Add servers
This commit is contained in:
parent
09f526bfb7
commit
11054385a6
1233
central_backend/Cargo.lock
generated
1233
central_backend/Cargo.lock
generated
File diff suppressed because it is too large
Load Diff
@ -15,3 +15,5 @@ openssl-sys = "0.9.102"
|
|||||||
libc = "0.2.155"
|
libc = "0.2.155"
|
||||||
foreign-types-shared = "0.1.1"
|
foreign-types-shared = "0.1.1"
|
||||||
asn1 = "0.16"
|
asn1 = "0.16"
|
||||||
|
actix-web = { version = "4", features = ["openssl"] }
|
||||||
|
futures = "0.3.30"
|
@ -34,9 +34,9 @@ pub enum PKIError {
|
|||||||
|
|
||||||
/// Certificate and private key
|
/// Certificate and private key
|
||||||
pub struct CertData {
|
pub struct CertData {
|
||||||
cert: X509,
|
pub cert: X509,
|
||||||
key: PKey<Private>,
|
pub key: PKey<Private>,
|
||||||
crl: Option<PathBuf>,
|
pub crl: Option<PathBuf>,
|
||||||
}
|
}
|
||||||
|
|
||||||
impl CertData {
|
impl CertData {
|
||||||
@ -50,7 +50,7 @@ impl CertData {
|
|||||||
}
|
}
|
||||||
|
|
||||||
/// Load web CA
|
/// Load web CA
|
||||||
fn load_web_ca() -> anyhow::Result<Self> {
|
pub fn load_web_ca() -> anyhow::Result<Self> {
|
||||||
Ok(Self {
|
Ok(Self {
|
||||||
cert: load_certificate_from_file(AppConfig::get().web_ca_cert_path())?,
|
cert: load_certificate_from_file(AppConfig::get().web_ca_cert_path())?,
|
||||||
key: load_priv_key_from_file(AppConfig::get().web_ca_priv_key_path())?,
|
key: load_priv_key_from_file(AppConfig::get().web_ca_priv_key_path())?,
|
||||||
@ -59,7 +59,7 @@ impl CertData {
|
|||||||
}
|
}
|
||||||
|
|
||||||
/// Load devices CA
|
/// Load devices CA
|
||||||
fn load_devices_ca() -> anyhow::Result<Self> {
|
pub fn load_devices_ca() -> anyhow::Result<Self> {
|
||||||
Ok(Self {
|
Ok(Self {
|
||||||
cert: load_certificate_from_file(AppConfig::get().devices_ca_cert_path())?,
|
cert: load_certificate_from_file(AppConfig::get().devices_ca_cert_path())?,
|
||||||
key: load_priv_key_from_file(AppConfig::get().devices_ca_priv_key_path())?,
|
key: load_priv_key_from_file(AppConfig::get().devices_ca_priv_key_path())?,
|
||||||
|
@ -1,3 +1,4 @@
|
|||||||
pub mod app_config;
|
pub mod app_config;
|
||||||
pub mod crypto;
|
pub mod crypto;
|
||||||
|
pub mod server;
|
||||||
pub mod utils;
|
pub mod utils;
|
||||||
|
@ -1,8 +1,11 @@
|
|||||||
use central_backend::app_config::AppConfig;
|
use central_backend::app_config::AppConfig;
|
||||||
use central_backend::crypto::pki;
|
use central_backend::crypto::pki;
|
||||||
|
use central_backend::server::{secure_server, unsecure_server};
|
||||||
use central_backend::utils::files_utils::create_directory_if_missing;
|
use central_backend::utils::files_utils::create_directory_if_missing;
|
||||||
|
use futures::future;
|
||||||
|
|
||||||
fn main() {
|
#[actix_web::main]
|
||||||
|
async fn main() -> std::io::Result<()> {
|
||||||
// Initialize OpenSSL
|
// Initialize OpenSSL
|
||||||
openssl_sys::init();
|
openssl_sys::init();
|
||||||
|
|
||||||
@ -18,4 +21,12 @@ fn main() {
|
|||||||
pki::initialize_server_ca().expect("Failed to initialize server certificate!");
