@@ -2,6 +2,7 @@ package main
22
33import (
44 "context"
5+ "slices"
56 "time"
67
78 "github.com/shellhub-io/shellhub/pkg/envs"
@@ -28,6 +29,13 @@ const (
2829 defaultTickerRenewCertificates = 24 * time .Hour
2930)
3031
32+ const (
33+ // SSLFeature indicates that SSL's feature is eanbled
34+ SSLFeature = "ssl"
35+ // TunnelsFeature indicates that Tunnels' feature is eanbled.
36+ TunnelsFeature = "feature"
37+ )
38+
3139// Gateway represents the main gateway service that orchestrates Nginx configuration
3240// management and SSL certificate provisioning.
3341type Gateway struct {
@@ -42,50 +50,57 @@ type Gateway struct {
4250 // Certbot handles SSL certificate provisioning and renewal through Let's Encrypt.
4351 // This field is nil when SSL is not enabled.
4452 Certbot * CertBot
53+
54+ // Features contains feature flags to gateway.
55+ Features []string
4556}
4657
4758// NewGateway creates a new Gateway instance with the provided configuration and controller.
4859// The Certbot component is initially set to nil and will be initialized only when
4960// SSL is explicitly enabled through EnableSSL().
50- func NewGateway (config * GatewayConfig , controller * NginxController ) * Gateway {
51- return & Gateway {
61+ func NewGateway (config * GatewayConfig , controller * NginxController , features [] string ) * Gateway {
62+ g := & Gateway {
5263 Config : config ,
5364 Controller : controller ,
5465 Certbot : nil ,
5566 }
56- }
5767
58- // EnableSSL initializes and configures SSL certificate management for the gateway.
59- // This method sets up Certbot with the gateway's domain configuration and establishes
60- // automatic certificate provisioning and renewal.
61- //
62- // The renewal callback is configured to reload Nginx when certificates are renewed,
63- // ensuring the server uses the latest certificates without manual intervention.
64- func (g * Gateway ) EnableSSL () {
65- g .Certbot = newCertBot (& Config {
66- RootDir : defaultCertBotRootDir ,
67- RenewedCallback : g .Controller .reload ,
68- })
69-
70- g .Certbot .Certificates = append (
71- g .Certbot .Certificates ,
72- NewDefaultCertificate (g .Config .Domain ),
73- )
74- }
68+ // NOTE: [SSLFeature] indicates that SSL's feature is eanbled, configuring SSL certificate management for the
69+ // gateway. It sets up Certbot with the gateway's domain configuration and establishes automatic certificate
70+ // provisioning and renewal. The renewal callback is configured to reload Nginx when certificates are
71+ // renewed, ensuring the server uses the latest certificates without manual intervention.
72+ if slices .Contains (features , SSLFeature ) {
73+ g .Certbot = newCertBot (& Config {
74+ RootDir : defaultCertBotRootDir ,
75+ RenewedCallback : g .Controller .reload ,
76+ })
77+
78+ g .Certbot .Certificates = append (
79+ g .Certbot .Certificates ,
80+ NewDefaultCertificate (g .Config .Domain ),
81+ )
82+ }
7583
76- func (g * Gateway ) EnableTunnels () {
77- if g .Config .TunnelsDomain == "" {
78- g .Config .TunnelsDomain = g .Config .Domain
84+ // NOTE: [TunnelsFeature] indicates that Tunnels' feature is enabled, configuring necessary values to work with
85+ // SSL's enabled.
86+ if slices .Contains (features , TunnelsFeature ) {
87+ if g .Certbot != nil {
88+ if g .Config .TunnelsDomain == "" {
89+ g .Config .TunnelsDomain = g .Config .Domain
90+ }
91+
92+ g .Certbot .Certificates = append (
93+ g .Certbot .Certificates ,
94+ NewTunnelsCertificate (
95+ g .Config .TunnelsDomain ,
96+ g .Config .TunnelsDNSProvider ,
97+ g .Config .TunnelsDNSProviderToken ,
98+ ),
99+ )
100+ }
79101 }
80102
81- g .Certbot .Certificates = append (
82- g .Certbot .Certificates ,
83- NewTunnelsCertificate (
84- g .Config .TunnelsDomain ,
85- g .Config .TunnelsDNSProvider ,
86- g .Config .TunnelsDNSProviderToken ,
87- ),
88- )
103+ return g
89104}
90105
91106// Watch enables live monitoring of Nginx configuration template files.
@@ -133,30 +148,35 @@ func main() {
133148 templatesDir : defaultNginxTemplateDir ,
134149 }
135150
136- gateway := NewGateway ( config , controller )
151+ features := [] string {}
137152
138- log .Info ("gateway created" )
153+ if config .EnableAutoSSL {
154+ log .WithFields (log.Fields {
155+ "provider" : config .TunnelsDNSProvider ,
156+ "token" : halfString (config .TunnelsDNSProviderToken ),
157+ }).Info ("auto ssl is enabled" )
139158
140- if envs . IsDevelopment () {
141- log . Info ( "gateway running in development mode" )
159+ features = append ( features , SSLFeature )
160+ }
142161
143- log .Info ("watch for nginx files is enabled" )
144- gateway .Watch ()
162+ if config .Tunnels {
163+ log .WithFields (log.Fields {
164+ "provider" : config .TunnelsDNSProvider ,
165+ "token" : halfString (config .TunnelsDNSProviderToken ),
166+ }).Info ("tunnels info" )
167+
168+ features = append (features , TunnelsFeature )
145169 }
146170
147- if config .EnableAutoSSL {
148- log .Info ("auto ssl is enabled" )
171+ gateway := NewGateway (config , controller , features )
149172
150- gateway . EnableSSL ( )
173+ log . Info ( "gateway created" )
151174
152- if config .Tunnels {
153- log .WithFields (log.Fields {
154- "provider" : config .TunnelsDNSProvider ,
155- "token" : halfString (config .TunnelsDNSProviderToken ),
156- }).Info ("tunnels info" )
175+ if envs .IsDevelopment () {
176+ log .Info ("gateway running in development mode" )
157177
158- gateway . EnableTunnels ( )
159- }
178+ log . Info ( "watch for nginx files is enabled" )
179+ gateway . Watch ()
160180 }
161181
162182 log .Info ("gateway started" )
0 commit comments