diff --git a/examples/local/main.go b/examples/local/main.go index 5136b5c..bb7c4e3 100644 --- a/examples/local/main.go +++ b/examples/local/main.go @@ -15,12 +15,23 @@ import ( "github.com/foomo/simplecert" ) +// This example demonstrates how spin up a simple HTTPS webserver for local development, with a locally trusted certificate. +// The mkcert (https://github.com/FiloSottile/mkcert) util must be installed for this to work, the generated certificates will be valid for 10 years. +// Caution: simplecert will automatically add an entry to your /etc/hosts to point the specified domain(s) to localhost! func main() { + // handle incoming HTTP request via the http.HandleFunc("/", func(w http.ResponseWriter, r *http.Request) { w.WriteHeader(http.StatusOK) w.Write([]byte("hello")) }) - log.Fatal(simplecert.ListenAndServeTLSLocal(":443", nil, nil, "myawesomewebsite.com", "sub.myawesomewebsite.com")) + // start the server and log the error if it crashes + log.Fatal(simplecert.ListenAndServeTLSLocal( + ":443", + nil, // <- passing a nil handler will use the http.DefaultServeMux, analogous to the standard library API + nil, // <- passing nil for the cleanup function will cause your program to exit when receiving an interrupt signal + "myawesomewebsite.com", + "sub.myawesomewebsite.com", + )) } diff --git a/examples/production/main.go b/examples/production/main.go index b23f95f..40e8300 100644 --- a/examples/production/main.go +++ b/examples/production/main.go @@ -70,7 +70,7 @@ func main() { cfg.HTTPAddress = "" // this function will be called just before certificate renewal starts and is used to gracefully stop the service - // (we need to free port 443 in order to complete the TLS challenge) + // (we need to temporarily free port 443 in order to complete the TLS challenge) cfg.WillRenewCertificate = func() { // stop server cancel() @@ -88,12 +88,15 @@ func main() { // force reload the updated cert from disk certReloader.ReloadNow() + // here we go again go serve(ctx, srv) } log.Println("hello world") - // init config + // init simplecert configuration + // this will block initially until the certificate has been obtained for the first time. + // on subsequent runs, simplecert will load the certificate from the cache directory on disk. certReloader, err = simplecert.Init(cfg, func() { os.Exit(0) }) diff --git a/simplecert_test.go b/simplecert_test.go index 4593242..86323c4 100644 --- a/simplecert_test.go +++ b/simplecert_test.go @@ -90,7 +90,7 @@ func TestRenewal(t *testing.T) { // force reload the updated cert from disk certReloader.ReloadNow() - go serveProd(ctx, srv) + go serve(ctx, srv) } // init config @@ -115,13 +115,13 @@ func TestRenewal(t *testing.T) { // start serving log.Println("will serve at: https://" + cfg.Domains[0]) - serveProd(ctx, srv) + serve(ctx, srv) fmt.Println("waiting forever") <-make(chan bool) } -func serveProd(ctx context.Context, srv *http.Server) { +func serve(ctx context.Context, srv *http.Server) { // lets go go func() {