|
pki::initialize_server_ca().expect("Failed to initialize server certificate!");
|
||||||
|
|
||||||
pki::refresh_crls().expect("Failed to initialize Root CA!");
|
pki::refresh_crls().expect("Failed to initialize Root CA!");
|
||||||
|
|
||||||
|
let s1 = secure_server();
|
||||||
|
let s2 = unsecure_server();
|
||||||
|
future::try_join(s1, s2)
|
||||||
|
.await
|
||||||
|
.expect("Failed to start servers!");
|
||||||
|
|
||||||
|
Ok(())
|
||||||
}
|
}
|
||||||
|
45
central_backend/src/server/mod.rs
Normal file
45
central_backend/src/server/mod.rs
Normal file
@ -0,0 +1,45 @@
|
|||||||
|
use actix_web::{web, App, HttpServer};
|
||||||
|
use openssl::ssl::{SslAcceptor, SslMethod};
|
||||||
|
|
||||||
|
use crate::app_config::AppConfig;
|
||||||
|
use crate::crypto::pki;
|
||||||
|
|
||||||
|
pub mod server_controller;
|
||||||
|
|
||||||
|
/// Start unsecure (HTTP) server
|
||||||
|
pub async fn unsecure_server() -> anyhow::Result<()> {
|
||||||
|
log::info!(
|
||||||
|
"Unecure server starting to listen on {} for {}",
|
||||||
|
AppConfig::get().unsecure_listen_address,
|
||||||
|
AppConfig::get().unsecure_origin()
|
||||||
|
);
|
||||||
|
HttpServer::new(|| App::new().route("/", web::get().to(server_controller::unsecure_home)))
|
||||||
|
.bind(&AppConfig::get().unsecure_listen_address)?
|
||||||
|
.run()
|
||||||
|
.await?;
|
||||||
|
|
||||||
|
Ok(())
|
||||||
|
}
|
||||||
|
|
||||||
|
/// Start secure (HTTPS) server
|
||||||
|
pub async fn secure_server() -> anyhow::Result<()> {
|
||||||
|
let web_ca = pki::CertData::load_web_ca()?;
|
||||||
|
let server_cert = pki::CertData::load_server()?;
|
||||||
|
|
||||||
|
let mut builder = SslAcceptor::mozilla_intermediate(SslMethod::tls()).unwrap();
|
||||||
|
builder.set_private_key(&server_cert.key)?;
|
||||||
|
builder.set_certificate(&server_cert.cert)?;
|
||||||
|
builder.add_extra_chain_cert(web_ca.cert)?;
|
||||||
|
|
||||||
|
log::info!(
|
||||||
|
"Secure server starting to listen on {} for {}",
|
||||||
|
AppConfig::get().listen_address,
|
||||||
|
AppConfig::get().secure_origin()
|
||||||
|
);
|
||||||
|
HttpServer::new(|| App::new().route("/", web::get().to(server_controller::secure_home)))
|
||||||
|
.bind_openssl(&AppConfig::get().listen_address, builder)?
|
||||||
|
.run()
|
||||||
|
.await?;
|
||||||
|
|
||||||
|
Ok(())
|
||||||
|
}
|
13
central_backend/src/server/server_controller.rs
Normal file
13
central_backend/src/server/server_controller.rs
Normal file
@ -0,0 +1,13 @@
|
|||||||
|
use actix_web::HttpResponse;
|
||||||
|
|
||||||
|
pub async fn unsecure_home() -> HttpResponse {
|
||||||
|
HttpResponse::Ok()
|
||||||
|
.content_type("text/plain")
|
||||||
|
.body("SolarEnergy unsecure central backend")
|
||||||
|
}
|
||||||
|
|
||||||
|
pub async fn secure_home() -> HttpResponse {
|
||||||
|
HttpResponse::Ok()
|
||||||
|
.content_type("text/plain")
|
||||||
|
.body("SolarEnergy secure central backend")
|
||||||
|
}
|
Loading…
Reference in New Issue
Block a user