Spin up an HTTPS server when certificates, port and private key are configured.
This commit is contained in:
parent
5cbaeb82a8
commit
30050bf278
43
app.go
43
app.go
@ -1,6 +1,7 @@
|
|||||||
package main
|
package main
|
||||||
|
|
||||||
import (
|
import (
|
||||||
|
"crypto/tls"
|
||||||
"fmt"
|
"fmt"
|
||||||
stdlog "log"
|
stdlog "log"
|
||||||
"net"
|
"net"
|
||||||
@ -10,6 +11,7 @@ import (
|
|||||||
"path/filepath"
|
"path/filepath"
|
||||||
"runtime"
|
"runtime"
|
||||||
"strconv"
|
"strconv"
|
||||||
|
"sync"
|
||||||
"syscall"
|
"syscall"
|
||||||
"time"
|
"time"
|
||||||
|
|
||||||
@ -21,6 +23,11 @@ import (
|
|||||||
// VersionString will be set through ldflags, contains current version
|
// VersionString will be set through ldflags, contains current version
|
||||||
var VersionString = "undefined"
|
var VersionString = "undefined"
|
||||||
var httpServer *http.Server
|
var httpServer *http.Server
|
||||||
|
var httpsServer struct {
|
||||||
|
server *http.Server
|
||||||
|
cond *sync.Cond // reacts to config.TLS.PortHTTPS, CertificateChain and PrivateKey
|
||||||
|
sync.Mutex // protects config.TLS
|
||||||
|
}
|
||||||
|
|
||||||
const (
|
const (
|
||||||
// Used in config to indicate that syslog or eventlog (win) should be used for logger output
|
// Used in config to indicate that syslog or eventlog (win) should be used for logger output
|
||||||
@ -159,6 +166,42 @@ func run(args options) {
|
|||||||
registerInstallHandlers()
|
registerInstallHandlers()
|
||||||
}
|
}
|
||||||
|
|
||||||
|
httpsServer.cond = sync.NewCond(&httpsServer.Mutex)
|
||||||
|
|
||||||
|
// for https, we have a separate goroutine loop
|
||||||
|
go func() {
|
||||||
|
for { // this is an endless loop
|
||||||
|
httpsServer.cond.L.Lock()
|
||||||
|
// this mechanism doesn't let us through until all conditions are ment
|
||||||
|
for config.TLS.PortHTTPS == 0 || config.TLS.PrivateKey == "" || config.TLS.CertificateChain == "" { // sleep until neccessary data is supplied
|
||||||
|
httpsServer.cond.Wait()
|
||||||
|
}
|
||||||
|
log.Printf("%+v", config.TLS)
|
||||||
|
address := net.JoinHostPort(config.BindHost, strconv.Itoa(config.TLS.PortHTTPS))
|
||||||
|
cert, err := tls.X509KeyPair([]byte(config.TLS.CertificateChain), []byte(config.TLS.PrivateKey))
|
||||||
|
if err != nil {
|
||||||
|
log.Fatal(err)
|
||||||
|
os.Exit(1)
|
||||||
|
}
|
||||||
|
config := &tls.Config{
|
||||||
|
Certificates: []tls.Certificate{cert},
|
||||||
|
}
|
||||||
|
httpsServer.server = &http.Server{
|
||||||
|
Addr: address,
|
||||||
|
TLSConfig: config,
|
||||||
|
}
|
||||||
|
httpsServer.cond.L.Unlock()
|
||||||
|
|
||||||
|
URL := fmt.Sprintf("https://%s", address)
|
||||||
|
log.Println("Go to " + URL)
|
||||||
|
err = httpsServer.server.ListenAndServeTLS("", "")
|
||||||
|
if err != http.ErrServerClosed {
|
||||||
|
log.Fatal(err)
|
||||||
|
os.Exit(1)
|
||||||
|
}
|
||||||
|
}
|
||||||
|
}()
|
||||||
|
|
||||||
// this loop is used as an ability to change listening host and/or port
|
// this loop is used as an ability to change listening host and/or port
|
||||||
for {
|
for {
|
||||||
address := net.JoinHostPort(config.BindHost, strconv.Itoa(config.BindPort))
|
address := net.JoinHostPort(config.BindHost, strconv.Itoa(config.BindPort))
|
||||||
|
@ -1077,6 +1077,7 @@ func handleTLSConfigure(w http.ResponseWriter, r *http.Request) {
|
|||||||
return
|
return
|
||||||
}
|
}
|
||||||
config.TLS = data
|
config.TLS = data
|
||||||
|
httpsServer.cond.Broadcast()
|
||||||
httpUpdateConfigReloadDNSReturnOK(w, r)
|
httpUpdateConfigReloadDNSReturnOK(w, r)
|
||||||
}
|
}
|
||||||
|
|
||||||
|
Loading…
Reference in New Issue
Block a user