warp-tech/warpgate
1
1
Fork 0
mirror of https://github.com/warp-tech/warpgate.git synced 2025-09-03 21:24:26 +08:00
Code Issues Projects Releases Packages Wiki Activity

SBOMs (#1289)

Browse source
This commit is contained in:
Eugene 2025-03-20 16:11:14 +01:00 committed by GitHub
parent ed0d5255c0
commit 6b223994ae
No known key found for this signature in database
GPG key ID: B5690EEEBB952194
20 changed files with 10481 additions and 3845 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

9
.cargo/config.toml
View file

@ -1,6 +1,7 @@
#[build]
#rustflags = ["--cfg", "tokio_unstable"]
# https://github.com/rust-lang/cargo/issues/5376#issuecomment-2163350032
[target.'cfg(all())']
rustflags = ["--cfg", "tokio_unstable"]
rustflags = [
"--cfg", "tokio_unstable",
"--remap-path-prefix=$HOME=/reproducible-home",
"--remap-path-prefix=$PWD=/reproducible-pwd",
]

56
.github/workflows/build.yml vendored
View file

@ -1,4 +1,6 @@
name: Build
permissions:
contents: write
on: [push, pull_request]
@ -10,15 +12,23 @@ jobs:
- arch: x86_64-linux
target: x86_64-unknown-linux-gnu
os: ubuntu-22.04
cyclonedx-build: cyclonedx-linux-x64
cargo-cross: false
- arch: arm64-linux
target: aarch64-unknown-linux-gnu
os: ubuntu-22.04
os: ubuntu-22.04-arm
cyclonedx-build: cyclonedx-linux-arm64
cargo-cross: false
- arch: x86_64-macos
target: x86_64-apple-darwin
os: macos-latest
cyclonedx-build: cyclonedx-osx-x64
cargo-cross: false
- arch: arm64-macos
target: aarch64-apple-darwin
os: macos-latest
cyclonedx-build: cyclonedx-osx-arm64
cargo-cross: true
fail-fast: false
name: Build (${{ matrix.arch }})
@ -49,6 +59,10 @@ jobs:
run: |
cargo install just
cargo install cargo-deny@^0.16
cargo install cargo-cyclonedx@^0.5
mkdir cdx
wget https://github.com/CycloneDX/cyclonedx-cli/releases/download/v0.27.2/${{ matrix.cyclonedx-build }} -O cyclonedx
chmod +x cyclonedx
- name: cargo-deny
run: |
@ -56,28 +70,35 @@ jobs:
- name: Install admin UI deps
run: |
just yarn --network-timeout 1000000000
just npm ci
- name: Build admin UI
run: |
just yarn build
just npm run build
- name: Generate admin UI BOM
run: |
NODE_ENV=dev just npx @cyclonedx/cyclonedx-npm --output-format xml > cdx/admin-ui.cdx.xml
- name: Build
uses: actions-rs/cargo@v1
with:
command: build
use-cross: true
use-cross: ${{ matrix.cargo-cross }}
args: --all-features --release --target ${{ matrix.target }}
env:
CARGO_TARGET_X86_64_UNKNOWN_LINUX_GNU_RUSTFLAGS: "--cfg tokio_unstable"
CARGO_TARGET_AARCH64_UNKNOWN_LINUX_GNU_RUSTFLAGS: "--cfg tokio_unstable"
CARGO_TARGET_X86_64_APPLE_DARWIN_RUSTFLAGS: "--cfg tokio_unstable"
CARGO_TARGET_AARCH64_APPLE_DARWIN_RUSTFLAGS: "--cfg tokio_unstable"
# env:
# CARGO_TARGET_X86_64_UNKNOWN_LINUX_GNU_RUSTFLAGS: "-C target-feature=+crt-static --cfg tokio_unstable"
# CARGO_TARGET_AARCH64_UNKNOWN_LINUX_GNU_RUSTFLAGS: "-C target-feature=+crt-static --cfg tokio_unstable"
# CARGO_TARGET_X86_64_APPLE_DARWIN_RUSTFLAGS: "-C target-feature=+crt-static --cfg tokio_unstable"
# CARGO_TARGET_AARCH64_APPLE_DARWIN_RUSTFLAGS: "-C target-feature=+crt-static --cfg tokio_unstable"
CARGO_TARGET_X86_64_UNKNOWN_LINUX_GNU_RUSTFLAGS: "--cfg tokio_unstable --remap-path-prefix=$HOME=/reproducible-home --remap-path-prefix=$PWD=/reproducible-pwd"
CARGO_TARGET_AARCH64_UNKNOWN_LINUX_GNU_RUSTFLAGS: "--cfg tokio_unstable --remap-path-prefix=$HOME=/reproducible-home --remap-path-prefix=$PWD=/reproducible-pwd"
CARGO_TARGET_X86_64_APPLE_DARWIN_RUSTFLAGS: "--cfg tokio_unstable --remap-path-prefix=$HOME=/reproducible-home --remap-path-prefix=$PWD=/reproducible-pwd"
CARGO_TARGET_AARCH64_APPLE_DARWIN_RUSTFLAGS: "--cfg tokio_unstable --remap-path-prefix=$HOME=/reproducible-home --remap-path-prefix=$PWD=/reproducible-pwd"
- name: Generate Rust BOM
run: |
cargo cyclonedx --all-features
mv warpgate*/*.cdx.xml cdx/
- name: Merge BOMs
run: ./cyclonedx merge --input-files cdx/* --input-format xml --output-format xml > cdx.xml
- name: Upload artifact
uses: actions/upload-artifact@master
@ -85,10 +106,17 @@ jobs:
name: warpgate-${{ env.GITHUB_REF_SLUG }}-${{ matrix.arch }}
path: target/${{ matrix.target }}/release/warpgate
- name: Rename artifact
- name: Upload SBOM
uses: actions/upload-artifact@master
with:
name: warpgate-${{ env.GITHUB_REF_SLUG }}-${{ matrix.arch }}.cdx.xml
path: cdx.xml
- name: Rename artifacts
run: |
mkdir dist
mv target/${{ matrix.target }}/release/warpgate dist/warpgate-${{ env.GITHUB_REF_SLUG }}-${{ matrix.arch }}
mv cdx.xml dist/warpgate-${{ env.GITHUB_REF_SLUG }}-${{ matrix.arch }}.cdx.xml
- name: Upload release
uses: softprops/action-gh-release@v1

