update go mod, remove tls insecure skip verifies

app/common/config.go

@@ -2,6 +2,7 @@ package app
 
 import (
 	"encoding/json"
+	"log"
 	"os"
 )
 
@@ -34,15 +35,23 @@ type Config struct {
 	PVE PVEConfig `json:"pve"`
 }
 
-func GetConfig(configPath string) (Config, error) {
-	content, err := os.ReadFile(configPath)
+func GetConfig(configPath string) Config {
+	root, err := os.OpenRoot(".")
 	if err != nil {
-		return Config{}, err
+		log.Fatal("Error when opening root dir: ", err)
 	}
+	defer root.Close()
+
+	content, err := root.ReadFile(configPath)
+	if err != nil {
+		log.Fatal("Error when opening config file: ", err)
+	}
+
 	var config Config
 	err = json.Unmarshal(content, &config)
 	if err != nil {
-		return Config{}, err
+		log.Fatal("Error during parsing config file: ", err)
 	}
-	return config, nil
+
+	return config
 }

app/ldap/ldap.go

@@ -25,7 +25,7 @@ func NewClientFromCredentials(config common.LDAPConfig, username common.Username
 	}
 
 	if config.StartTLS {
-		err = LDAPConn.StartTLS(&tls.Config{InsecureSkipVerify: true})
+		err = LDAPConn.StartTLS(&tls.Config{})
 		if err != nil {
 			return nil, http.StatusInternalServerError, err
 		}

app/localdb/localdb.go

@@ -14,14 +14,20 @@ type DB struct {
 
 func LoadDB(localDBPath string) (DB, error) {
 	db := DB{}
-	content, err := os.ReadFile(localDBPath)
+
+	root, err := os.OpenRoot(".")
 	if err != nil {
-		//log.Fatal("Error when opening file: ", err)
 		return db, err
 	}
+	defer root.Close()
+
+	content, err := root.ReadFile(localDBPath)
+	if err != nil {
+		return db, err
+	}
+
 	err = json.Unmarshal(content, &db.data)
 	if err != nil {
-		//log.Fatal("Error during Unmarshal(): ", err)
 		return db, err
 	}
 	return db, nil
@@ -32,7 +38,7 @@ func SaveDB(localDBPath string, db DB) error {
 	if err != nil {
 		return err
 	}
-	err = os.WriteFile(localDBPath, []byte(json), 0644)
+	err = os.WriteFile(localDBPath, []byte(json), 0600)
 	return err
 }
 

app/main.go

@@ -30,10 +30,8 @@ var Realms map[string]Realm
 func Run(configPath *string, localDBPath *string) {
 	// load config values
 	var err error
-	Config, err = common.GetConfig(*configPath)
-	if err != nil {
-		log.Fatalf("Error when reading config file: %s\n", err)
-	}
+	Config = common.GetConfig(*configPath)
+	// already exits if failed
 	log.Printf("Read in config from %s\n", *configPath)
 
 	// load localdb
@@ -551,9 +549,7 @@ func GetRealmsFromPVE(config *common.Config) map[string]Realm {
 
 	HTTPClient := http.Client{
 		Transport: &http.Transport{
-			TLSClientConfig: &tls.Config{
-				InsecureSkipVerify: true,
-			},
+			TLSClientConfig: &tls.Config{},
 		},
 	}
 	token := fmt.Sprintf(`%s@%s!%s`, config.PVE.Token.User, config.PVE.Token.Realm, config.PVE.Token.ID)

app/pve/pve.go

@@ -21,9 +21,7 @@ type ProxmoxClient struct {
 func NewClientFromCredentials(config common.PVEConfig, username common.Username, password string) (*ProxmoxClient, int, error) {
 	HTTPClient := http.Client{
 		Transport: &http.Transport{
-			TLSClientConfig: &tls.Config{
-				InsecureSkipVerify: true,
-			},
+			TLSClientConfig: &tls.Config{},
 		},
 	}