Go 1.9 and Iris v8, added possibility to bind to IP (#15)

.travis.yml

@@ -1,6 +1,6 @@
 language: go
 go:
-  - 1.8
+  - 1.9
 env:
   - "PATH=/home/travis/gopath/bin:$PATH"
 before_install:

README.md

@@ -107,7 +107,7 @@ Check out how in the INSTALL section.
 
 ## Installation
 
-1) Install [Go 1.8 or newer](https://golang.org/doc/install)
+1) Install [Go 1.9 or newer](https://golang.org/doc/install)
 
 2) Clone this repo: `git clone https://github.com/joohoi/acme-dns $GOPATH/src/acme-dns`
 

api.go

@@ -4,15 +4,15 @@ import (
 	"errors"
 	"fmt"
 
+	"github.com/kataras/iris"
 	log "github.com/sirupsen/logrus"
-	"gopkg.in/kataras/iris.v6"
 )
 
 // Serve is an authentication middlware function used to authenticate update requests
-func (a authMiddleware) Serve(ctx *iris.Context) {
+func (a authMiddleware) Serve(ctx iris.Context) {
 	allowUpdate := false
-	usernameStr := ctx.RequestHeader("X-Api-User")
-	password := ctx.RequestHeader("X-Api-Key")
+	usernameStr := ctx.GetHeader("X-Api-User")
+	password := ctx.GetHeader("X-Api-Key")
 	postData := ACMETxt{}
 
 	username, err := getValidUsername(usernameStr)
@@ -28,7 +28,7 @@ func (a authMiddleware) Serve(ctx *iris.Context) {
 
 				// Now test for the possibly limited ranges
 				if DNSConf.API.UseHeader {
-					ips := getIPListFromHeader(ctx.RequestHeader(DNSConf.API.HeaderName))
+					ips := getIPListFromHeader(ctx.GetHeader(DNSConf.API.HeaderName))
 					allowUpdate = au.allowedFromList(ips)
 				} else {
 					allowUpdate = au.allowedFrom(ctx.RemoteAddr())
@@ -43,7 +43,9 @@ func (a authMiddleware) Serve(ctx *iris.Context) {
 						}
 					} else {
 						// JSON error
-						ctx.JSON(iris.StatusBadRequest, iris.Map{"error": "bad data"})
+						log.WithFields(log.Fields{"error": err.Error()}).Warning("Failed reading POST data")
+						ctx.JSON(iris.Map{"error": "bad data"})
+						ctx.StatusCode(iris.StatusBadRequest)
 						return
 					}
 				}
@@ -53,10 +55,11 @@ func (a authMiddleware) Serve(ctx *iris.Context) {
 			}
 		}
 	}
-	ctx.JSON(iris.StatusUnauthorized, iris.Map{"error": "unauthorized"})
+	ctx.JSON(iris.Map{"error": "unauthorized"})
+	ctx.StatusCode(iris.StatusUnauthorized)
 }
 
-func webRegisterPost(ctx *iris.Context) {
+func webRegisterPost(ctx iris.Context) {
 	var regJSON iris.Map
 	var regStatus int
 	aTXT := ACMETxt{}
@@ -74,13 +77,14 @@ func webRegisterPost(ctx *iris.Context) {
 
 		log.WithFields(log.Fields{"user": nu.Username.String()}).Debug("Created new user")
 	}
-	ctx.JSON(regStatus, regJSON)
+	ctx.JSON(regJSON)
+	ctx.StatusCode(regStatus)
 }
 
-func webUpdatePost(ctx *iris.Context) {
+func webUpdatePost(ctx iris.Context) {
 	// User auth done in middleware
 	a := ACMETxt{}
-	userStr := ctx.RequestHeader("X-API-User")
+	userStr := ctx.GetHeader("X-API-User")
 	// Already checked in auth middlware
 	username, _ := getValidUsername(userStr)
 	// Already checked in auth middleware
@@ -94,7 +98,8 @@ func webUpdatePost(ctx *iris.Context) {
 			webUpdatePostError(ctx, errors.New("internal error"), iris.StatusInternalServerError)
 			return
 		}
-		ctx.JSON(iris.StatusOK, iris.Map{"txt": a.Value})
+		ctx.JSON(iris.Map{"txt": a.Value})
+		ctx.StatusCode(iris.StatusOK)
 	} else {
 		log.WithFields(log.Fields{"subdomain": a.Subdomain, "txt": a.Value}).Debug("Bad data for subdomain")
 		webUpdatePostError(ctx, errors.New("bad data"), iris.StatusBadRequest)
@@ -102,8 +107,9 @@ func webUpdatePost(ctx *iris.Context) {
 	}
 }
 
