linting/formatting

This commit is contained in:
Justin Angel 2022-01-29 14:15:33 -05:00
parent 5935b13b67
commit c98a559b4d
2 changed files with 30 additions and 30 deletions

44
app.go
View file

@ -87,9 +87,9 @@ type Config struct {
TLSLetsEncryptCacheDir string TLSLetsEncryptCacheDir string
TLSLetsEncryptChallengeType string TLSLetsEncryptChallengeType string
TLSCertPath string TLSCertPath string
TLSKeyPath string TLSKeyPath string
TLSClientAuthMode string TLSClientAuthMode string
ACMEURL string ACMEURL string
ACMEEmail string ACMEEmail string
@ -646,28 +646,28 @@ func (h *Headscale) getTLSSettings() (*tls.Config, error) {
log.Warn().Msg("Listening with TLS but ServerURL does not start with https://") log.Warn().Msg("Listening with TLS but ServerURL does not start with https://")
} }
var client_auth_mode tls.ClientAuthType var clientAuthMode tls.ClientAuthType
if(h.cfg.TLSClientAuthMode == "disabled"){ if h.cfg.TLSClientAuthMode == "disabled" {
// Client cert is _not_ required. // Client cert is _not_ required.
client_auth_mode = tls.NoClientCert clientAuthMode = tls.NoClientCert
}else if (h.cfg.TLSClientAuthMode == "relaxed"){ } else if h.cfg.TLSClientAuthMode == "relaxed" {
// Client cert required, but not verified. // Client cert required, but not verified.
client_auth_mode = tls.RequireAnyClientCert clientAuthMode = tls.RequireAnyClientCert
}else if (h.cfg.TLSClientAuthMode == "enforced"){ } else if h.cfg.TLSClientAuthMode == "enforced" {
// Client cert is required and verified. // Client cert is required and verified.
client_auth_mode = tls.RequireAndVerifyClientCert clientAuthMode = tls.RequireAndVerifyClientCert
}else{ } else {
return nil, errors.New( return nil, errors.New(
"Invalid tls_client_auth_mode provided: " + "Invalid tls_clientAuthMode provided: " +
h.cfg.TLSClientAuthMode) h.cfg.TLSClientAuthMode)
} }
log.Info().Msg(fmt.Sprintf( log.Info().Msg(fmt.Sprintf(
"Client authentication (mTLS) is \"%s\". See the docs to learn about configuring this setting.", "Client authentication (mTLS) is \"%s\". See the docs to learn about configuring this setting.",
h.cfg.TLSClientAuthMode)) h.cfg.TLSClientAuthMode))
tlsConfig := &tls.Config{ tlsConfig := &tls.Config{
ClientAuth: client_auth_mode, ClientAuth: clientAuthMode,
NextProtos: []string{"http/1.1"}, NextProtos: []string{"http/1.1"},
Certificates: make([]tls.Certificate, 1), Certificates: make([]tls.Certificate, 1),
MinVersion: tls.VersionTLS12, MinVersion: tls.VersionTLS12,

View file

@ -40,7 +40,7 @@ func LoadConfig(path string) error {
viper.SetDefault("tls_letsencrypt_cache_dir", "/var/www/.cache") viper.SetDefault("tls_letsencrypt_cache_dir", "/var/www/.cache")
viper.SetDefault("tls_letsencrypt_challenge_type", "HTTP-01") viper.SetDefault("tls_letsencrypt_challenge_type", "HTTP-01")
viper.SetDefault("tls_client_auth_mode", "disabled") viper.SetDefault("tls_client_auth_mode", "disabled")
viper.SetDefault("ip_prefix", "100.64.0.0/10") viper.SetDefault("ip_prefix", "100.64.0.0/10")
@ -82,10 +82,10 @@ func LoadConfig(path string) error {
errorText += "Fatal config error: server_url must start with https:// or http://\n" errorText += "Fatal config error: server_url must start with https:// or http://\n"
} }
auth_mode := viper.GetString("tls_client_auth_mode") clientAuthMode := viper.GetString("tls_client_auth_mode")
if (auth_mode != "disabled" && auth_mode != "relaxed" && auth_mode != "enforced"){ if clientAuthMode != "disabled" && clientAuthMode != "relaxed" && clientAuthMode != "enforced" {
errorText += "Invalid tls_client_auth_mode supplied. Accepted values: disabled, relaxed, enforced." errorText += "Invalid tls_client_auth_mode supplied. Accepted values: disabled, relaxed, enforced."
} }
if errorText != "" { if errorText != "" {
//nolint //nolint
@ -256,9 +256,9 @@ func getHeadscaleConfig() headscale.Config {
), ),
TLSLetsEncryptChallengeType: viper.GetString("tls_letsencrypt_challenge_type"), TLSLetsEncryptChallengeType: viper.GetString("tls_letsencrypt_challenge_type"),
TLSCertPath: absPath(viper.GetString("tls_cert_path")), TLSCertPath: absPath(viper.GetString("tls_cert_path")),
TLSKeyPath: absPath(viper.GetString("tls_key_path")), TLSKeyPath: absPath(viper.GetString("tls_key_path")),
TLSClientAuthMode: viper.GetString("tls_client_auth_mode"), TLSClientAuthMode: viper.GetString("tls_client_auth_mode"),
DNSConfig: dnsConfig, DNSConfig: dnsConfig,