diff --git a/.gitignore b/.gitignore index aecfe53..c15eeac 100644 --- a/.gitignore +++ b/.gitignore @@ -23,5 +23,7 @@ backup *.exe *.dll *.gz +cert-bouncer.json config.json bin/* +tmp/* diff --git a/example-config.json b/example-config.json new file mode 100644 index 0000000..418a1c0 --- /dev/null +++ b/example-config.json @@ -0,0 +1,12 @@ +{ + "Source": { + "PrivateKey": "./test/fakepriv.pem", + "PublicKey": "./test/fakepub.pem" + }, + "Target": { + "PrivateKey": "./tmp/privkey.pem", + "PublicKey": "./tmp/fullchain.pem", + "Owner": "zed:zed" + }, + "Reload": "systemctl reload ergo" +} diff --git a/go.mod b/go.mod index 313ec0f..8216412 100644 --- a/go.mod +++ b/go.mod @@ -1,3 +1,7 @@ module MY/cert-bouncer go 1.25.3 + +require github.com/fsnotify/fsnotify v1.9.0 + +require golang.org/x/sys v0.13.0 // indirect diff --git a/go.sum b/go.sum new file mode 100644 index 0000000..c1e3272 --- /dev/null +++ b/go.sum @@ -0,0 +1,4 @@ +github.com/fsnotify/fsnotify v1.9.0 h1:2Ml+OJNzbYCTzsxtv8vKSFD9PbJjmhYF14k/jKC7S9k= +github.com/fsnotify/fsnotify v1.9.0/go.mod h1:8jBTzvmWwFyi3Pb8djgCCO5IBqzKJ/Jwo8TRcHyHii0= +golang.org/x/sys v0.13.0 h1:Af8nKPmuFypiUBjVoU9V20FiaFXOcuZI21p0ycVYYGE= +golang.org/x/sys v0.13.0/go.mod h1:oPkhp1MJrh7nUepCBck5+mAzfO9JrbApNNgaTdGDITg= diff --git a/main.go b/main.go index 6aeee41..486a33d 100644 --- a/main.go +++ b/main.go @@ -1,9 +1,60 @@ package main import ( - "fmt" + "github.com/fsnotify/fsnotify" + "flag" + "log" + "os" + "encoding/json" ) +type Cert struct { + PrivateKey string + PublicKey string + Owner string +} + +type Config struct { + Source Cert + Target Cert + Reload string +} + +func LoadConfig(path string) Config { + var config Config + + config_data, err := os.ReadFile(path) + if err != nil { + log.Fatal("invalid config path %s: %v", path, err) + } + + err = json.Unmarshal(config_data, &config) + if err != nil { + log.Fatal(err, "json format error") + } + + return config +} + +func ParseOpts() Config { + var config_file string + + flag.StringVar(&config_file, "config", "cert-bouncer.json", ".json config to use.") + flag.Parse() + + return LoadConfig(config_file) +} + func main() { - fmt.Println("yay!"); + config := ParseOpts() + + watcher, err := fsnotify.NewWatcher() + if err != nil { + log.Fatal(err, "Can't watch files.") + } + + err = watcher.Add(config.Source.PrivateKey) + if err != nil { + log.Fatalf("can't watch %s: %v", err, config.Source.PrivateKey) + } } diff --git a/test/fakepriv.pem b/test/fakepriv.pem new file mode 100644 index 0000000..dda444a --- /dev/null +++ b/test/fakepriv.pem @@ -0,0 +1 @@ +This is fake. diff --git a/test/fakepub.key b/test/fakepub.key new file mode 100644 index 0000000..a08cd18 --- /dev/null +++ b/test/fakepub.key @@ -0,0 +1 @@ +This is fake too.