IntenseWebs/boringproxy
3
0
Fork 0
mirror of https://github.com/boringproxy/boringproxy.git synced 2025-02-25 18:55:29 -06:00
Code Issues Packages Projects Releases Wiki Activity

accept-ca-terms

Browse Source
This commit is contained in:
Willem@105.pve1.lan 2022-02-23 12:33:36 +02:00
parent d90342bd60
commit 58a2727f84
4 changed files with 16 additions and 5 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

2
Dockerfile
View File

@ -17,7 +17,6 @@ RUN if [[ "ORIGIN" == 'remote' ]] ; then git clone --depth 1 --branch "${BRANCH}
COPY go.* ./ COPY go.* ./
RUN go mod download RUN go mod download
COPY . . COPY . .
RUN export VERSION='2'
RUN cd cmd/boringproxy && CGO_ENABLED=0 GOOS=${GOOS} GOARCH=${GOARCH} \ RUN cd cmd/boringproxy && CGO_ENABLED=0 GOOS=${GOOS} GOARCH=${GOARCH} \
go build -ldflags "-X main.Version=${VERSION}" \ go build -ldflags "-X main.Version=${VERSION}" \
@ -25,6 +24,7 @@ RUN cd cmd/boringproxy && CGO_ENABLED=0 GOOS=${GOOS} GOARCH=${GOARCH} \
FROM scratch FROM scratch
EXPOSE 80 443 EXPOSE 80 443
WORKDIR /storage
COPY --from=builder /build/cmd/boringproxy/boringproxy / COPY --from=builder /build/cmd/boringproxy/boringproxy /

6
boringproxy.go
View File

@ -56,6 +56,7 @@ func Listen() {
behindProxy := flagSet.Bool("behind-proxy", false, "Whether we're running behind another reverse proxy") behindProxy := flagSet.Bool("behind-proxy", false, "Whether we're running behind another reverse proxy")
acmeEmail := flagSet.String("acme-email", "", "Email for ACME (ie Let's Encrypt)") acmeEmail := flagSet.String("acme-email", "", "Email for ACME (ie Let's Encrypt)")
acmeUseStaging := flagSet.Bool("acme-use-staging", false, "Use ACME (ie Let's Encrypt) staging servers") acmeUseStaging := flagSet.Bool("acme-use-staging", false, "Use ACME (ie Let's Encrypt) staging servers")
acceptCATerms := flagSet.Bool("accept-ca-terms", false, "Automatically accept CA terms")
err := flagSet.Parse(os.Args[2:]) err := flagSet.Parse(os.Args[2:])
if err != nil { if err != nil {
fmt.Fprintf(os.Stderr, "%s: parsing flags: %s\n", os.Args[0], err) fmt.Fprintf(os.Stderr, "%s: parsing flags: %s\n", os.Args[0], err)
@ -107,6 +108,11 @@ func Listen() {
certmagic.DefaultACME.Email = *acmeEmail certmagic.DefaultACME.Email = *acmeEmail
} }
if *acceptCATerms {
certmagic.DefaultACME.Agreed = true
log.Print(fmt.Sprintf("Automatic agreement to CA terms with email (%s)", *acmeEmail))
}
if *acmeUseStaging { if *acmeUseStaging {
certmagic.DefaultACME.CA = certmagic.LetsEncryptStagingCA certmagic.DefaultACME.CA = certmagic.LetsEncryptStagingCA
} }

3
docker/server/README.md
View File

@ -4,6 +4,9 @@
Edit docker-compose.yml and change the following under **commands** for service **boringproxy** Edit docker-compose.yml and change the following under **commands** for service **boringproxy**
- bp.example.com: your admin domain - bp.example.com: your admin domain
- your-email-address: the email address to register with Let's Encrypt
***Since the -accept-ca-terms flag is set in the compose file, this will automatically accept terms and conditions of Let's Encrypt.***
## Build image from source and run server in docker ## Build image from source and run server in docker
You can build the image from source. This requires that you clone the GitHub repo and start docker using the compose command below: You can build the image from source. This requires that you clone the GitHub repo and start docker using the compose command below:

10
docker/server/docker-compose.yml
View File

@ -7,11 +7,13 @@ services:
- "80:80" - "80:80"
- "443:443" - "443:443"
volumes: volumes:
- data:/opt/boringproxy/ - storage:/storage/
command: ["server", "-admin-domain", "bp.example.com", "-cert-dir", "/certmagic"] - ssh://.ssh
- /etc/ssl/certs/:/etc/ssl/certs/:ro
command: ["server", "-admin-domain", "bp.example.com", "-acme-email", "your-email-address", "-accept-ca-terms", "-cert-dir", "/storage/certmagic", "-print-login"]
environment: environment:
USER: "root" USER: "root"
volumes: volumes:
data: storage:
certmagic: ssh: