cmd/nono-proxy/main.go

Ref: main   Size: 1.4 KiB

package main

import (
	"fmt"
	"log"
	"net/http"
	"os"
	"path/filepath"

	"github.com/xanderle/nono/ca"
	"github.com/xanderle/nono/proxy"
	"github.com/xanderle/nono/scanner"
)

func main() {
	store := storePath()

	if len(os.Args) > 1 && os.Args[1] == "allow" {
		if len(os.Args) < 3 {
			fmt.Fprintln(os.Stderr, "usage: nono-proxy allow <host>")
			os.Exit(1)
		}
		hostsFile := filepath.Join(store, "approved_hosts")
		if err := proxy.Allow(hostsFile, os.Args[2]); err != nil {
			log.Fatalf("failed to allow host: %v", err)
		}
		fmt.Printf("allowed %s\n", os.Args[2])
		return
	}

	addr := ":9854"
	os.MkdirAll(store, 0755)

	hostsFile := filepath.Join(store, "approved_hosts")
	rulesPath := filepath.Join(store, "rules.yaml")

	if err := scanner.WriteDefaultRules(rulesPath); err != nil {
		log.Fatalf("failed to write default rules: %v", err)
	}

	caCert, caKey, err := ca.LoadOrCreate(store)
	if err != nil {
		log.Fatalf("failed to load/create CA: %v", err)
	}
	log.Printf("CA cert: %s/ca.pem", store)

	opts := []proxy.Option{
		proxy.WithRules(rulesPath),
		proxy.WithCA(caCert, caKey),
	}

	p := proxy.New(hostsFile, opts...)
	log.Printf("nono-proxy listening on %s (hosts: %s, rules: %s)", addr, hostsFile, rulesPath)
	log.Fatal(http.ListenAndServe(addr, p))
}

func storePath() string {
	store := os.Getenv("NONO_STORE")
	if store == "" {
		home, _ := os.UserHomeDir()
		store = filepath.Join(home, ".local", "share", "nono")
	}
	return store
}