain_acme_store: DomainAcmeStore, + domain_acme_manager: DomainAcmeManager, +} + #[tokio::main] async fn main() { let config = Cli::parse(); @@ -95,10 +107,11 @@ async fn main() { let domain_config_store = domiply::domain::config::new(&config.domain_config_store_dir_path) .expect("domain config store initialized"); - let (domain_acme_store, domain_acme_manager) = if config.https_listen_addr.is_some() { - let domain_acme_store = - domiply::domain::acme::store::new(&config.domain_acme_store_dir_path) - .expect("domain acme store initialized"); + let https_params = if let Some(https_listen_addr) = config.https_listen_addr { + let domain_acme_store_dir_path = config.domain_acme_store_dir_path.unwrap(); + + let domain_acme_store = domiply::domain::acme::store::new(&domain_acme_store_dir_path) + .expect("domain acme store initialized"); // if https_listen_addr is set then domain_acme_contact_email is required, see the Cli/clap // settings. @@ -111,20 +124,26 @@ async fn main() { .await .expect("domain acme manager initialized"); - (Some(domain_acme_store), Some(domain_acme_manager)) + Some(HTTPSParams { + https_listen_addr, + domain_acme_store, + domain_acme_manager, + }) } else { - (None, None) + None }; - let manager = domiply::domain::manager::new( + let domain_manager = domiply::domain::manager::new( origin_store, domain_config_store, domain_checker, - domain_acme_manager.clone(), + https_params + .as_ref() + .and_then(|p| Some(p.domain_acme_manager.clone())), ); wait_group.push({ - let manager = manager.clone(); + let domain_manager = domain_manager.clone(); let canceller = canceller.clone(); tokio::spawn(async move { @@ -136,7 +155,7 @@ async fn main() { _ = canceller.cancelled() => return, } - let errors_iter = manager.sync_all_origins(); + let errors_iter = domain_manager.sync_all_origins(); if let Err(err) = errors_iter { println!("Got error calling sync_all_origins: {err}"); @@ -155,7 +174,7 @@ async fn main() { }); let service = domiply::service::new( - manager.clone(), + domain_manager.clone(), config.domain_checker_target_a, config.passphrase, config.http_domain.clone(), @@ -200,13 +219,11 @@ async fn main() { }) }); - // if there's an acme manager then it means that https is enabled - if let (Some(domain_acme_store), Some(domain_acme_manager)) = - (domain_acme_store, domain_acme_manager) - { + if let Some(https_params) = https_params { // Periodically refresh all domain certs, including the http_domain passed in the Cli opts wait_group.push({ - let manager = manager.clone(); + let https_params = https_params.clone(); + let domain_manager = domain_manager.clone(); let http_domain = config.http_domain.clone(); let canceller = canceller.clone(); @@ -219,7 +236,8 @@ async fn main() { _ = canceller.cancelled() => return, } - _ = domain_acme_manager + _ = https_params + .domain_acme_manager .sync_domain(http_domain.clone()) .await .inspect_err(|err| { @@ -229,7 +247,7 @@ async fn main() { ) }); - let domains_iter = manager.all_domains(); + let domains_iter = domain_manager.all_domains(); if let Err(err) = domains_iter { println!("Got error calling all_domains: {err}"); @@ -239,7 +257,8 @@ async fn main() { for domain in domains_iter.unwrap().into_iter() { match domain { Ok(domain) => { - let _ = domain_acme_manager + let _ = https_params + .domain_acme_manager .sync_domain(domain.clone()) .await .inspect_err(|err| { @@ -258,6 +277,7 @@ async fn main() { // HTTPS server wait_group.push({ + let https_params = https_params.clone(); let http_domain = config.http_domain.clone(); let canceller = canceller.clone(); let service = service.clone(); @@ -283,11 +303,11 @@ async fn main() { .with_safe_default_protocol_versions() .unwrap() .with_no_client_auth() - .with_cert_resolver(sync::Arc::from(domain_acme_store)), + .with_cert_resolver(sync::Arc::from(https_params.domain_acme_store)), ) .into(); - let addr = config.https_listen_addr.unwrap(); + let addr = https_params.https_listen_addr; let addr_incoming = hyper::server::conn::AddrIncoming::bind(&addr) .expect("https listen socket created");