package main import ( "flag" "log" "os" "git.cacert.org/cacert-gosigner/pkg/config" "git.cacert.org/cacert-gosigner/pkg/hsm" ) var ( commit string date string version string ) const ( defaultSignerConfigFile = "config.yaml" ) func main() { var ( showVersion, setupMode, verbose bool signerConfigFile string ) log.SetFlags(log.Ldate | log.Lmicroseconds | log.LUTC) log.Printf("cacert-gosigner %s (%s) - built %s\n", version, commit, date) flag.StringVar(&signerConfigFile, "caconfig", defaultSignerConfigFile, "signer configuration file") flag.BoolVar(&showVersion, "version", false, "show version") flag.BoolVar(&setupMode, "setup", false, "setup mode") flag.BoolVar(&verbose, "verbose", false, "verbose output") flag.Parse() if showVersion { return } configFile, err := os.Open(signerConfigFile) if err != nil { log.Fatalf("could not open singer configuration file %s: %v", signerConfigFile, err) } opts := make([]hsm.ConfigOption, 0) caConfig, err := config.LoadConfiguration(configFile) if err != nil { log.Fatalf("could not load CA hierarchy: %v", err) } opts = append(opts, hsm.CaConfigOption(caConfig)) if setupMode { log.Print("running in setup mode") opts = append(opts, hsm.SetupModeOption()) } if verbose { opts = append(opts, hsm.VerboseLoggingOption()) } ctx := hsm.SetupContext(opts...) err = hsm.EnsureCAKeysAndCertificates(ctx) if err != nil { log.Fatalf("could not ensure CA keys and certificates exist: %v", err) } if setupMode { return } log.Print("setup complete, starting signer operation") }