@@ -20,6 +20,7 @@ import (
2020 "bytes"
2121 "context"
2222 "encoding/json"
23+ "errors"
2324 "fmt"
2425 "io"
2526 "log"
@@ -37,7 +38,6 @@ import (
3738 "github.com/cloudflare/cloudflare-go"
3839 "github.com/go-chi/chi/v5"
3940 "github.com/go-chi/chi/v5/middleware"
40- "github.com/pkg/errors"
4141 "github.com/prometheus/client_golang/prometheus"
4242 "github.com/prometheus/client_golang/prometheus/promhttp"
4343 "github.com/spf13/cobra"
@@ -77,6 +77,8 @@ func NewCmdRun(ctx context.Context) *cobra.Command {
7777 metricsAddr = ":8080"
7878 apiServerAddress = ""
7979 debug = false
80+ tlsCrt string
81+ tlsKey string
8082 )
8183 cmd := & cobra.Command {
8284 Use : "run" ,
@@ -86,18 +88,20 @@ func NewCmdRun(ctx context.Context) *cobra.Command {
8688 RunE : func (cmd * cobra.Command , args []string ) error {
8789 klog .Infof ("Starting binary version %s+%s ..." , v .Version .Version , v .Version .CommitHash )
8890
89- return run (ctx , addr , metricsAddr , apiServerAddress , debug )
91+ return run (ctx , addr , metricsAddr , apiServerAddress , tlsCrt , tlsKey , debug )
9092 },
9193 }
9294 cmd .Flags ().StringVar (& addr , "listen" , addr , "Listen address." )
9395 cmd .Flags ().StringVar (& metricsAddr , "metrics-addr" , metricsAddr , "The address the metric endpoint binds to." )
9496 cmd .Flags ().StringVar (& apiServerAddress , "api-server-addr" , apiServerAddress , "The API server address" )
9597 cmd .Flags ().BoolVar (& debug , "debug" , debug , "If true, dumps proxied request and responses" )
98+ cmd .Flags ().StringVar (& tlsCrt , "tls-cert" , tlsCrt , "Path to tls cert" )
99+ cmd .Flags ().StringVar (& tlsKey , "tls-key" , tlsKey , "Path to tls key" )
96100
97101 return cmd
98102}
99103
100- func run (ctx context.Context , addr , metricsAddr , apiServerAddress string , debug bool ) error {
104+ func run (ctx context.Context , addr , metricsAddr , apiServerAddress , tlsCrt , tlsKey string , debug bool ) error {
101105 c , err := cloudflare .NewWithAPIToken (os .Getenv ("CLOUDFLARE_API_TOKEN" ))
102106 if err != nil {
103107 return err
@@ -139,9 +143,17 @@ func run(ctx context.Context, addr, metricsAddr, apiServerAddress string, debug
139143 Handler : router ,
140144 }
141145 go func () {
142- log .Printf ("API server listening at http://%s" , addr )
143- if err := srv .ListenAndServe (); err != http .ErrServerClosed {
144- klog .ErrorS (err , "HTTP server ListenAndServe failed" )
146+ if tlsCrt != "" && tlsKey != "" {
147+ klog .Infof ("Starting HTTPS server on %s" , addr )
148+ err := srv .ListenAndServeTLS (tlsCrt , tlsKey )
149+ if err != nil {
150+ klog .ErrorS (err , "HTTP server ListenAndServe failed" )
151+ }
152+ } else {
153+ log .Printf ("Starting HTTP server on %s" , addr )
154+ if err := srv .ListenAndServe (); ! errors .Is (err , http .ErrServerClosed ) {
155+ klog .ErrorS (err , "HTTP server ListenAndServe failed" )
156+ }
145157 }
146158 }()
147159
@@ -228,7 +240,7 @@ func (rt cloudflareTransport) check(req *http.Request) (*client.InstallerMetadat
228240 if req .Method != http .MethodGet &&
229241 req .Method != http .MethodPost &&
230242 req .Method != http .MethodDelete {
231- return nil , errors .Errorf ("unsupported HTTP Method %s" , req .Method )
243+ return nil , fmt .Errorf ("unsupported HTTP Method %s" , req .Method )
232244 }
233245
234246 meta , err := client .GetInstallerMetadata (rt .authEndpoint , req .Header .Get ("Authorization" ))
@@ -270,7 +282,7 @@ func (rt cloudflareTransport) check(req *http.Request) (*client.InstallerMetadat
270282 ok := record .Name == meta .HostedDomain || strings .HasSuffix (record .Name , "." + meta .HostedDomain )
271283 if ! ok {
272284 fmt .Printf ("authorized to modify record for domain %s but modifying %s\n " , meta .HostedDomain , record .Name )
273- return nil , errors .Errorf ("authorized to modify record for domain %s but modifying %s" , meta .HostedDomain , record .Name )
285+ return nil , fmt .Errorf ("authorized to modify record for domain %s but modifying %s" , meta .HostedDomain , record .Name )
274286 }
275287 }
276288 }
0 commit comments