diff --git a/Makefile b/Makefile index be0edcb..3aedd83 100644 --- a/Makefile +++ b/Makefile @@ -18,10 +18,7 @@ gen: protoc --proto_path proto --go_out=plugins=grpc,paths=source_relative:proto/ proto/roveapi/roveapi.proto test: - @echo Unit tests - go test -v ./... - - @echo Integration tests + @echo Run unit and integration tests docker-compose -f docker-compose-test.yml up --build --exit-code-from=rove-tests --abort-on-container-exit rove-tests docker-compose -f docker-compose-test.yml down go tool cover -html=/tmp/coverage-data/c.out -o /tmp/coverage.html diff --git a/cmd/rove-server/internal/server.go b/cmd/rove-server/internal/server.go index e32f64a..e2b7e16 100644 --- a/cmd/rove-server/internal/server.go +++ b/cmd/rove-server/internal/server.go @@ -4,6 +4,8 @@ import ( "fmt" "log" "net" + "os" + "path" "sync" "github.com/mdiluz/rove/pkg/persistence" @@ -11,9 +13,12 @@ import ( "github.com/mdiluz/rove/proto/roveapi" "github.com/robfig/cron" "google.golang.org/grpc" + "google.golang.org/grpc/credentials" "google.golang.org/grpc/reflection" ) +var cert = os.Getenv("CERT_NAME") + const ( // PersistentData will allow the server to load and save it's state PersistentData = iota @@ -104,7 +109,20 @@ func (s *Server) Initialise(fillWorld bool) (err error) { if err != nil { log.Fatalf("failed to listen: %v", err) } - s.grpcServ = grpc.NewServer() + + // Load TLS + var opts []grpc.ServerOption + if len(os.Getenv("NO_TLS")) == 0 { + pem := path.Join("/etc/letsencrypt/live/", cert, "fullchain.pem") + key := path.Join("/etc/letsencrypt/live/", cert, "privkey.pem") + creds, err := credentials.NewServerTLSFromFile(pem, key) + if err != nil { + log.Fatalf("failed to setup TLS: %v", err) + } + opts = append(opts, grpc.Creds(creds)) + } + + s.grpcServ = grpc.NewServer(opts...) roveapi.RegisterRoveServer(s.grpcServ, s) reflection.Register(s.grpcServ) diff --git a/cmd/rove-server/internal/server_test.go b/cmd/rove-server/internal/server_test.go index 36db679..40d4b80 100644 --- a/cmd/rove-server/internal/server_test.go +++ b/cmd/rove-server/internal/server_test.go @@ -1,6 +1,7 @@ package internal import ( + "os" "testing" ) @@ -30,6 +31,7 @@ func TestNewServer_OptionPersistentData(t *testing.T) { } func TestServer_Run(t *testing.T) { + os.Setenv("NO_TLS", "1") server := NewServer() if server == nil { t.Error("Failed to create server") @@ -45,6 +47,7 @@ func TestServer_Run(t *testing.T) { } func TestServer_RunPersistentData(t *testing.T) { + os.Setenv("NO_TLS", "1") server := NewServer(OptionPersistentData()) if server == nil { t.Error("Failed to create server") diff --git a/cmd/rove/main.go b/cmd/rove/main.go index 9fc853a..06999d3 100644 --- a/cmd/rove/main.go +++ b/cmd/rove/main.go @@ -1,6 +1,7 @@ package main import ( + "crypto/tls" "encoding/json" "fmt" "io/ioutil" @@ -16,6 +17,7 @@ import ( "github.com/mdiluz/rove/proto/roveapi" "golang.org/x/net/context" "google.golang.org/grpc" + "google.golang.org/grpc/credentials" ) var home = os.Getenv("HOME") @@ -185,8 +187,15 @@ func InnerMain(command string, args ...string) error { return fmt.Errorf("no host set in %s, set one with '%s config {HOST}'", ConfigPath(), os.Args[0]) } + var opts []grpc.DialOption + if len(os.Getenv("NO_TLS")) == 0 { + opts = append(opts, grpc.WithTransportCredentials(credentials.NewTLS(&tls.Config{}))) + } else { + opts = append(opts, grpc.WithInsecure()) + } + // Set up the server - clientConn, err := grpc.Dial(fmt.Sprintf("%s:%d", config.Host, gRPCport), grpc.WithInsecure()) + clientConn, err := grpc.Dial(fmt.Sprintf("%s:%d", config.Host, gRPCport), opts...) if err != nil { return err } diff --git a/cmd/rove/main_test.go b/cmd/rove/main_test.go index d0e12d6..25e08ae 100644 --- a/cmd/rove/main_test.go +++ b/cmd/rove/main_test.go @@ -13,6 +13,7 @@ import ( ) func Test_InnerMain(t *testing.T) { + os.Setenv("NO_TLS", "1") // Use temporary local user data tmp, err := ioutil.TempDir(os.TempDir(), "rove-") diff --git a/docker-compose-test.yml b/docker-compose-test.yml index 64a71a8..aec8cee 100644 --- a/docker-compose-test.yml +++ b/docker-compose-test.yml @@ -13,6 +13,7 @@ services: - DATA_PATH=/tmp/ - WORDS_FILE=data/words_alpha.txt - TICK_RATE=10 + - NO_TLS=1 command: [ "./rove-server"] rove-tests: diff --git a/docker-compose.yml b/docker-compose.yml index f84d876..d5606f7 100644 --- a/docker-compose.yml +++ b/docker-compose.yml @@ -16,8 +16,10 @@ services: - DATA_PATH=/mnt/rove-server - WORDS_FILE=data/words_alpha.txt - TICK_RATE=3 + - CERT_NAME=${CERT_NAME} volumes: - persistent-data:/mnt/rove-server:rw + - /etc/letsencrypt/:/etc/letsencrypt/ command: [ "./rove-server"]