legobridge

package
v0.3.3 Latest Latest
Warning

This package is not in the latest version of its module.

Go to latest
Published: Aug 26, 2020 License: Apache-2.0, MIT Imports: 27 Imported by: 0

Documentation

Index

Constants

View Source
const (
	// KeyPrivateKey is the secret data key for the private key.
	KeyPrivateKey = "privateKey"
)
View Source
const TLSCAKey = "ca.crt"

TLSCAKey is the secret data key for the CA key.

Variables

This section is empty.

Functions

func CertificatesToSecretData

func CertificatesToSecretData(certificates *certificate.Resource) map[string][]byte

CertificatesToSecretData converts a certificate resource to secret data.

func DecodeCertificate

func DecodeCertificate(tlsCrt []byte) (*x509.Certificate, error)

DecodeCertificate decodes the crt byte array.

func DecodeCertificateFromSecretData

func DecodeCertificateFromSecretData(data map[string][]byte) (*x509.Certificate, error)

DecodeCertificateFromSecretData decodes the cert key from secret data to a x509 certificate.

func ExtractCommonNameAnDNSNames

func ExtractCommonNameAnDNSNames(csr []byte) (cn *string, san []string, err error)

ExtractCommonNameAnDNSNames extracts values from a CSR (Certificate Signing Request).

func SecretDataToCertificates

func SecretDataToCertificates(data map[string][]byte) *certificate.Resource

SecretDataToCertificates converts secret data to a certicate resource.

Types

type ConcurrentObtainError added in v0.2.10

type ConcurrentObtainError struct {
	// DomainName is the domain name concurrently requested
	DomainName string
}

ConcurrentObtainError is returned if Obtain should be postponed because of concurrent obtain request for at least one domain name.

func (*ConcurrentObtainError) Error added in v0.2.10

func (d *ConcurrentObtainError) Error() string

type DNSControllerSettings

type DNSControllerSettings struct {
	// Namespace to set for challenge DNSEntry
	Namespace string
	// OwnerID to set for challenge DNSEntry
	// +optional
	OwnerID *string
	// PrecheckNameservers for checking DNS propagation of DNS challenge TXT record
	PrecheckNameservers []string
	// AdditionalWait is the additional wait time after DNS propagation
	// to wait for "last mile" propagation to DNS server used by the ACME server
	AdditionalWait time.Duration
	// PropagationTimeout is the propagation timeout for the DNS challenge.
	PropagationTimeout time.Duration
}

DNSControllerSettings are the settings for the DNSController.

type ObtainInput

type ObtainInput struct {
	// User is the registration user.
	User *RegistrationUser
	// DNSCluster is the cluster to use for writing DNS entries for DNS challenges.
	DNSCluster resources.Cluster
	// DNSSettings are the settings for the DNSController.
	DNSSettings DNSControllerSettings
	// CaDirURL is the URL of the ACME CA directory.
	CaDirURL string
	// IssuerName is the name of the issuer to use.
	IssuerName string
	// CommonName is the CN.
	CommonName *string
	// DNSNames are optional domain names.
	DNSNames []string
	// CSR is the optional Certificate Signing Request.
	CSR []byte
	// Request name is the request object name.
	RequestName resources.ObjectName
	// TargetClass is the target class of the DNSEntry.
	TargetClass string
	// Callback is the callback function to return the ObtainOutput.
	Callback ObtainerCallback
	// RenewCert is the certificate to renew.
	RenewCert *certificate.Resource
}

ObtainInput contains all data needed to obtain a certificate.

type ObtainOutput

type ObtainOutput struct {
	// Certificates contains the certificates.
	Certificates *certificate.Resource
	// IssuerName is the name of the issuer.
	IssuerName string
	// CommonName is the copy from the input.
	CommonName *string
	// DNSNames are the copies from the input.
	DNSNames []string
	// CSR is the copy from the input.
	CSR []byte
	// Renew is the flag if this was a renew request.
	Renew bool
	// Err contains the obtain request error.
	Err error
}

