@@ -4,21 +4,113 @@ import (
44 "context"
55 "time"
66
7+ "github.com/shellhub-io/shellhub/pkg/envs"
78 "github.com/shellhub-io/shellhub/pkg/loglevel"
89 log "github.com/sirupsen/logrus"
910)
1011
1112const (
1213 // defaultNginxRootDir is the default base directory for Nginx configuration files.
14+ // This directory typically contains the main nginx.conf and site configuration files.
1315 defaultNginxRootDir = "/etc/nginx"
16+
1417 // defaultNginxTemplateDir is the default directory where Nginx template files are stored.
18+ // Template files are used to generate dynamic Nginx configurations based on runtime settings.
1519 defaultNginxTemplateDir = "/templates"
20+
1621 // defaultCertBotRootDir is the default directory where Certbot keeps
1722 // generated certificates, keys, and related assets.
18- defaultCertBotRootDir = "/etc/letsencrypt"
23+ // This follows the standard Let's Encrypt directory structure.
24+ defaultCertBotRootDir = "/etc/letsencrypt"
25+
26+ // defaultTickerRenewCertificates defines the interval for automatic certificate renewal checks.
27+ // Certificates are checked for renewal every 24 hours to ensure they remain valid.
1928 defaultTickerRenewCertificates = 24 * time .Hour
2029)
2130
31+ // Gateway represents the main gateway service that orchestrates Nginx configuration
32+ // management and SSL certificate provisioning.
33+ type Gateway struct {
34+ // Config holds the gateway's configuration settings including domain,
35+ // environment, and SSL settings.
36+ Config * GatewayConfig
37+
38+ // Controller manages Nginx configuration generation, template processing,
39+ // and server lifecycle operations.
40+ Controller * NginxController
41+
42+ // Certbot handles SSL certificate provisioning and renewal through Let's Encrypt.
43+ // This field is nil when SSL is not enabled.
44+ Certbot * CertBot
45+ }
46+
47+ // NewGateway creates a new Gateway instance with the provided configuration and controller.
48+ // The Certbot component is initially set to nil and will be initialized only when
49+ // SSL is explicitly enabled through EnableSSL().
50+ func NewGateway (config * GatewayConfig , controller * NginxController ) * Gateway {
51+ return & Gateway {
52+ Config : config ,
53+ Controller : controller ,
54+ Certbot : nil ,
55+ }
56+ }
57+
58+ // EnableSSL initializes and configures SSL certificate management for the gateway.
59+ // This method sets up Certbot with the gateway's domain configuration and establishes
60+ // automatic certificate provisioning and renewal.
61+ //
62+ // The renewal callback is configured to reload Nginx when certificates are renewed,
63+ // ensuring the server uses the latest certificates without manual intervention.
64+ func (g * Gateway ) EnableSSL () {
65+ g .Certbot = newCertBot (& Config {
66+ Domain : g .Config .Domain ,
67+ RootDir : defaultCertBotRootDir ,
68+ RenewedCallback : g .Controller .reload ,
69+ Tunnels : nil ,
70+ })
71+
72+ g .Certbot .ensureCertificates ()
73+ g .Certbot .executeRenewCertificates ()
74+ }
75+
76+ func (g * Gateway ) EnableTunnels () {
77+ domain := g .Config .Domain
78+
79+ if g .Config .TunnelsDomain != "" {
80+ domain = g .Config .TunnelsDomain
81+ }
82+
83+ g .Certbot .Config .Tunnels = & Tunnels {
84+ Domain : domain ,
85+ Provider : g .Config .TunnelsDNSProvider ,
86+ Token : g .Config .TunnelsDNSProviderToken ,
87+ }
88+ }
89+
90+ // Watch enables live monitoring of Nginx configuration template files.
91+ //
92+ // This method is typically used in development environments to automatically
93+ // detect and apply configuration changes without requiring service restarts.
94+ //
95+ // The watching mechanism monitors the template directory for file changes
96+ // and triggers configuration regeneration when modifications are detected.
97+ func (g * Gateway ) Watch () {
98+ go g .Controller .watchConfigTemplates ()
99+ }
100+
101+ // Start begins the gateway service with the provided context.
102+ // This method initializes all configured components and starts the main service loop.
103+ func (g * Gateway ) Start (ctx context.Context ) {
104+ log .Debug ("start was called" )
105+
106+ if g .Certbot != nil {
107+ go g .Certbot .renewCertificates (ctx , defaultTickerRenewCertificates )
108+ }
109+
110+ g .Controller .generateConfigs ()
111+ g .Controller .start ()
112+ }
113+
22114func main () {
23115 loglevel .UseEnvs ()
24116
@@ -31,63 +123,38 @@ func main() {
31123
32124 log .WithField ("config" , config ).Info ("configuration loaded" )
33125
34- nginxController := & NginxController {
126+ controller := & NginxController {
35127 gatewayConfig : config ,
36128 rootDir : defaultNginxRootDir ,
37129 templatesDir : defaultNginxTemplateDir ,
38130 }
39131
40- if config .Env != "development" && config .EnableAutoSSL {
41- log .Info ("auto ssl enabled" )
132+ gateway := NewGateway (config , controller )
42133
43- certBot := newCertBot (& Config {
44- Domain : config .Domain ,
45- RootDir : defaultCertBotRootDir ,
46- RenewedCallback : nginxController .reload ,
47- })
134+ log .Info ("gateway created" )
48135
49- if config .Tunnels {
50- log .Info ("tunnels enabled" )
136+ if envs .IsDevelopment () {
137+ log .Info ("gateway running in development mode" )
138+
139+ log .Info ("watch for nginx files is enabled" )
140+ gateway .Watch ()
141+ }
51142
52- domain := config .Domain
143+ if config .EnableAutoSSL {
144+ log .Info ("auto ssl is enabled" )
53145
54- if config .TunnelsDomain != "" {
55- domain = config .TunnelsDomain
56- }
146+ gateway .EnableSSL ()
57147
148+ if config .Tunnels {
58149 log .WithFields (log.Fields {
59- "domain" : domain ,
60150 "provider" : config .TunnelsDNSProvider ,
61151 "token" : halfString (config .TunnelsDNSProviderToken ),
62152 }).Info ("tunnels info" )
63153
64- certBot .Config .Tunnels = & Tunnels {
65- Domain : domain ,
66- Provider : config .TunnelsDNSProvider ,
67- Token : config .TunnelsDNSProviderToken ,
68- }
154+ gateway .EnableTunnels ()
69155 }
70-
71- certBot .ensureCertificates ()
72- log .Info ("certificates ensured" )
73-
74- certBot .executeRenewCertificates ()
75- log .Info ("renew executed" )
76-
77- go certBot .renewCertificates (ctx , defaultTickerRenewCertificates )
78156 }
79157
80- if config .Env == "development" {
81- log .Info ("shellhub environment is developer" )
82-
83- go nginxController .watchConfigTemplates ()
84- }
85-
86- log .Info ("generating configurations" )
87-
88- nginxController .generateConfigs ()
89- log .Info ("configuration generated" )
90-
91- log .Info ("nginx controller running" )
92- nginxController .start ()
158+ log .Info ("gateway started" )
159+ gateway .Start (ctx )
93160}
0 commit comments