-func webUpdatePostError(ctx *iris.Context, err error, status int) {
+func webUpdatePostError(ctx iris.Context, err error, status int) {
 	errStr := fmt.Sprintf("%v", err)
 	updJSON := iris.Map{"error": errStr}
-	ctx.JSON(status, updJSON)
+	ctx.JSON(updJSON)
+	ctx.StatusCode(status)
 }

config.cfg

@@ -33,6 +33,10 @@ connection = "acme-dns.db"
 [api]
 # domain name to listen requests for, mandatory if using tls = "letsencrypt"
 api_domain = ""
+# email to use for account registration for Let's Encrypt, used only if tls = "letsencrypt"
+le_email = "admin@example.com"
+# listen ip eg. 127.0.0.1
+ip = "127.0.0.1"
 # listen port, eg. 443 for default HTTPS
 port = "8080"
 # possible values: "letsencrypt", "cert", "none"

main.go

@@ -5,10 +5,9 @@ package main
 import (
 	"os"
 
+	"github.com/iris-contrib/middleware/cors"
+	"github.com/kataras/iris"
 	log "github.com/sirupsen/logrus"
-	"gopkg.in/kataras/iris.v6"
-	"gopkg.in/kataras/iris.v6/adaptors/cors"
-	"gopkg.in/kataras/iris.v6/adaptors/httprouter"
 )
 
 func main() {
@@ -41,9 +40,8 @@ func main() {
 }
 
 func startHTTPAPI() {
-	api := iris.New(iris.Configuration{DisableBodyConsumptionOnUnmarshal: true})
-	api.Adapt(httprouter.New())
-	api.Adapt(cors.New(cors.Options{
+	api := iris.New()
+	api.Use(cors.New(cors.Options{
 		AllowedOrigins:     DNSConf.API.CorsOrigins,
 		AllowedMethods:     []string{"GET", "POST"},
 		OptionsPassthrough: false,
@@ -52,18 +50,14 @@ func startHTTPAPI() {
 	var ForceAuth = authMiddleware{}
 	api.Post("/register", webRegisterPost)
 	api.Post("/update", ForceAuth.Serve, webUpdatePost)
+
+	host := DNSConf.API.Domain + ":" + DNSConf.API.Port
 	switch DNSConf.API.TLS {
 	case "letsencrypt":
-		listener, err := iris.LETSENCRYPT("0.0.0.0", DNSConf.API.Domain)
-		err = api.Serve(listener)
-		if err != nil {
-			log.Errorf("Error in HTTP server [%v]", err)
-		}
+		api.Run(iris.AutoTLS(host, DNSConf.API.Domain, DNSConf.API.LEmail), iris.WithoutBodyConsumptionOnUnmarshal)
 	case "cert":
-		host := DNSConf.API.Domain + ":" + DNSConf.API.Port
-		api.ListenTLS(host, DNSConf.API.TLSCertFullchain, DNSConf.API.TLSCertPrivkey)
+		api.Run(iris.TLS(host, DNSConf.API.TLSCertFullchain, DNSConf.API.TLSCertPrivkey), iris.WithoutBodyConsumptionOnUnmarshal)
 	default:
-		host := DNSConf.API.Domain + ":" + DNSConf.API.Port
-		api.Listen(host)
+		api.Run(iris.Addr(host), iris.WithoutBodyConsumptionOnUnmarshal)
 	}
 }

types.go

@@ -51,6 +51,8 @@ type dbsettings struct {
 // API config
 type httpapi struct {
 	Domain           string `toml:"api_domain"`
+	LEmail           string `toml:"le_email"`
+	IP               string
 	Port             string
 	TLS              string
 	TLSCertPrivkey   string `toml:"tls_cert_privkey"`