diff options
Diffstat (limited to 'src')
| -rw-r--r-- | src/error.rs | 15 | ||||
| -rw-r--r-- | src/lib.rs | 2 | ||||
| -rw-r--r-- | src/main.rs | 63 |
3 files changed, 78 insertions, 2 deletions
diff --git a/src/error.rs b/src/error.rs new file mode 100644 index 0000000..38e123f --- /dev/null +++ b/src/error.rs @@ -0,0 +1,15 @@ +use std::io; + +use thiserror::Error; + +#[derive(Debug, Error)] +pub enum Error { + #[error("no private keys found in file")] + NoPrivateKeys, + #[error("io: {0}")] + Io(#[from] io::Error), + #[error("rustls: {0}")] + Rustls(#[from] rustls::Error), +} + +pub type Result<T> = std::result::Result<T, Error>; diff --git a/src/lib.rs b/src/lib.rs new file mode 100644 index 0000000..954dc9f --- /dev/null +++ b/src/lib.rs @@ -0,0 +1,2 @@ +pub mod error; +pub use error::*; diff --git a/src/main.rs b/src/main.rs index e7a11a9..1f2c99f 100644 --- a/src/main.rs +++ b/src/main.rs @@ -1,3 +1,62 @@ -fn main() { - println!("Hello, world!"); +use rustkrazy_admind::{Error, Result}; + +use std::fs::File; +use std::io::{self, BufReader}; + +use actix_web::{http::header::ContentType, web, App, HttpRequest, HttpResponse, HttpServer}; +use rustls::{Certificate, PrivateKey, ServerConfig}; +use rustls_pemfile::{certs, pkcs8_private_keys}; + +async fn index(req: HttpRequest) -> HttpResponse { + HttpResponse::Ok() + .content_type(ContentType::plaintext()) + .body("it works") +} + +#[actix_web::main] +async fn main() -> io::Result<()> { + match start().await { + Ok(_) => {} + Err(e) => { + println!("[admind] start error: {}", e); + return Ok(()); + } + } + + Ok(()) +} + +async fn start() -> Result<()> { + let config = load_rustls_config()?; + + println!("[admind] start https://[::]:8443"); + + Ok( + HttpServer::new(|| App::new().service(web::resource("/").to(index))) + .bind_rustls("[::]:8443", config)? + .run() + .await?, + ) +} + +fn load_rustls_config() -> Result<ServerConfig> { + let config = ServerConfig::builder() + .with_safe_defaults() + .with_no_client_auth(); + + let cert_file = &mut BufReader::new(File::open("/data/admind_cert.pem")?); + let key_file = &mut BufReader::new(File::open("/data/admind_key.pem")?); + + let cert_chain = certs(cert_file)?.into_iter().map(Certificate).collect(); + + let mut keys: Vec<PrivateKey> = pkcs8_private_keys(key_file)? + .into_iter() + .map(PrivateKey) + .collect(); + + if keys.is_empty() { + return Err(Error::NoPrivateKeys); + } + + Ok(config.with_single_cert(cert_chain, keys.remove(0))?) } |