From 772e12d11c0baf1aa3554b910bf8bce6b0659bff Mon Sep 17 00:00:00 2001 From: Harvey Tindall Date: Fri, 15 Jan 2021 14:41:44 +0000 Subject: [PATCH] add optional tls/http2 support Allows for http2 server push, see the advanced section. --- .gitignore | 3 +++ config/config-base.json | 44 +++++++++++++++++++++++++++++++++++++++++ main.go | 20 +++++++++++++++---- 3 files changed, 63 insertions(+), 4 deletions(-) diff --git a/.gitignore b/.gitignore index ed03dea..71a8ff1 100644 --- a/.gitignore +++ b/.gitignore @@ -9,3 +9,6 @@ docs/* lang/langtostruct.py config-payload.json !docs/go.mod +server.key +server.pem +server.crt diff --git a/config/config-base.json b/config/config-base.json index 1c9c28c..902f056 100644 --- a/config/config-base.json +++ b/config/config-base.json @@ -219,6 +219,50 @@ } } }, + "advanced": { + "order": [], + "meta": { + "name": "Advanced", + "description": "Advanced settings." + }, + "settings": { + "tls": { + "name": "TLS/HTTP2", + "required": false, + "requires_restart": true, + "type": "bool", + "value": false, + "description": "Enable TLS, and by extension HTTP2. This enables server push, where required files are pushed to the web browser before they request them, allowing quicker page loads." + }, + "tls_port": { + "name": "TLS Port", + "depends_true": "tls", + "required": false, + "requires_restart": true, + "type": "number", + "value": 8057, + "description": "Port to run TLS server on" + }, + "tls_cert": { + "name": "Path to TLS Certificate", + "depends_true": "tls", + "required": false, + "requires_restart": true, + "type": "text", + "value": "", + "description": "Path to .crt file. See jfa-go wiki for more info." + }, + "tls_key": { + "name": "Path to TLS Key file", + "depends_true": "tls", + "required": false, + "requires_restart": true, + "type": "text", + "value": "", + "description": "Path to .key file. See jfa-go wiki for more info." + } + } + }, "password_validation": { "order": [], "meta": { diff --git a/main.go b/main.go index 9c0dad2..eff777b 100644 --- a/main.go +++ b/main.go @@ -331,7 +331,12 @@ func start(asDaemon, firstCall bool) { if !firstRun { app.host = app.config.Section("ui").Key("host").String() - app.port = app.config.Section("ui").Key("port").MustInt(8056) + if app.config.Section("advanced").Key("tls").MustBool(false) { + app.info.Println("Using TLS/HTTP2") + app.port = app.config.Section("advanced").Key("tls_port").MustInt(8057) + } else { + app.port = app.config.Section("ui").Key("port").MustInt(8056) + } if *HOST != app.host && *HOST != "" { app.host = *HOST @@ -350,7 +355,6 @@ func start(asDaemon, firstCall bool) { } } } - address = fmt.Sprintf("%s:%d", app.host, app.port) app.debug.Printf("Loaded config file \"%s\"", app.configPath) @@ -625,8 +629,16 @@ func start(asDaemon, firstCall bool) { Handler: router, } go func() { - if err := SRV.ListenAndServe(); err != nil { - app.err.Printf("Failure serving: %s", err) + if app.config.Section("advanced").Key("tls").MustBool(false) { + cert := app.config.Section("advanced").Key("tls_cert").MustString("") + key := app.config.Section("advanced").Key("tls_key").MustString("") + if err := SRV.ListenAndServeTLS(cert, key); err != nil { + app.err.Printf("Failure serving: %s", err) + } + } else { + if err := SRV.ListenAndServe(); err != nil { + app.err.Printf("Failure serving: %s", err) + } } }() app.quit = make(chan os.Signal)