Refactgor, TLS support, v0.5
This commit is contained in:
parent
85f03049d9
commit
13073daa38
14
.app.config
Normal file
14
.app.config
Normal file
@ -0,0 +1,14 @@
|
||||
{
|
||||
"ID": "identity",
|
||||
"Name": "identity",
|
||||
"Address": "__IP__",
|
||||
"Tags": ["identity-svc", "identity", "https", "service"],
|
||||
"Port": 443,
|
||||
"Connect": {
|
||||
"Native": true
|
||||
},
|
||||
"Check": {
|
||||
"TCP": "__IP__:443",
|
||||
"DeregisterCriticalServiceAfter": "10s"
|
||||
}
|
||||
}
|
||||
@ -1,4 +1,4 @@
|
||||
SERVER_ADDR=:80
|
||||
SERVER_ADDR=:443
|
||||
|
||||
APP_NAME=identity-svc
|
||||
APP_DOMAIN=identity.service.ego.io
|
||||
|
||||
@ -4,7 +4,7 @@ FROM ${BUILDER_IMAGE} AS builder
|
||||
|
||||
# Destination image - server
|
||||
# FROM gcr.io/distroless/base-debian10
|
||||
FROM alpine:3
|
||||
FROM alpine:3.17
|
||||
|
||||
ARG SVC_NAME
|
||||
ARG SVC_VER
|
||||
@ -21,11 +21,14 @@ WORKDIR /
|
||||
COPY --from=builder $BIN_OUTPUT /app
|
||||
COPY --from=builder /go/bin/migrate /bin/migrate
|
||||
COPY --from=builder /go/bin/health /bin/health
|
||||
COPY .env.dist /.env
|
||||
COPY .env.docker /.env
|
||||
COPY ./.app.config /
|
||||
COPY ./bin /bin
|
||||
RUN chmod 755 /bin/entrypoint.sh /bin/migrate.sh
|
||||
|
||||
EXPOSE 80
|
||||
RUN apk add curl
|
||||
|
||||
EXPOSE 443
|
||||
|
||||
ENTRYPOINT ["entrypoint.sh"]
|
||||
CMD ["sh", "-c", "/app"]
|
||||
|
||||
@ -14,6 +14,9 @@ waitForService()
|
||||
done
|
||||
}
|
||||
|
||||
update-resolv # provided by stack - better approach - single copy
|
||||
update-ca-certificates
|
||||
|
||||
waitForService "postgres-db:5432"
|
||||
waitForService "api-logger:24224"
|
||||
|
||||
|
||||
@ -55,7 +55,7 @@ func main() {
|
||||
log.Fatalf("Error parsing logger addr: %s. Err: %v", c.LoggerAddr, err)
|
||||
}
|
||||
|
||||
logger, err := fluentd.NewLogger(c.Base.GetAppFullName(), logHost, logPort) // @Refactor NewLogger return (logger, error)
|
||||
logger, err := fluentd.NewLogger(c.GetAppFullName(), logHost, logPort) // @Refactor NewLogger return (logger, error)
|
||||
if err != nil {
|
||||
log.Fatalf("Error connecting to %s:%d. Err: %v", logHost, logPort, err)
|
||||
}
|
||||
|
||||
@ -4,7 +4,7 @@ go 1.18
|
||||
|
||||
require (
|
||||
git.pbiernat.io/egommerce/api-entities v0.2.3
|
||||
git.pbiernat.io/egommerce/go-api-pkg v0.2.88
|
||||
git.pbiernat.io/egommerce/go-api-pkg v0.3.18
|
||||
github.com/go-pg/migrations/v8 v8.1.0
|
||||
github.com/go-pg/pg/v10 v10.11.1
