gorm ssl
parent
8bb59b135d
commit
2333eb94c0
|
|
@ -12,3 +12,4 @@ background
|
||||||
image/
|
image/
|
||||||
deploy.bat
|
deploy.bat
|
||||||
docbackground.exe
|
docbackground.exe
|
||||||
|
__debug_bin
|
||||||
|
|
|
||||||
|
|
@ -10,6 +10,7 @@ import (
|
||||||
"io/ioutil"
|
"io/ioutil"
|
||||||
"log"
|
"log"
|
||||||
"os"
|
"os"
|
||||||
|
"time"
|
||||||
|
|
||||||
"github.com/go-sql-driver/mysql"
|
"github.com/go-sql-driver/mysql"
|
||||||
_ "github.com/go-sql-driver/mysql"
|
_ "github.com/go-sql-driver/mysql"
|
||||||
|
|
@ -31,20 +32,78 @@ func Init() {
|
||||||
//InitMongoDb()
|
//InitMongoDb()
|
||||||
log.Print("api runmode is " + config.ApiConfig().RunMode)
|
log.Print("api runmode is " + config.ApiConfig().RunMode)
|
||||||
if config.ApiConfig().RunMode == "debug" {
|
if config.ApiConfig().RunMode == "debug" {
|
||||||
gDb = Database{Type: string(""), DB: initMysql(mysqlconf)}
|
gDb = Database{Type: string(""), DB: initMysqlTLS(mysqlconf)}
|
||||||
sqls := fmt.Sprintf("%s:%s@(%s)/%s?charset=utf8&parseTime=True&loc=Local",
|
rootCertPool := x509.NewCertPool()
|
||||||
mysqlconf.UserName, mysqlconf.Password, mysqlconf.Addr,
|
pem, err := ioutil.ReadFile("pem/ca.pem")
|
||||||
mysqlconf.Db)
|
if err != nil {
|
||||||
log.Print(sqls)
|
log.Fatal(err)
|
||||||
gOrm, e = gorm.Open("mysql", sqls)
|
}
|
||||||
|
if ok := rootCertPool.AppendCertsFromPEM(pem); !ok {
|
||||||
|
log.Fatal("Failed to append PEM.")
|
||||||
|
}
|
||||||
|
clientCert := make([]tls.Certificate, 0, 1)
|
||||||
|
certs, err := tls.LoadX509KeyPair("pem/client-cert.pem", "pem/client-key.pem")
|
||||||
|
if err != nil {
|
||||||
|
log.Fatal(err)
|
||||||
|
}
|
||||||
|
clientCert = append(clientCert, certs)
|
||||||
|
mysql.RegisterTLSConfig("custom", &tls.Config{
|
||||||
|
RootCAs: rootCertPool,
|
||||||
|
Certificates: clientCert,
|
||||||
|
InsecureSkipVerify: true,
|
||||||
|
})
|
||||||
|
// try to connect to mysql database.
|
||||||
|
cfg := mysql.Config{
|
||||||
|
User: config.GetMysqlBlogConfig().UserName,
|
||||||
|
Passwd: config.GetMysqlBlogConfig().Password,
|
||||||
|
Addr: config.GetMysqlBlogConfig().Addr, //IP:PORT
|
||||||
|
Net: "tcp",
|
||||||
|
DBName: "background",
|
||||||
|
Loc: time.Local,
|
||||||
|
AllowNativePasswords: true,
|
||||||
|
}
|
||||||
|
cfg.TLSConfig = "custom"
|
||||||
|
str := cfg.FormatDSN()
|
||||||
|
gOrm, e = gorm.Open("mysql", str)
|
||||||
if nil != e {
|
if nil != e {
|
||||||
log.Print(e.Error())
|
log.Print(e.Error())
|
||||||
os.Exit(-1)
|
os.Exit(-1)
|
||||||
}
|
}
|
||||||
} else {
|
} else {
|
||||||
sqls := fmt.Sprintf("%s:%s@/%s?charset=utf8&parseTime=True&loc=Local", mysqlconf.UserName, mysqlconf.Password,
|
rootCertPool := x509.NewCertPool()
|
||||||
mysqlconf.Db)
|
pem, err := ioutil.ReadFile("pem/ca.pem")
|
||||||
gOrm, e = gorm.Open("mysql", sqls)
|
if err != nil {
|
||||||
|
log.Fatal(err)
|
||||||
|
}
|
||||||
|
if ok := rootCertPool.AppendCertsFromPEM(pem); !ok {
|
||||||
|
log.Fatal("Failed to append PEM.")
