feat: add initial implementation of osiris, the TLS terminator for Anubis

Signed-off-by: Xe Iaso <me@xeiaso.net>
This commit is contained in:
Xe Iaso
2025-07-18 19:56:22 +00:00
parent 300720f030
commit 115ee97d1d
20 changed files with 650 additions and 2 deletions
+40
View File
@@ -0,0 +1,40 @@
package config
import (
"crypto/tls"
"errors"
"fmt"
"os"
)
var (
ErrCantReadTLS = errors.New("tls: can't read TLS")
ErrInvalidTLSKeypair = errors.New("tls: can't parse TLS keypair")
)
type TLS struct {
Cert string `hcl:"cert"`
Key string `hcl:"key"`
}
func (t TLS) Valid() error {
var errs []error
if _, err := os.Stat(t.Cert); err != nil {
errs = append(errs, fmt.Errorf("%w certificate %s: %w", ErrCantReadTLS, t.Cert, err))
}
if _, err := os.Stat(t.Key); err != nil {
errs = append(errs, fmt.Errorf("%w key %s: %w", ErrCantReadTLS, t.Key, err))
}
if _, err := tls.LoadX509KeyPair(t.Cert, t.Key); err != nil {
errs = append(errs, fmt.Errorf("%w (%s, %s): %w", ErrInvalidTLSKeypair, t.Cert, t.Key, err))
}
if len(errs) != 0 {
return errors.Join(errs...)
}
return nil
}