mirror of
https://github.com/juanfont/headscale.git
synced 2024-12-26 06:05:52 -05:00
linting/formatting
This commit is contained in:
parent
5935b13b67
commit
c98a559b4d
44
app.go
44
app.go
@ -87,9 +87,9 @@ type Config struct {
|
||||
TLSLetsEncryptCacheDir string
|
||||
TLSLetsEncryptChallengeType string
|
||||
|
||||
TLSCertPath string
|
||||
TLSKeyPath string
|
||||
TLSClientAuthMode string
|
||||
TLSCertPath string
|
||||
TLSKeyPath string
|
||||
TLSClientAuthMode string
|
||||
|
||||
ACMEURL string
|
||||
ACMEEmail string
|
||||
@ -646,28 +646,28 @@ func (h *Headscale) getTLSSettings() (*tls.Config, error) {
|
||||
log.Warn().Msg("Listening with TLS but ServerURL does not start with https://")
|
||||
}
|
||||
|
||||
var client_auth_mode tls.ClientAuthType
|
||||
if(h.cfg.TLSClientAuthMode == "disabled"){
|
||||
// Client cert is _not_ required.
|
||||
client_auth_mode = tls.NoClientCert
|
||||
}else if (h.cfg.TLSClientAuthMode == "relaxed"){
|
||||
// Client cert required, but not verified.
|
||||
client_auth_mode = tls.RequireAnyClientCert
|
||||
}else if (h.cfg.TLSClientAuthMode == "enforced"){
|
||||
// Client cert is required and verified.
|
||||
client_auth_mode = tls.RequireAndVerifyClientCert
|
||||
}else{
|
||||
return nil, errors.New(
|
||||
"Invalid tls_client_auth_mode provided: " +
|
||||
h.cfg.TLSClientAuthMode)
|
||||
}
|
||||
var clientAuthMode tls.ClientAuthType
|
||||
if h.cfg.TLSClientAuthMode == "disabled" {
|
||||
// Client cert is _not_ required.
|
||||
clientAuthMode = tls.NoClientCert
|
||||
} else if h.cfg.TLSClientAuthMode == "relaxed" {
|
||||
// Client cert required, but not verified.
|
||||
clientAuthMode = tls.RequireAnyClientCert
|
||||
} else if h.cfg.TLSClientAuthMode == "enforced" {
|
||||
// Client cert is required and verified.
|
||||
clientAuthMode = tls.RequireAndVerifyClientCert
|
||||
} else {
|
||||
return nil, errors.New(
|
||||
"Invalid tls_clientAuthMode provided: " +
|
||||
h.cfg.TLSClientAuthMode)
|
||||
}
|
||||
|
||||
log.Info().Msg(fmt.Sprintf(
|
||||
"Client authentication (mTLS) is \"%s\". See the docs to learn about configuring this setting.",
|
||||
h.cfg.TLSClientAuthMode))
|
||||
log.Info().Msg(fmt.Sprintf(
|
||||
"Client authentication (mTLS) is \"%s\". See the docs to learn about configuring this setting.",
|
||||
h.cfg.TLSClientAuthMode))
|
||||
|
||||
tlsConfig := &tls.Config{
|
||||
ClientAuth: client_auth_mode,
|
||||
ClientAuth: clientAuthMode,
|
||||
NextProtos: []string{"http/1.1"},
|
||||
Certificates: make([]tls.Certificate, 1),
|
||||
MinVersion: tls.VersionTLS12,
|
||||
|
@ -40,7 +40,7 @@ func LoadConfig(path string) error {
|
||||
|
||||
viper.SetDefault("tls_letsencrypt_cache_dir", "/var/www/.cache")
|
||||
viper.SetDefault("tls_letsencrypt_challenge_type", "HTTP-01")
|
||||
viper.SetDefault("tls_client_auth_mode", "disabled")
|
||||
viper.SetDefault("tls_client_auth_mode", "disabled")
|
||||
|
||||
viper.SetDefault("ip_prefix", "100.64.0.0/10")
|
||||
|
||||
@ -82,10 +82,10 @@ func LoadConfig(path string) error {
|
||||
errorText += "Fatal config error: server_url must start with https:// or http://\n"
|
||||
}
|
||||
|
||||
auth_mode := viper.GetString("tls_client_auth_mode")
|
||||
if (auth_mode != "disabled" && auth_mode != "relaxed" && auth_mode != "enforced"){
|
||||
errorText += "Invalid tls_client_auth_mode supplied. Accepted values: disabled, relaxed, enforced."
|
||||
}
|
||||
clientAuthMode := viper.GetString("tls_client_auth_mode")
|
||||
if clientAuthMode != "disabled" && clientAuthMode != "relaxed" && clientAuthMode != "enforced" {
|
||||
errorText += "Invalid tls_client_auth_mode supplied. Accepted values: disabled, relaxed, enforced."
|
||||
}
|
||||
|
||||
if errorText != "" {
|
||||
//nolint
|
||||
@ -256,9 +256,9 @@ func getHeadscaleConfig() headscale.Config {
|
||||
),
|
||||
TLSLetsEncryptChallengeType: viper.GetString("tls_letsencrypt_challenge_type"),
|
||||
|
||||
TLSCertPath: absPath(viper.GetString("tls_cert_path")),
|
||||
TLSKeyPath: absPath(viper.GetString("tls_key_path")),
|
||||
TLSClientAuthMode: viper.GetString("tls_client_auth_mode"),
|
||||
TLSCertPath: absPath(viper.GetString("tls_cert_path")),
|
||||
TLSKeyPath: absPath(viper.GetString("tls_key_path")),
|
||||
TLSClientAuthMode: viper.GetString("tls_client_auth_mode"),
|
||||
|
||||
DNSConfig: dnsConfig,
|
||||
|
||||
|
Loading…
Reference in New Issue
Block a user