32
.github/workflows/reprotest.yml vendored Normal file
View file

@ -0,0 +1,32 @@
name: Reproducibility test
permissions:
contents: read
on: [workflow_dispatch]
jobs:
reprotest:
name: Reproducibility test
runs-on: ubuntu-24.04
steps:
- name: Setup
run: |
sudo apt update
sudo apt install --no-install-recommends -y libssl-dev pkg-config disorderfs faketime locales-all reprotest diffoscope
test -c /dev/fuse || mknod -m 666 /dev/fuse c 10 229
test -f /etc/mtab || ln -s ../proc/self/mounts /etc/mtab
curl --proto '=https' --tlsv1.2 -sSf https://sh.rustup.rs | sudo sh -s -- -y
echo "/root/.cargo/bin" >> $GITHUB_PATH
- uses: actions/checkout@v2
with:
submodules: recursive
- name: Install tools
run: |
sudo env "PATH=$PATH" cargo install just
- name: Reprotest
run: |
sudo env "PATH=$PATH" reprotest -vv --vary=environment,build_path,kernel,aslr,num_cpus --build-command 'just npm ci; just npm run build; cargo build --all-features --release' . target/release/warpgate

6
.github/workflows/test.yml vendored
View file

@ -24,10 +24,10 @@ jobs:
- name: Build UI
run: |
just yarn --network-timeout 1000000000
just npm ci
just openapi
just yarn openapi:tests-sdk
just yarn build
just npm run openapi:tests-sdk
just npm run build
- name: Build images
working-directory: tests

4
.gitignore vendored
View file

@ -26,3 +26,7 @@ dhat-heap.json
# IntelliJ based IDEs
.idea/
/.data/
cdx.xml
*.cdx.xml

