github.com/Tyktechnologies/tyk@v2.9.5+incompatible/gateway/le_helpers.go (about) 1 package gateway 2 3 import ( 4 "encoding/json" 5 6 "rsc.io/letsencrypt" 7 8 "github.com/sirupsen/logrus" 9 10 "github.com/TykTechnologies/tyk/config" 11 "github.com/TykTechnologies/tyk/storage" 12 ) 13 14 const LEKeyPrefix = "le_ssl:" 15 16 func StoreLEState(m *letsencrypt.Manager) { 17 log.Debug("Storing SSL backup") 18 19 log.Debug("[SSL] --> Connecting to DB") 20 21 store := storage.RedisCluster{KeyPrefix: LEKeyPrefix} 22 connected := store.Connect() 23 24 log.Debug("--> Connected to DB") 25 26 if !connected { 27 log.Error("[SSL] --> SSL Backup save failed: redis connection failed") 28 return 29 } 30 31 state := m.Marshal() 32 secret := rightPad2Len(config.Global().Secret, "=", 32) 33 cryptoText := encrypt([]byte(secret), state) 34 35 if err := store.SetKey("cache", cryptoText, -1); err != nil { 36 log.Error("[SSL] --> Failed to store SSL backup: ", err) 37 return 38 } 39 } 40 41 func GetLEState(m *letsencrypt.Manager) { 42 checkKey := "cache" 43 44 store := storage.RedisCluster{KeyPrefix: LEKeyPrefix} 45 46 connected := store.Connect() 47 log.Debug("[SSL] --> Connected to DB") 48 49 if !connected { 50 log.Error("[SSL] --> SSL Backup recovery failed: redis connection failed") 51 return 52 } 53 54 cryptoText, err := store.GetKey(checkKey) 55 if err != nil { 56 log.Warning("[SSL] --> No SSL backup: ", err) 57 return 58 } 59 60 secret := rightPad2Len(config.Global().Secret, "=", 32) 61 sslState := decrypt([]byte(secret), cryptoText) 62 63 m.Unmarshal(sslState) 64 } 65 66 type LE_ServerInfo struct { 67 HostName string 68 ID string 69 } 70 71 func onLESSLStatusReceivedHandler(payload string) { 72 serverData := LE_ServerInfo{} 73 if err := json.Unmarshal([]byte(payload), &serverData); err != nil { 74 log.WithFields(logrus.Fields{ 75 "prefix": "pub-sub", 76 }).Error("Failed unmarshal server data: ", err) 77 return 78 } 79 80 log.Debug("Received LE data: ", serverData) 81 82 // not great 83 if serverData.ID != GetNodeID() { 84 log.Info("Received Redis LE change notification!") 85 GetLEState(&LE_MANAGER) 86 } 87 88 log.Info("Received Redis LE change notification from myself, ignoring") 89 90 } 91 92 func StartPeriodicStateBackup(m *letsencrypt.Manager) { 93 for range m.Watch() { 94 // First run will call a cache save that overwrites with null data 95 if LE_FIRSTRUN { 96 log.Info("[SSL] State change detected, storing") 97 StoreLEState(m) 98 } 99 100 LE_FIRSTRUN = true 101 } 102 }