colin
/
sharded-gotify
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity

Add support for ssl.

This commit is contained in:
Jannis Mattheis 2018-02-18 15:15:44 +01:00 committed by Jannis Mattheis
parent 7bbe7d374a
commit 80887bf4b5
4 changed files with 71 additions and 3 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

4
Gopkg.lock generated
View File

@ -161,6 +161,8 @@
branch = "master" branch = "master"
name = "golang.org/x/crypto" name = "golang.org/x/crypto"
packages = [ packages = [
"acme",
"acme/autocert",
"bcrypt", "bcrypt",
"blowfish" "blowfish"
] ]
@ -187,6 +189,6 @@
[solve-meta] [solve-meta]
analyzer-name = "dep" analyzer-name = "dep"
analyzer-version = 1 analyzer-version = 1
inputs-digest = "bfae0090e41cf3d9591943f08f86a6f1c68d846e2969817597b5163bd76f4edf" inputs-digest = "c3c460b8861fdd2b2e1ebd3b9eafda81016511f59d0610308231f41d4111e687"
solver-name = "gps-cdcl" solver-name = "gps-cdcl"
solver-version = 1 solver-version = 1

4
Gopkg.toml
View File

@ -27,5 +27,9 @@
name = "github.com/jmattheis/go-packr-swagger-ui" name = "github.com/jmattheis/go-packr-swagger-ui"
revision = "v3.10.0" revision = "v3.10.0"
[[constraint]]
name = "github.com/golang/crypto"
branch = "master"
[prune] [prune]
unused-packages = true unused-packages = true

5
app.go
View File

@ -1,7 +1,6 @@
package main package main
import ( import (
"fmt"
"math/rand" "math/rand"
"time" "time"
@ -9,6 +8,7 @@ import (
"github.com/gotify/server/config" "github.com/gotify/server/config"
"github.com/gotify/server/database" "github.com/gotify/server/database"
"github.com/gotify/server/router" "github.com/gotify/server/router"
"github.com/gotify/server/runner"
) )
func main() { func main() {
@ -23,5 +23,6 @@ func main() {
gin.SetMode(gin.ReleaseMode) gin.SetMode(gin.ReleaseMode)
engine, closeable := router.Create(db) engine, closeable := router.Create(db)
defer closeable() defer closeable()
engine.Run(fmt.Sprintf(":%d", conf.Port))
runner.Run(engine, conf)
} }

61
runner/runner.go Normal file
View File

@ -0,0 +1,61 @@
package runner
import (
"crypto/tls"
"fmt"
"net"
"net/http"
"github.com/gin-gonic/gin"
"github.com/gotify/server/config"
"golang.org/x/crypto/acme/autocert"
)
// Run starts the http server and if configured a https server.
func Run(engine *gin.Engine, conf *config.Configuration) {
var httpHandler http.Handler = engine
if *conf.Server.SSL.Enabled {
fmt.Println(*conf.Server.SSL.RedirectToHTTPS)
if *conf.Server.SSL.RedirectToHTTPS {
httpHandler = redirectToHTTPS(string(conf.Server.SSL.Port))
}
s := &http.Server{
Addr: fmt.Sprintf(":%d", conf.Server.SSL.Port),
Handler: engine,
}
if *conf.Server.SSL.LetsEncrypt.Enabled {
certManager := autocert.Manager{
Prompt: func(tosURL string) bool { return *conf.Server.SSL.LetsEncrypt.AcceptTOS },
HostPolicy: autocert.HostWhitelist(conf.Server.SSL.LetsEncrypt.Hosts...),
Cache: autocert.DirCache(conf.Server.SSL.LetsEncrypt.Cache),
}
httpHandler = certManager.HTTPHandler(httpHandler)
s.TLSConfig = &tls.Config{GetCertificate: certManager.GetCertificate}
}
go s.ListenAndServeTLS(conf.Server.SSL.CertFile, conf.Server.SSL.CertKey)
}
http.ListenAndServe(fmt.Sprintf(":%d", conf.Server.Port), httpHandler)
}
func redirectToHTTPS(port string) http.HandlerFunc {
return func(w http.ResponseWriter, r *http.Request) {
if r.Method != "GET" && r.Method != "HEAD" {
http.Error(w, "Use HTTPS", http.StatusBadRequest)
return
}
target := "https://" + changePort(r.Host, port) + r.URL.RequestURI()
http.Redirect(w, r, target, http.StatusFound)
}
}
func changePort(hostPort string, port string) string {
host, _, err := net.SplitHostPort(hostPort)
if err != nil {
return hostPort
}
return net.JoinHostPort(host, port)
}