70
Cargo.lock generated
View file

@ -361,12 +361,6 @@ version = "0.4.0"
source = "registry+https://github.com/rust-lang/crates.io-index"
checksum = "23ce669cd6c8588f79e15cf450314f9638f967fc5770ff1c7c1deb0925ea7cfa"
[[package]]
name = "base64"
version = "0.13.1"
source = "registry+https://github.com/rust-lang/crates.io-index"
checksum = "9e1b586273c5702936fe7b7d6896644d8be71e6314cfe09d3167c95f712589e8"
[[package]]
name = "base64"
version = "0.21.7"
@ -1319,7 +1313,7 @@ checksum = "da0e4dd2a88388a1f4ccc7c9ce104604dab68d9f408dc34cd45823d5a9069095"
dependencies = [
"futures-core",
"futures-sink",
"spin 0.9.8",
"spin",
]
[[package]]
@ -2209,13 +2203,14 @@ dependencies = [
[[package]]
name = "jsonwebtoken"
version = "8.3.0"
version = "9.3.1"
source = "registry+https://github.com/rust-lang/crates.io-index"
checksum = "6971da4d9c3aa03c3d8f3ff0f4155b534aad021292003895a469716b2a230378"
checksum = "5a87cc7a48537badeae96744432de36f4be2b4a34a05a5ef32e9dd8a1c169dde"
dependencies = [
"base64 0.21.7",
"base64 0.22.1",
"js-sys",
"pem",
"ring 0.16.20",
"ring",
"serde",
"serde_json",
"simple_asn1",
@ -2270,7 +2265,7 @@ version = "1.5.0"
source = "registry+https://github.com/rust-lang/crates.io-index"
checksum = "bbd2bcb4c963f2ddae06a2efc7e9f3591312473c50c6685e1f298068316e66fe"
dependencies = [
"spin 0.9.8",
"spin",
]
[[package]]
@ -2292,7 +2287,7 @@ source = "registry+https://github.com/rust-lang/crates.io-index"
checksum = "fc2f4eb4bc735547cfed7c0a4922cbd04a4655978c09b54f1f7b228750664c34"
dependencies = [
"cfg-if",
"windows-targets 0.52.6",
"windows-targets 0.48.5",
]
[[package]]
@ -2466,7 +2461,7 @@ dependencies = [
"httparse",
"memchr",
"mime",
"spin 0.9.8",
"spin",
"tokio",
"version_check",
]
@ -2892,11 +2887,12 @@ dependencies = [
[[package]]
name = "pem"
version = "1.1.1"
version = "3.0.5"
source = "registry+https://github.com/rust-lang/crates.io-index"
checksum = "a8835c273a76a90455d7344889b0964598e3316e2a79ede8e36f16bdcf2228b8"
checksum = "38af38e8470ac9dee3ce1bae1af9c1671fffc44ddfd8bd1d0a3445bf349a8ef3"
dependencies = [
"base64 0.13.1",
"base64 0.22.1",
"serde",
]
[[package]]
@ -3433,12 +3429,13 @@ dependencies = [
[[package]]
name = "rcgen"
version = "0.10.0"
version = "0.13.2"
source = "registry+https://github.com/rust-lang/crates.io-index"
checksum = "ffbe84efe2f38dea12e9bfc1f65377fdf03e53a18cb3b995faedf7934c7e785b"
checksum = "75e669e5202259b5314d1ea5397316ad400819437857b90861765f24c4cf80a2"
dependencies = [
"pem",
"ring 0.16.20",
"ring",
"rustls-pki-types",
"time",
"yasna",
"zeroize",
@ -3522,6 +3519,7 @@ dependencies = [
"bytes",
"futures-core",
"futures-util",
"h2 0.4.7",
"http 1.2.0",
"http-body 1.0.1",
"http-body-util",
@ -3577,30 +3575,14 @@ dependencies = [
[[package]]
name = "ring"
version = "0.16.20"
version = "0.17.14"
source = "registry+https://github.com/rust-lang/crates.io-index"
checksum = "3053cf52e236a3ed746dfc745aa9cacf1b791d846bdaf412f60a8d7d6e17c8fc"
dependencies = [
"cc",
"libc",
"once_cell",
"spin 0.5.2",
"untrusted 0.7.1",
"web-sys",
"winapi",
]
[[package]]
name = "ring"
version = "0.17.8"
source = "registry+https://github.com/rust-lang/crates.io-index"
checksum = "c17fa4cb658e3583423e915b9f3acc01cceaee1860e33d59ebae66adc3a2dc0d"
checksum = "a4689e6c2294d81e88dc6261c768b63bc4fcdb852be6d1352498b114f61383b7"
dependencies = [
"cc",
"cfg-if",
"getrandom 0.2.15",
"libc",
"spin 0.9.8",
"untrusted 0.9.0",
"windows-sys 0.52.0",
]
@ -3855,7 +3837,7 @@ source = "registry+https://github.com/rust-lang/crates.io-index"
checksum = "bf4ef73721ac7bcd79b2b315da7779d8fc09718c6b3d2d1b2d94850eb8c18432"
dependencies = [
"log",
"ring 0.17.8",
"ring",
"rustls-pki-types",
"rustls-webpki",
"subtle",
@ -3920,7 +3902,7 @@ source = "registry+https://github.com/rust-lang/crates.io-index"
checksum = "64ca1bc8749bd4cf37b5ce386cc146580777b4e8572c7b97baf22c83f444bee9"
dependencies = [
"aws-lc-rs",
"ring 0.17.8",
"ring",
"rustls-pki-types",
"untrusted 0.9.0",
]
@ -4428,12 +4410,6 @@ dependencies = [
"windows-sys 0.52.0",
]
[[package]]
name = "spin"
version = "0.5.2"
source = "registry+https://github.com/rust-lang/crates.io-index"
checksum = "6e63cff320ae2c57904679ba7cb63280a3dc4613885beafb148ee7bf9aa9042d"
[[package]]
name = "spin"
version = "0.9.8"
@ -5832,7 +5808,7 @@ version = "0.22.4"
source = "registry+https://github.com/rust-lang/crates.io-index"
checksum = "ed63aea5ce73d0ff405984102c42de94fc55a6b75765d621c65262469b3c9b53"
dependencies = [
"ring 0.17.8",
"ring",
"untrusted 0.9.0",
]

