From de704a079eb09b0b9126cb44839d1c0a34014173 Mon Sep 17 00:00:00 2001
From: Alan Pearce
Date: Tue, 9 Jul 2024 20:32:15 +0200
Subject: add wildcard domain redirect support

---
 internal/server/server.go | 22 +++++++++++++++++++---
 internal/server/tls.go    | 23 +++++++++++++++++++++++
 2 files changed, 42 insertions(+), 3 deletions(-)

(limited to 'internal/server')

diff --git a/internal/server/server.go b/internal/server/server.go
index b174c0c..6ef715b 100644
--- a/internal/server/server.go
+++ b/internal/server/server.go
@@ -8,6 +8,7 @@ import (
 	"net/url"
 	"os"
 	"path/filepath"
+	"regexp"
 	"slices"
 	"strconv"
 	"strings"
@@ -184,11 +185,26 @@ func New(runtimeConfig *Config, log *log.Logger) (*Server, error) {
 	}
 
 	if runtimeConfig.Redirect {
+		re := regexp.MustCompile(
+			"^(.*)\\." + strings.ReplaceAll(config.WildcardDomain, ".", `\.`) + "$",
+		)
+		replace := "${0}." + config.Domains[0]
 		loggingMux.Handle(config.BaseURL.Hostname()+"/", mux)
 		loggingMux.HandleFunc("/", func(w http.ResponseWriter, r *http.Request) {
-			path, _ := website.CanonicalisePath(r.URL.Path)
-			newURL := config.BaseURL.JoinPath(path)
-			http.Redirect(w, r, newURL.String(), http.StatusMovedPermanently)
+			if slices.Contains(config.Domains, r.Host) {
+				path, _ := website.CanonicalisePath(r.URL.Path)
+				newURL := config.BaseURL.JoinPath(path)
+				http.Redirect(w, r, newURL.String(), http.StatusMovedPermanently)
+			} else {
+				matches := re.FindSubmatchIndex([]byte(r.Host))
+				if matches == nil {
+					http.Redirect(w, r, config.BaseURL.String(), http.StatusTemporaryRedirect)
+
+					return
+				}
+				newHost := re.ExpandString([]byte{}, replace, r.Host, matches)
+				http.Redirect(w, r, string(newHost), http.StatusTemporaryRedirect)
+			}
 		})
 	} else {
 		loggingMux.Handle("/", mux)
diff --git a/internal/server/tls.go b/internal/server/tls.go
index 9481b6a..556013d 100644
--- a/internal/server/tls.go
+++ b/internal/server/tls.go
@@ -12,6 +12,7 @@ import (
 	"github.com/ardanlabs/conf/v3"
 	"github.com/caddyserver/caddy/v2"
 	"github.com/caddyserver/certmagic"
+	"github.com/libdns/acmedns"
 	certmagic_redis "github.com/pberkel/caddy-storage-redis"
 	"gitlab.com/tozd/go/errors"
 )
@@ -24,6 +25,13 @@ type redisConfig struct {
 	KeyPrefix     string `conf:"default:certmagic"`
 }
 
+type acmeConfig struct {
+	Username  string `conf:"required"`
+	Password  string `conf:"required"`
+	Subdomain string `conf:"required"`
+	ServerURL string `conf:"env:SERVER_URL,default:https://acme.alanpearce.eu"`
+}
+
 func (s *Server) serveTLS() (err error) {
 	log := s.log.Named("tls")
 
@@ -72,6 +80,21 @@ func (s *Server) serveTLS() (err error) {
 			return errors.Wrap(err, "could not parse redis config")
 		}
 
+		acme := &acmedns.Provider{}
+		_, err = conf.Parse("ACME", acme)
+		if err != nil {
+			return errors.Wrap(err, "could not parse ACME config")
+		}
+
+		issuer.DNS01Solver = &certmagic.DNS01Solver{
+			DNSManager: certmagic.DNSManager{
+				DNSProvider: acme,
+				Logger:      certmagic.Default.Logger,
+			},
+		}
+
+		log.Debug("acme", "username", acme.Username, "subdomain", acme.Subdomain, "server_url", acme.ServerURL)
+
 		rs := certmagic_redis.New()
 		rs.Address = []string{rc.Address}
 		rs.Username = rc.Username
-- 
cgit 1.4.1