|
||||
github.com/go-redis/redis/v8 v8.11.5
|
||||
@ -12,7 +12,6 @@ require (
|
||||
github.com/gofiber/jwt/v2 v2.2.7
|
||||
github.com/golang-jwt/jwt v3.2.2+incompatible
|
||||
github.com/jackc/pgx/v5 v5.4.3
|
||||
github.com/rabbitmq/amqp091-go v1.10.0
|
||||
)
|
||||
|
||||
require (
|
||||
@ -106,6 +105,7 @@ require (
|
||||
github.com/vmihailenco/msgpack/v5 v5.4.0 // indirect
|
||||
github.com/vmihailenco/tagparser v0.1.2 // indirect
|
||||
github.com/vmihailenco/tagparser/v2 v2.0.0 // indirect
|
||||
go.uber.org/goleak v1.3.0 // indirect
|
||||
golang.org/x/crypto v0.14.0 // indirect
|
||||
golang.org/x/exp v0.0.0-20230905200255-921286631fa9 // indirect
|
||||
golang.org/x/mod v0.12.0 // indirect
|
||||
|
||||
@ -7,8 +7,8 @@ cloud.google.com/go/iam v1.1.1 h1:lW7fzj15aVIXYHREOqjRBV9PsH0Z6u8Y46a1YGvQP4Y=
|
||||
cloud.google.com/go/iam v1.1.1/go.mod h1:A5avdyVL2tCppe4unb0951eI9jreack+RJ0/d+KUZOU=
|
||||
git.pbiernat.io/egommerce/api-entities v0.2.3 h1:mR6EYfZkAzh4teydb7KXDBWoxwVW3qasnmmH5J3mnas=
|
||||
git.pbiernat.io/egommerce/api-entities v0.2.3/go.mod h1:INXAG5x4+i+vNwg1NpfPHiDW8nY1kn1K7pgLOtX+/I0=
|
||||
git.pbiernat.io/egommerce/go-api-pkg v0.2.88 h1:xya/39BnFeha3Oc76ad/ppoQd6AstTGQd87Qszamr1A=
|
||||
git.pbiernat.io/egommerce/go-api-pkg v0.2.88/go.mod h1:XIy2mmvRNIzQmYIUAcDZafhRPxTQFS2HDmsK7ZQ6980=
|
||||
git.pbiernat.io/egommerce/go-api-pkg v0.3.18 h1:0+C9BMsllrNvRbh4kb7dJ5lrzP1Lc7J4pb+KV76YrXk=
|
||||
git.pbiernat.io/egommerce/go-api-pkg v0.3.18/go.mod h1:XIy2mmvRNIzQmYIUAcDZafhRPxTQFS2HDmsK7ZQ6980=
|
||||
github.com/Azure/azure-sdk-for-go v68.0.0+incompatible h1:fcYLmCpyNYRnvJbPerq7U0hS+6+I79yEDJBqVNcqUzU=
|
||||
github.com/Azure/go-autorest v14.2.0+incompatible h1:V5VMDjClD3GiElqLWO7mz2MxNAK/vTfRHdAubSIPRgs=
|
||||
github.com/Azure/go-autorest/autorest v0.11.28 h1:ndAExarwr5Y+GaHE6VCaY1kyS/HwwGGyuimVhWsHOEM=
|
||||
@ -428,8 +428,6 @@ github.com/prometheus/procfs v0.0.2/go.mod h1:TjEm7ze935MbeOT/UhFTIMYKhuLP4wbCsT
|
||||
github.com/prometheus/procfs v0.0.8/go.mod h1:7Qr8sr6344vo1JqZ6HhLceV9o3AJ1Ff+GxbHq6oeK9A=
|
||||
github.com/prometheus/procfs v0.12.0 h1:jluTpSng7V9hY0O2R9DzzJHYb2xULk9VTR1V1R/k6Bo=
|
||||
github.com/prometheus/procfs v0.12.0/go.mod h1:pcuDEFsWDnvcgNzo4EEweacyhjeA9Zk3cnaOZAZEfOo=
|
||||
github.com/rabbitmq/amqp091-go v1.10.0 h1:STpn5XsHlHGcecLmMFCtg7mqq0RnD+zFr4uzukfVhBw=
|
||||
github.com/rabbitmq/amqp091-go v1.10.0/go.mod h1:Hy4jKW5kQART1u+JkDTF9YYOQUHXqMuhrgxOEeS7G4o=