6
README.md
View file

@ -82,11 +82,11 @@ You can also use the admin web interface to view the live session list, review s
## Contributing / building from source
* You'll need Rust, NodeJS and Yarn
* You'll need Rust, NodeJS and NPM
* Clone the repo
* [Just](https://github.com/casey/just) is used to run tasks - install it: `cargo install just`
* Install the admin UI deps: `just yarn`
* Build the frontend: `just yarn build`
* Install the admin UI deps: `just npm`
* Build the frontend: `just npm run build`
* Build Warpgate: `cargo build` (optionally `--release`)
The binary is in `target/{debug|release}`.

1
deny.toml
View file

@ -72,6 +72,7 @@ feature-depth = 1
ignore = [
"RUSTSEC-2023-0071",
"RUSTSEC-2021-0139", # ansi-term is unmaintained
"RUSTSEC-2024-0436", # paste is unmaintained
#{ id = "RUSTSEC-0000-0000", reason = "you can specify a reason the advisory is ignored" },
#"a-crate-that-is-yanked@0.1.1", # you can also ignore yanked crate versions if you wish
#{ crate = "a-crate-that-is-yanked@0.1.1", reason = "you can specify why you are ignoring the yanked crate" },

5
docker/Dockerfile
View file

@ -7,15 +7,14 @@ RUN curl -fsSL https://deb.nodesource.com/setup_20.x | bash - \
&& apt-get update \
&& apt-get install -y ca-certificates-java nodejs openjdk-17-jdk \
&& rm -rf /var/lib/apt/lists/* \
&& npm install -g yarn \
&& cargo install just
COPY . /opt/warpgate
RUN cd /opt/warpgate \
&& just yarn --network-timeout 1000000000 \
&& just npm ci \
&& just openapi \
&& just yarn build \
&& just npm run build \
&& cargo build --features mysql,postgres --release
FROM debian:bullseye-20221024

1
docker/Dockerfile.builder
View file

@ -2,6 +2,5 @@ FROM centos/devtoolset-7-toolchain-centos7
USER root
RUN curl -fsSL https://rpm.nodesource.com/setup_16.x | bash -
RUN yum install -y nodejs java pkgconfig openssl-devel perl-IPC-Cmd && yum clean all
RUN npm i -g yarn
USER 1001
ENV PATH=/opt/app-root/src/.cargo/bin:/opt/rh/devtoolset-7/root/usr/bin:/opt/app-root/src/bin:/opt/app-root/bin:/opt/rh/devtoolset-7/root/usr/bin/:/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin

