Move remote termination behind flag

Probably don't want to add the ability to remotely shutdown the proxy to
be accessible unless desired and in a safe environment, so moving behind
a flag.

Also updated the README with latest usage.

See Issue #77

Author: amcintosh

CONTRIBUTORS.md

@@ -24,4 +24,5 @@ https://github.com/diranged
 https://github.com/em0ney
 https://github.com/zqben402
 https://github.com/dlackty
+https://github.com/amcintosh
 

README.md

@@ -124,6 +124,10 @@ For a full list of available options, use `-h`:
 ```sh
 ./aws-es-proxy -h
 Usage of ./aws-es-proxy:
+  -auth
+        Require HTTP Basic Auth
+  -debug
+        Print debug messages
   -endpoint string
         Amazon ElasticSearch Endpoint (e.g: https://dummy-host.eu-west-1.es.amazonaws.com)
   -listen string
@@ -132,10 +136,22 @@ Usage of ./aws-es-proxy:
         Log user requests and ElasticSearch responses to files
   -no-sign-reqs
         Disable AWS Signature v4
+  -password string
+        HTTP Basic Auth Password
   -pretty
         Prettify verbose and file output
+  -realm string
+        Authentication Required
+  -remote-terminate
+        Allow HTTP remote termination
+  -timeout int
+        Set a request timeout to ES. Specify in seconds, defaults to 15 (default 15)
+  -username string
+        HTTP Basic Auth Username
   -verbose
         Print user requests
+  -version
+        Print aws-es-proxy version
 ```
 
 

aws-es-proxy.go

@@ -69,23 +69,24 @@ type responseStruct struct {
 }
 
 type proxy struct {
-	scheme       string
-	host         string
-	region       string
-	service      string
-	endpoint     string
-	verbose      bool
-	prettify     bool
-	logtofile    bool
-	nosignreq    bool
-	fileRequest  *os.File
-	fileResponse *os.File
-	credentials  *credentials.Credentials
-	httpClient   *http.Client
-	auth         bool
-	username     string
-	password     string
-	realm        string
+	scheme          string
+	host            string
+	region          string
+	service         string
+	endpoint        string
+	verbose         bool
+	prettify        bool
+	logtofile       bool
+	nosignreq       bool
+	fileRequest     *os.File
+	fileResponse    *os.File
+	credentials     *credentials.Credentials
+	httpClient      *http.Client
+	auth            bool
+	username        string
+	password        string
+	realm           string
+	remoteTerminate bool
 }
 
 func newProxy(args ...interface{}) *proxy {
@@ -100,16 +101,17 @@ func newProxy(args ...interface{}) *proxy {
 	}
 
 	return &proxy{
-		endpoint:   args[0].(string),
-		verbose:    args[1].(bool),
-		prettify:   args[2].(bool),
-		logtofile:  args[3].(bool),
-		nosignreq:  args[4].(bool),
-		httpClient: &client,
-		auth:       args[6].(bool),
-		username:   args[7].(string),
-		password:   args[8].(string),
-		realm:      args[9].(string),
+		endpoint:        args[0].(string),
+		verbose:         args[1].(bool),
+		prettify:        args[2].(bool),
+		logtofile:       args[3].(bool),
+		nosignreq:       args[4].(bool),
+		httpClient:      &client,
+		auth:            args[6].(bool),
+		username:        args[7].(string),
+		password:        args[8].(string),
+		realm:           args[9].(string),
+		remoteTerminate: args[10].(bool),
 	}
 }
 
@@ -210,7 +212,7 @@ func (p *proxy) getSigner() *v4.Signer {
 }
 
 func (p *proxy) ServeHTTP(w http.ResponseWriter, r *http.Request) {
-	if r.URL.Path == "/terminate-proxy" && r.Method == http.MethodPost {
+	if p.remoteTerminate && r.URL.Path == "/terminate-proxy" && r.Method == http.MethodPost {
 		logrus.Infoln("Terminate Signal")
 		os.Exit(0)
 	}
@@ -424,22 +426,23 @@ func copyHeaders(dst, src http.Header) {
 func main() {
 
 	var (
-		debug         bool
-		auth          bool
-		username      string
-		password      string
-		realm         string
-		verbose       bool
-		prettify      bool
-		logtofile     bool
-		nosignreq     bool
-		ver           bool
-		endpoint      string
-		listenAddress string
-		fileRequest   *os.File
-		fileResponse  *os.File
-		err           error
-		timeout       int
+		debug           bool
+		auth            bool
+		username        string
+		password        string
+		realm           string
+		verbose         bool
+		prettify        bool
+		logtofile       bool
+		nosignreq       bool
+		ver             bool
+		endpoint        string
+		listenAddress   string
+		fileRequest     *os.File
+		fileResponse    *os.File
+		err             error
+		timeout         int
+		remoteTerminate bool
 	)
 
 	flag.StringVar(&endpoint, "endpoint", "", "Amazon ElasticSearch Endpoint (e.g: https://dummy-host.eu-west-1.es.amazonaws.com)")
@@ -455,6 +458,7 @@ func main() {
 	flag.StringVar(&username, "username", "", "HTTP Basic Auth Username")
 	flag.StringVar(&password, "password", "", "HTTP Basic Auth Password")
 	flag.StringVar(&realm, "realm", "", "Authentication Required")
+	flag.BoolVar(&remoteTerminate, "remote-terminate", false, "Allow HTTP remote termination")
 	flag.Parse()
 
 	if endpoint == "" {
@@ -500,6 +504,7 @@ func main() {
 		username,
 		password,
 		realm,
+		remoteTerminate,
 	)
 
 	if err = p.parseEndpoint(); err != nil {