ObtainOutput is the result of the certificate obtain request.

type Obtainer added in v0.2.10

type Obtainer interface {
	// Obtain starts the async obtain request.
	Obtain(input ObtainInput) error
}

Obtainer provides a Obtain method to start a certificate request

func NewObtainer added in v0.2.10

func NewObtainer() Obtainer

NewObtainer creates a new Obtainer

type ObtainerCallback

type ObtainerCallback func(output *ObtainOutput)

ObtainerCallback is callback function type

type PendingCertificateRequests

type PendingCertificateRequests struct {
	// contains filtered or unexported fields
}

PendingCertificateRequests contains the pending certificate requests.

func NewPendingRequests

func NewPendingRequests() *PendingCertificateRequests

NewPendingRequests creates a new PendingCertificateRequests

func (*PendingCertificateRequests) Add

Add adds a certificate object name.

func (*PendingCertificateRequests) Contains

Contains check if a certificate object name is pending.

func (*PendingCertificateRequests) Remove

Remove removes a certificate object name from the pending list.

type PendingResults

type PendingResults struct {
	// contains filtered or unexported fields
}

PendingResults caches the ObtainOutput results.

func NewPendingResults

func NewPendingResults() *PendingResults

NewPendingResults creates a new PendingResults.

func (*PendingResults) Add

func (pr *PendingResults) Add(name resources.ObjectName, result *ObtainOutput)

Add adds a object name / ObtainOutput pair.

func (*PendingResults) Peek added in v0.2.16

Peek fetches a pending result by object name.

func (*PendingResults) Remove

func (pr *PendingResults) Remove(name resources.ObjectName)

Remove removes a pending result by object name.

type ProviderWithCount

type ProviderWithCount interface {
	challenge.Provider
	GetChallengesCount() int
}

ProviderWithCount is an extended Provider interface.

type RegistrationUser

type RegistrationUser struct {
	Email        string
	Registration *registration.Resource
	// contains filtered or unexported fields
}

RegistrationUser contains the data of a registration user.

func NewRegistrationUserFromEmail

func NewRegistrationUserFromEmail(email string, caDirURL string, secretData map[string][]byte) (*RegistrationUser, error)

NewRegistrationUserFromEmail generates a private key and requests a new registration for the user.

func NewRegistrationUserFromEmailAndPrivateKey

func NewRegistrationUserFromEmailAndPrivateKey(email string, caDirURL string, privateKey crypto.PrivateKey) (*RegistrationUser, error)

NewRegistrationUserFromEmailAndPrivateKey requests a user registration.

func RegistrationUserFromSecretData

func RegistrationUserFromSecretData(email string, registrationRaw []byte, data map[string][]byte) (*RegistrationUser, error)

RegistrationUserFromSecretData restores a RegistrationUser from a secret data map.

func (*RegistrationUser) GetEmail

func (u *RegistrationUser) GetEmail() string

GetEmail returns the email of the registration user.

func (*RegistrationUser) GetPrivateKey

func (u *RegistrationUser) GetPrivateKey() crypto.PrivateKey

GetPrivateKey returns the private key of the registration user.

func (*RegistrationUser) GetRegistration

func (u *RegistrationUser) GetRegistration() *registration.Resource

GetRegistration returns the registration resource.

func (*RegistrationUser) NewConfig

func (u *RegistrationUser) NewConfig(caDirURL string) *lego.Config

NewConfig creates a new lego config.

func (*RegistrationUser) RawRegistration

func (u *RegistrationUser) RawRegistration() ([]byte, error)

RawRegistration returns the registration as a byte array.

func (*RegistrationUser) ToSecretData

func (u *RegistrationUser) ToSecretData() (map[string][]byte, error)

ToSecretData returns the registration user as a secret data map.

Jump to

Keyboard shortcuts

? : This menu
/ : Search site
f or F : Jump to
y or Y : Canonical URL