|
||||
github.com/renier/xmlrpc v0.0.0-20170708154548-ce4a1a486c03 h1:Wdi9nwnhFNAlseAOekn6B5G/+GMtks9UKbvRU/CMM/o=
|
||||
github.com/rivo/uniseg v0.2.0/go.mod h1:J6wj4VEh+S6ZtnVlnTBMWIodfgj8LQOQFoIToxlJtxc=
|
||||
github.com/rivo/uniseg v0.4.4 h1:8TfxU8dW6PdqD27gjM8MVNuicgxIjxpm4K7x4jp8sis=
|
||||
@ -511,6 +509,7 @@ go.opentelemetry.io/proto/otlp v0.19.0 h1:IVN6GR+mhC4s5yfcTbmzHYODqvWAp3ZedA2SJP
|
||||
go.uber.org/atomic v1.9.0 h1:ECmE8Bn/WFTYwEW/bpKD3M8VtR/zQVbavAoalC1PYyE=
|
||||
go.uber.org/goleak v1.1.10/go.mod h1:8a7PlsEVH3e/a/GLqe5IIrQx6GzcnRmZEufDUTk4A7A=
|
||||
go.uber.org/goleak v1.3.0 h1:2K3zAYmnTNqV73imy9J1T3WC+gmCePx2hEGkimedGto=
|
||||
go.uber.org/goleak v1.3.0/go.mod h1:CoHD4mav9JJNrW/WLlf7HGZPjdw8EucARQHekz1X6bE=
|
||||
golang.org/x/crypto v0.0.0-20180904163835-0709b304e793/go.mod h1:6SG95UA2DQfeDnfUPMdvaQW0Q7yPrPDi9nlGo2tz2b4=
|
||||
golang.org/x/crypto v0.0.0-20180910181607-0e37d006457b/go.mod h1:6SG95UA2DQfeDnfUPMdvaQW0Q7yPrPDi9nlGo2tz2b4=
|
||||
golang.org/x/crypto v0.0.0-20190308221718-c2843e01d9a2/go.mod h1:djNgcEr1/C05ACkg1iLfiJU5Ep61QUkGW8qpdssI0+w=
|
||||
|
||||
@ -18,7 +18,7 @@ const (
|
||||
defEventBusURL = "amqp://guest:guest@api-eventbus:5672"
|
||||
defKVNmspc = "dev.egommerce/service/identity"
|
||||
defLoggerAddr = "api-logger:24224"
|
||||
defNetAddr = ":80"
|
||||
defNetAddr = ":443"
|
||||
defMongoDbURL = "mongodb://mongodb:12345678@mongo-db:27017"
|
||||
defPathPrefix = "/identity"
|
||||
defRegistryAddr = "api-registry:8500"
|
||||
|
||||
@ -1,6 +1,8 @@
|
||||
package server
|
||||
|
||||
import (
|
||||
"crypto/tls"
|
||||
"log"
|
||||
"net"
|
||||
"time"
|
||||
|
||||
@ -18,7 +20,7 @@ type (
|
||||
*fiber.App
|
||||
|
||||
ID string
|
||||
addr string // e.g. "127.0.0.1:80"
|
||||
addr string // e.g. "127.0.0.1:443"
|
||||
handlers map[string]any
|
||||
}
|
||||
HeaderRequestID struct {
|
||||
@ -46,8 +48,14 @@ func (s *Server) Start() error {
|
||||
SetupRouter(s)
|
||||
|
||||
// fmt.Printf("Starting server at: %s...\n", s.addr)
|
||||
cer, err := tls.LoadX509KeyPair("certs/client.crt", "certs/client.key")
|
||||
if err != nil {
|
||||
log.Fatal(err)
|
||||
}
|
||||
tlsCnf := &tls.Config{Certificates: []tls.Certificate{cer}}
|
||||
|
||||
ln, _ := net.Listen("tcp", s.addr)
|
||||
// ln = tls.NewListener(ln, s.App.Server().TLSConfig)
|
||||
ln = tls.NewListener(ln, tlsCnf)
|
||||
|
||||
return s.Listener(ln)
|
||||
}
|
||||
|
||||
Loading…
Reference in New Issue
Block a user