15
justfile
View file

@ -15,23 +15,26 @@ clippy *ARGS:
test:
for p in {{projects}}; do cargo test --all-features -p $p; done
yarn *ARGS:
cd warpgate-web && yarn {{ARGS}}
npm *ARGS:
cd warpgate-web && npm {{ARGS}}
npx *ARGS:
cd warpgate-web && npx {{ARGS}}
migrate *ARGS:
cargo run --all-features -p warpgate-db-migrations -- {{ARGS}}
lint *ARGS:
cd warpgate-web && yarn run lint {{ARGS}}
cd warpgate-web && npm run lint {{ARGS}}
svelte-check:
cd warpgate-web && yarn run check
cd warpgate-web && npm run check
openapi-all:
cd warpgate-web && yarn openapi:schema:admin && yarn openapi:schema:gateway && yarn openapi:client:admin && yarn openapi:client:gateway
cd warpgate-web && npm run openapi:schema:admin && npm run openapi:schema:gateway && npm run openapi:client:admin && npm run openapi:client:gateway
openapi:
cd warpgate-web && yarn openapi:client:admin && yarn openapi:client:gateway
cd warpgate-web && npm run openapi:client:admin && npm run openapi:client:gateway
cleanup: (fix "--allow-dirty") (clippy "--fix" "--allow-dirty") fmt svelte-check lint

1
warpgate-protocol-http/Cargo.toml
View file

@ -17,6 +17,7 @@ once_cell = "1.17"
poem.workspace = true
poem-openapi = { version = "5.1", features = ["swagger-ui"] }
reqwest = { version = "0.12", features = [
"http2", # required for connecting to targets behind AWS ELB
"rustls-tls-native-roots-no-provider",
"stream",
], default-features = false }

2
warpgate-sso/Cargo.toml
View file

@ -16,6 +16,6 @@ openidconnect = { version = "4.0", default-features = false, features = [
serde.workspace = true
serde_json.workspace = true
once_cell = "1.17"
jsonwebtoken = "8"
jsonwebtoken = "9"
data-encoding.workspace = true
futures.workspace = true