|
||||||
|
}
|
||||||
|
clientCert := make([]tls.Certificate, 0, 1)
|
||||||
|
certs, err := tls.LoadX509KeyPair("pem/client-cert.pem", "pem/client-key.pem")
|
||||||
|
if err != nil {
|
||||||
|
log.Fatal(err)
|
||||||
|
}
|
||||||
|
clientCert = append(clientCert, certs)
|
||||||
|
log.Print("client cert is ", clientCert)
|
||||||
|
mysql.RegisterTLSConfig("custom", &tls.Config{
|
||||||
|
RootCAs: rootCertPool,
|
||||||
|
Certificates: clientCert,
|
||||||
|
})
|
||||||
|
|
||||||
|
// try to connect to mysql database.
|
||||||
|
cfg := mysql.Config{
|
||||||
|
User: config.GetMysqlBlogConfig().UserName,
|
||||||
|
Passwd: config.GetMysqlBlogConfig().Password,
|
||||||
|
Addr: config.GetMysqlBlogConfig().Addr, //IP:PORT
|
||||||
|
Net: "tcp",
|
||||||
|
DBName: "background",
|
||||||
|
Loc: time.Local,
|
||||||
|
AllowNativePasswords: true,
|
||||||
|
}
|
||||||
|
cfg.TLSConfig = "custom"
|
||||||
|
str := cfg.FormatDSN()
|
||||||
|
log.Print(str)
|
||||||
|
gOrm, e = gorm.Open("mysql", str)
|
||||||
if nil != e {
|
if nil != e {
|
||||||
log.Print(e.Error())
|
log.Print(e.Error())
|
||||||
os.Exit(-1)
|
os.Exit(-1)
|
||||||
|
|
@ -72,18 +131,14 @@ func initMysql(mysqlconf *config.MysqlConfig) *sql.DB {
|
||||||
cnn := fmt.Sprintf("%s:%s@tcp(%s:3306)/%s?charset=utf8", mysqlconf.UserName, mysqlconf.Password,
|
cnn := fmt.Sprintf("%s:%s@tcp(%s:3306)/%s?charset=utf8", mysqlconf.UserName, mysqlconf.Password,
|
||||||
mysqlconf.Addr, mysqlconf.Db)
|
mysqlconf.Addr, mysqlconf.Db)
|
||||||
log.Print("Connect to mysql " + cnn)
|
log.Print("Connect to mysql " + cnn)
|
||||||
|
|
||||||
//db := mysql.New(proto, "", addr, user, pass, dbname)
|
|
||||||
|
|
||||||
_db, err := sql.Open("mysql", cnn)
|
_db, err := sql.Open("mysql", cnn)
|
||||||
if err != nil {
|
if err != nil {
|
||||||
fmt.Println("connect sql server ", err.Error())
|
fmt.Println("connect sql server ", err.Error())
|
||||||
os.Exit(200)
|
os.Exit(200)
|
||||||
|
|
||||||
}
|
}
|
||||||
e := _db.Ping()
|
e := _db.Ping()
|
||||||
if nil != e {
|
if nil != e {
|
||||||
fmt.Println(e.Error())
|
fmt.Println("ping mysql server error", e.Error())
|
||||||
os.Exit(200)
|
os.Exit(200)
|
||||||
}
|
}
|
||||||
return _db
|
return _db
|
||||||
|
|
|
||||||
2
main.go
2
main.go
|
|
@ -13,8 +13,8 @@ import (
|
||||||
"strconv"
|
"strconv"
|
||||||
|
|
||||||
"github.com/gin-gonic/gin"
|
"github.com/gin-gonic/gin"
|
||||||
swaggerFiles "github.com/swaggo/files" // swagger embed files
|
|
||||||
ginSwagger "github.com/swaggo/gin-swagger" // gin-swagger middleware
|
ginSwagger "github.com/swaggo/gin-swagger" // gin-swagger middleware
|
||||||
|
"github.com/swaggo/gin-swagger/swaggerFiles"
|
||||||
sessions "github.com/tommy351/gin-sessions"
|
sessions "github.com/tommy351/gin-sessions"
|
||||||
)
|
)
|
||||||
|
|
||||||
|
|
|
||||||
Loading…
Reference in New Issue