Use flagx.StringFile for autocert.hostname and token.machine (#406)

m-lab · Sep 30, 2024 · 1df5867 · 1df5867
1 parent cdcfe8b
commit 1df5867
Show file tree

Hide file tree

Showing 3 changed files with 11 additions and 11 deletions.
diff --git a/go.mod b/go.mod
@@ -8,7 +8,7 @@ require (
 	github.com/gorilla/handlers v1.5.1
 	github.com/gorilla/websocket v1.5.0
 	github.com/m-lab/access v0.0.11
-	github.com/m-lab/go v0.1.66
+	github.com/m-lab/go v0.1.75
 	github.com/m-lab/tcp-info v1.5.3
 	github.com/m-lab/uuid v1.0.1
 	github.com/prometheus/client_golang v1.13.0

diff --git a/go.sum b/go.sum
@@ -181,8 +181,8 @@ github.com/kr/text v0.1.0/go.mod h1:4Jbv+DJW3UT/LiOwJeYQe1efqtUx/iVham/4vfdArNI=
 github.com/kr/text v0.2.0 h1:5Nx0Ya0ZqY2ygV366QzturHI13Jq95ApcVaJBhpS+AY=
 github.com/m-lab/access v0.0.11 h1:i2aoal7zgdzXAA7pGL5mXpM8yybURDJGZLwBMmA4Le8=
 github.com/m-lab/access v0.0.11/go.mod h1:ky+hXvIDE1VgEdWhMRJLjYonRrcvfiEJ1BEZtK6+zFQ=
-github.com/m-lab/go v0.1.66 h1:adDJILqKBCkd5YeVhCrrjWkjoNRtDzlDr6uizWu5/pE=
-github.com/m-lab/go v0.1.66/go.mod h1:O1D/EoVarJ8lZt9foANcqcKtwxHatBzUxXFFyC87aQQ=
+github.com/m-lab/go v0.1.75 h1:t4kvig26aUBznA0b3e997Jn0BjELAOKpO1xILWp2VJs=
+github.com/m-lab/go v0.1.75/go.mod h1:BirARfHWjjXHaCGNyWCm/CKW1OarjuEj8Yn6Z2rc0M4=
 github.com/m-lab/tcp-info v1.5.3 h1:4IspTPcNc8D8LNRvuFnID8gDiz+hxPAtYvpKZaiGGe8=
 github.com/m-lab/tcp-info v1.5.3/go.mod h1:bkvI4qbjB6QVC2tsLSHqf5OnIYcmuLEVjo7+8YA56Kg=
 github.com/m-lab/uuid v1.0.1 h1:+Ku1MQUL9gkSk+eQjLej8qKKtBvAnvZb3TB7QtSP+bw=

diff --git a/ndt-server.go b/ndt-server.go
@@ -46,7 +46,7 @@ var (
 	keyFile           = flag.String("key", "", "The file with server key in PEM format.")
 	tlsVersion        = flag.String("tls.version", "", "Minimum TLS version. Valid values: 1.2 or 1.3")
 	autocertEnabled   = flag.Bool("autocert.enabled", false, "Whether to use automatic TLS certificate generation.")
-	autocertHostname  = flagx.FileBytes{}
+	autocertHostname  = flagx.StringFile{}
 	autocertDir       = flag.String("autocert.dir", "autocert", "The directory in which to write autocert files.")
 
 	dataDir          = flag.String("datadir", "/var/spool/ndt", "The directory in which to write data files")
@@ -57,7 +57,7 @@ var (
 	tokenRequired5   bool
 	tokenRequired7   bool
 	isLameDuck       bool
-	tokenMachine     string
+	tokenMachine     = flagx.StringFile{}
 
 	// A metric to use to signal that the server is in lame duck mode.
 	lameDuck = promauto.NewGauge(prometheus.GaugeOpts{
@@ -73,7 +73,7 @@ func init() {
 	flag.Var(&tokenVerifyKey, "token.verify-key", "Public key for verifying access tokens")
 	flag.BoolVar(&tokenRequired5, "ndt5.token.required", false, "Require access token in NDT5 requests")
 	flag.BoolVar(&tokenRequired7, "ndt7.token.required", false, "Require access token in NDT7 requests")
-	flag.StringVar(&tokenMachine, "token.machine", "", "Use given machine name to verify token claims")
+	flag.Var(&tokenMachine, "token.machine", "Use given machine name to verify token claims")
 	flag.Var(&deploymentLabels, "label", "Labels to identify the type of deployment.")
 	flag.Var(&autocertHostname, "autocert.hostname", "File containing the public hostname to request TLS certs for")
 }
@@ -230,8 +230,8 @@ func main() {
 		spec.UploadURLPath:   true,
 	}
 	// NDT5 uses a raw server, which requires tx5. NDT7 is HTTP only.
-	ac5, tx5 := controller.Setup(ctx, v, tokenRequired5, tokenMachine, ndt5Paths, ndt5Paths)
-	ac7, _ := controller.Setup(ctx, v, tokenRequired7, tokenMachine, ndt7TxPaths, ndt7TokenPaths)
+	ac5, tx5 := controller.Setup(ctx, v, tokenRequired5, tokenMachine.Value, ndt5Paths, ndt5Paths)
+	ac7, _ := controller.Setup(ctx, v, tokenRequired7, tokenMachine.Value, ndt7TxPaths, ndt7TokenPaths)
 
 	// The ndt5 protocol serving non-HTTP-based tests - forwards to Ws-based
 	// server if the first three bytes are "GET".
@@ -299,11 +299,11 @@ func main() {
 		defer ndt7Server.Close()
 	} else {
 		// Use the autocert package to get TLS certificates if autocert is enabled.
-		if *autocertEnabled && autocertHostname.String() != "" {
-			log.Printf("Setting up autocert for hostname %s\n", autocertHostname.String())
+		if *autocertEnabled && autocertHostname.Value != "" {
+			log.Printf("Setting up autocert for hostname %s\n", autocertHostname.Value)
 			m := &autocert.Manager{
 				Prompt:     autocert.AcceptTOS,
-				HostPolicy: autocert.HostWhitelist(autocertHostname.String()),
+				HostPolicy: autocert.HostWhitelist(autocertHostname.Value),
 				Cache:      autocert.DirCache(*autocertDir),
 			}