Added a test mode without cert for external web server

2021-09-15 16:56:24 +02:00 · 2021-09-15 16:56:24 +02:00 · bfd895112d
commit bfd895112d
parent b4f6f15055
3 changed files with 28 additions and 12 deletions
--- a/hal-core/src/se/hal/HalContext.java
+++ b/hal-core/src/se/hal/HalContext.java
@ -24,7 +24,7 @@ public class HalContext {
    public static final String CONFIG_HTTP_PORT = "hal_core.http_port";
    public static final String CONFIG_HTTP_EXTERNAL_PORT = "hal_core.http_external_port";
    public static final String CONFIG_HTTP_EXTERNAL_DOMAIN = "hal_core.http_external_domain";
-    public static final String CONFIG_HTTP_EXTERNAL_ACME_TYPE = "hal_core.http_external_acme_type";
+    public static final String CONFIG_HTTP_EXTERNAL_CERT = "hal_core.http_external_cert";
    public static final String CONFIG_MAP_BACKGROUND_IMAGE = "hal_core.map_bgimage";

    public static final String RESOURCE_ROOT;
--- a/hal-core/src/se/hal/daemon/HalExternalWebDaemon.java
+++ b/hal-core/src/se/hal/daemon/HalExternalWebDaemon.java
@ -2,7 +2,6 @@ package se.hal.daemon;

 import org.shredzone.acme4j.exception.AcmeException;
 import se.hal.HalContext;
-import se.hal.HalServer;
 import se.hal.intf.HalDaemon;
 import se.hal.intf.HalWebPage;
 import se.hal.util.HalAcmeDataStore;
@ -83,24 +82,32 @@ public class HalExternalWebDaemon implements HalDaemon {
            // Prepare ACME Client
            AcmeClient acme;
            HttpServer tmpHttpServer = null;
+            String acmeType = HalContext.getStringProperty(HalContext.CONFIG_HTTP_EXTERNAL_CERT, "acme_http");

-            if ("dns".equals(HalContext.getStringProperty(HalContext.CONFIG_HTTP_EXTERNAL_ACME_TYPE, ""))) {
-                acme = new AcmeClient(acmeDataStore, new AcmeManualDnsChallengeFactory());
-            } else if ("http".equals(HalContext.getStringProperty(HalContext.CONFIG_HTTP_EXTERNAL_ACME_TYPE, "http"))) {
+            if ("acme_http".equals(acmeType)) {
                tmpHttpServer = new HttpServer(80);
                tmpHttpServer.start();

                acme = new AcmeClient(acmeDataStore, new AcmeHttpChallengeFactory(tmpHttpServer), AcmeClient.ACME_SERVER_LETSENCRYPT_STAGING);
+            } else if ("none".equals(acmeType)) {
+                acme = null;
+            } else if ("acme_dns".equals(acmeType)) {
+                acme = new AcmeClient(acmeDataStore, new AcmeManualDnsChallengeFactory());
            } else {
                throw new IllegalArgumentException("Unknown config value for " + externalServerUrl);
            }

            // Request certificate and start the external webserver

-            acme.addDomain(HalContext.getStringProperty(CONFIG_HTTP_EXTERNAL_DOMAIN));
-            acme.prepareRequest();
-            certificate = acme.requestCertificate();
-            acmeDataStore.storeCertificate(certificate);
+            if (acme != null) {
+                acme.addDomain(HalContext.getStringProperty(CONFIG_HTTP_EXTERNAL_DOMAIN));
+                acme.prepareRequest();
+                certificate = acme.requestCertificate();
+                acmeDataStore.storeCertificate(certificate);
+            } else {
+                logger.warning("No SSL certificate is configured for external HTTP Server.");
+                certificate = null;
+            }

            // Cleanup
            if (tmpHttpServer != null) {
@ -110,7 +117,16 @@ public class HalExternalWebDaemon implements HalDaemon {
    }

    private void startHttpServer() throws GeneralSecurityException, IOException {
-        httpExternal = new HttpServer(HalContext.getIntegerProperty(CONFIG_HTTP_EXTERNAL_PORT), acmeDataStore.getDomainKeyPair().getPrivate(), certificate);
+        // Shutdown old server
+        if (httpExternal != null)
+            httpExternal.close();
+
+        // Start new Server
+
+        if (certificate != null)
+            httpExternal = new HttpServer(HalContext.getIntegerProperty(CONFIG_HTTP_EXTERNAL_PORT), acmeDataStore.getDomainKeyPair().getPrivate(), certificate);
+        else
+            httpExternal = new HttpServer(HalContext.getIntegerProperty(CONFIG_HTTP_EXTERNAL_PORT));

        for (String url : pageMap.keySet()) {
            httpExternal.setPage(url, pageMap.get(url));
--- a/hal.conf.example
+++ b/hal.conf.example
@ -8,8 +8,8 @@ hal_core.http_port=8080
 # to letsencrypt to work port 80 needs to be opened temporarily during the certificate generation process
 # make sure the firewall forwarding rules are setup for this process to work.
 # In the future DNS authentication will also be available so no port forwarding will be necessary.
-hal_core.http_acme_type=http|dns
-hal_core.http_external_port=8081
+#hal_core.http_external_cert=acme_http|acme_dns|none
+#hal_core.http_external_port=8081
 #hal_core.http_external_domain=example.com

 # ------------------------------------------------------------------------