tuxmain/rust-rpxy
1
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity Actions

wip: integrate certmanager to rpxy-bin along with existing old rustls

Browse source
This commit is contained in:
Jun Kurihara 2024-05-28 17:52:00 +09:00
commit e25c6fa81f
No known key found for this signature in database
GPG key ID: 48ADFD173ED22B03
8 changed files with 171 additions and 62 deletions
Download patch file Download diff file Expand all files Collapse all files

11
rpxy-certs/src/lib.rs
View file

@ -9,18 +9,17 @@ mod log {
pub(super) use tracing::{debug, error, info, warn};
}
use crate::{
error::*,
reloader_service::{CryptoReloader, DynCryptoSource},
};
use crate::{error::*, log::*, reloader_service::DynCryptoSource};
use hot_reload::{ReloaderReceiver, ReloaderService};
use rustc_hash::FxHashMap as HashMap;
use rustls::crypto::{aws_lc_rs, CryptoProvider};
use std::sync::Arc;
/* ------------------------------------------------ */
pub use crate::{
certs::SingleServerCertsKeys,
crypto_source::{CryptoFileSource, CryptoFileSourceBuilder, CryptoFileSourceBuilderError, CryptoSource},
reloader_service::CryptoReloader,
server_crypto::{ServerCrypto, ServerCryptoBase},
};
@ -44,6 +43,10 @@ pub async fn build_cert_reloader<T>(
where
T: CryptoSource<Error = RpxyCertError> + Send + Sync + Clone + 'static,
{
info!("Building certificate reloader service");
// Install aws_lc_rs as default crypto provider for rustls
let _ = CryptoProvider::install_default(aws_lc_rs::default_provider());
let source = crypto_source_map
.iter()
.map(|(k, v)| {