Skip to content

Commit

Permalink
enhance: add functions for daemon tools to do mTLS (#67)
Browse files Browse the repository at this point in the history 
Signed-off-by: Grant Linville <[email protected]>
  • Loading branch information
@g-linville
g-linville authored Dec 16, 2024
1 parent 0cebee3 commit 64f1b28
Show file tree
Hide file tree
Showing 3 changed files with 60 additions and 0 deletions.
58 changes: 58 additions & 0 deletions gptscript/daemon.py
View file
Original file line number Diff line number Diff line change
@@ -0,0 +1,58 @@
import base64
import ssl
import os
import tempfile


def start_uvicorn(app):
cert, key, client_cert = save_certificates_from_env()

@app.on_event("shutdown")
def cleanup():
os.remove(cert)
os.remove(key)
os.remove(client_cert)

import uvicorn
uvicorn.run(
app,
host="127.0.0.1",
port=int(os.getenv("PORT")),
ssl_certfile=cert,
ssl_keyfile=key,
ssl_ca_certs=client_cert,
ssl_cert_reqs=ssl.CERT_REQUIRED,
)

def save_certificates_from_env():
cert = base64.b64decode(os.getenv("CERT", ""))
key = base64.b64decode(os.getenv("PRIVATE_KEY", ""))
client_cert = base64.b64decode(os.getenv("GPTSCRIPT_CERT", ""))

if cert == "":
print("error: CERT env var is empty")
exit(1)
elif key == "":
print("error: PRIVATE_KEY env var is empty")
exit(1)
elif client_cert == "":
print("error: GPTSCRIPT_CERT env var is empty")
exit(1)

cert_file = tempfile.NamedTemporaryFile(delete=False, suffix=".pem")
key_file = tempfile.NamedTemporaryFile(delete=False, suffix=".pem")
client_cert_file = tempfile.NamedTemporaryFile(delete=False, suffix=".pem")

os.chmod(cert_file.name, 0o600)
os.chmod(key_file.name, 0o600)
os.chmod(client_cert_file.name, 0o600)

cert_file.write(cert)
key_file.write(key)
client_cert_file.write(client_cert)

cert_file.close()
key_file.close()
client_cert_file.close()

return cert_file.name, key_file.name, client_cert_file.name
1 change: 1 addition & 0 deletions pyproject.toml
View file
Original file line number Diff line number Diff line change
Expand Up @@ -19,6 +19,7 @@ dependencies = [
"urllib3==2.2.1",
"pydantic==2.9.2",
"pywin32==306 ; sys_platform == 'win32'",
"uvicorn==0.32.1",
]

[project.urls]
Expand Down
1 change: 1 addition & 0 deletions requirements.txt
View file
Original file line number Diff line number Diff line change
Expand Up @@ -12,3 +12,4 @@ build==1.1.1
httpx==0.27.0
pydantic==2.9.2
pywin32==306; sys_platform == 'win32'
uvicorn==0.32.1

0 comments on commit 64f1b28

Please sign in to comment.