10331
warpgate-web/package-lock.json generated Normal file
View file

File diff suppressed because it is too large Load diff

28
warpgate-web/package.json
View file

@ -9,15 +9,16 @@
"watch": "vite build -w --mode development --minify false",
"check": "svelte-check --compiler-warnings 'a11y-no-noninteractive-element-interactions:ignore,a11y-click-events-have-key-events:ignore,a11y-no-static-element-interactions:ignore' --tsconfig ./tsconfig.json",
"lint": "eslint src && svelte-check",
"postinstall": "yarn run openapi:client:gateway && yarn run openapi:client:admin",
"postinstall": "npm run openapi:client:gateway && npm run openapi:client:admin",
"openapi:schema:gateway": "cargo run -p warpgate-protocol-http > src/gateway/lib/openapi-schema.json",
"openapi:schema:admin": "cargo run -p warpgate-admin > src/admin/lib/openapi-schema.json",
"openapi:client:gateway": "openapi-generator-cli generate -g typescript-fetch -i src/gateway/lib/openapi-schema.json -o src/gateway/lib/api-client -p npmName=warpgate-gateway-api-client -p useSingleRequestParameter=true && cd src/gateway/lib/api-client && npm i typescript@5 && npm i && yarn tsc --target esnext --module esnext && rm -rf src tsconfig.json",
"openapi:client:admin": "openapi-generator-cli generate -g typescript-fetch -i src/admin/lib/openapi-schema.json -o src/admin/lib/api-client -p npmName=warpgate-admin-api-client -p useSingleRequestParameter=true && cd src/admin/lib/api-client && npm i typescript@5 && npm i && yarn tsc --target esnext --module esnext && rm -rf src tsconfig.json",
"openapi:client:gateway": "openapi-generator-cli generate -g typescript-fetch -i src/gateway/lib/openapi-schema.json -o src/gateway/lib/api-client -p npmName=warpgate-gateway-api-client -p useSingleRequestParameter=true && cd src/gateway/lib/api-client && npm i typescript@5 && npm i && npx tsc --target esnext --module esnext && rm -rf src tsconfig.json",
"openapi:client:admin": "openapi-generator-cli generate -g typescript-fetch -i src/admin/lib/openapi-schema.json -o src/admin/lib/api-client -p npmName=warpgate-admin-api-client -p useSingleRequestParameter=true && cd src/admin/lib/api-client && npm i typescript@5 && npm i && npx tsc --target esnext --module esnext && rm -rf src tsconfig.json",
"openapi:tests-sdk": "openapi-generator-cli generate -g python -i src/admin/lib/openapi-schema.json -o ../tests/api_sdk",
"openapi": "yarn run openapi:schema:admin && yarn run openapi:schema:gateway && yarn run openapi:client:admin && yarn run openapi:client:gateway"
"openapi": "npm run openapi:schema:admin && npm run openapi:schema:gateway && npm run openapi:client:admin && npm run openapi:client:gateway"
},
"devDependencies": {
"@cyclonedx/cyclonedx-npm": "^2.1.0",
"@fontsource/poppins": "^5.1.1",
"@fontsource/work-sans": "^4.5.12",
"@fortawesome/free-brands-svg-icons": "^6.7.2",
@ -27,6 +28,7 @@
"@otplib/plugin-base32-enc-dec": "^12.0.1",
"@otplib/plugin-crypto-js": "^12.0.1",
"@otplib/preset-browser": "^12.0.1",
"@stylistic/eslint-plugin": "^2.13.0",
"@sveltejs/vite-plugin-svelte": "^4.0.4",
"@sveltestrap/sveltestrap": "^6.2.7",
"@tsconfig/svelte": "^5.0.0",
@ -37,12 +39,12 @@
"bootstrap": "^5.3.3",
"copy-text-to-clipboard": "^3.0.1",
"date-fns": "^4.1.0",
"eslint": "^9.20.1",
"eslint": "^9",
"eslint-config-standard": "^17.1.0",
"eslint-import-resolver-typescript": "^3.7.0",
"eslint-plugin-import": "^2.31.0",
"eslint-plugin-node": "^11.1.0",
"eslint-plugin-promise": "^7.2.1",
"eslint-plugin-promise": "^6",
"eslint-plugin-svelte": "^2.46.1",
"format-duration": "^3.0.2",
"otpauth": "^9.3.6",
@ -58,13 +60,21 @@
"thenby": "^1.3.4",
"tslib": "^2.8.0",
"typescript": "^5.7.3",
"typescript-eslint": "^8.26.0",
"ua-parser-js": "^2.0.2",
"vite": "^5.4.11",
"vite-plugin-checker": "^0.8.0",
"vite-tsconfig-paths": "^5.1.4"
},
"dependencies": {
"@stylistic/eslint-plugin": "^2.13.0",
"typescript-eslint": "^8.24.0"
"overrides": {
"svelte-observable": {
"svelte": "^5"
},
"eslint-config-standard": {
"eslint": "^9"
},
"@eslint-community/eslint-utils": {
"eslint": "^9"
}
}
}

2
warpgate-web/src/admin/lib/openapi-schema.json
View file

@ -2,7 +2,7 @@
"openapi": "3.0.0",
"info": {
"title": "Warpgate Web Admin",
"version": "0.13.0"
"version": "0.13.2"
},
"servers": [
{

2
warpgate-web/src/gateway/lib/openapi-schema.json
View file

@ -2,7 +2,7 @@
"openapi": "3.0.0",
"info": {
"title": "Warpgate HTTP proxy",
"version": "0.13.0"
"version": "0.13.2"
},
"servers": [
{

3749
warpgate-web/yarn.lock
View file

File diff suppressed because it is too large Load diff

2
warpgate/Cargo.toml
View file

@ -18,7 +18,7 @@ dialoguer = "0.10"
enum_dispatch.workspace = true
futures.workspace = true
notify = "5.1"
rcgen = { version = "0.10", features = ["zeroize"] }
rcgen = { version = "0.13", features = ["zeroize"] }
rustls.workspace = true
serde_json.workspace = true
serde_yaml = "0.9"

4
warpgate/src/commands/setup.rs
View file

@ -361,8 +361,8 @@ pub(crate) async fn command(cli: &crate::Cli) -> Result<()> {
.paths_relative_to
.join(&config.store.http.certificate);
let key_path = config.paths_relative_to.join(&config.store.http.key);
std::fs::write(&certificate_path, cert.serialize_pem()?)?;
std::fs::write(&key_path, cert.serialize_private_key_pem())?;
std::fs::write(&certificate_path, cert.cert.pem())?;
std::fs::write(&key_path, cert.key_pair.serialize_pem())?;
secure_file(&certificate_path)?;
secure_file(&key_path)?;
}