Add TLS/HTTPS
parent
1e7ae885b4
commit
07a1fe3acb
17
cmd/app.go
17
cmd/app.go
|
@ -18,7 +18,10 @@ import (
|
|||
func New() *cli.App {
|
||||
flags := []cli.Flag{
|
||||
&cli.StringFlag{Name: "config", Aliases: []string{"c"}, EnvVars: []string{"NTFY_CONFIG_FILE"}, Value: "/etc/ntfy/config.yml", DefaultText: "/etc/ntfy/config.yml", Usage: "config file"},
|
||||
altsrc.NewStringFlag(&cli.StringFlag{Name: "listen-http", Aliases: []string{"l"}, EnvVars: []string{"NTFY_LISTEN_HTTP"}, Value: config.DefaultListenHTTP, Usage: "ip:port used to as listen address"}),
|
||||
altsrc.NewStringFlag(&cli.StringFlag{Name: "listen-http", Aliases: []string{"l"}, EnvVars: []string{"NTFY_LISTEN_HTTP"}, Value: config.DefaultListenHTTP, Usage: "ip:port used to as HTTP listen address"}),
|
||||
altsrc.NewStringFlag(&cli.StringFlag{Name: "listen-https", Aliases: []string{"L"}, EnvVars: []string{"NTFY_LISTEN_HTTPS"}, Usage: "ip:port used to as HTTPS listen address"}),
|
||||
altsrc.NewStringFlag(&cli.StringFlag{Name: "key-file", Aliases: []string{"K"}, EnvVars: []string{"NTFY_KEY_FILE"}, Usage: "private key file, if listen-https is set"}),
|
||||
altsrc.NewStringFlag(&cli.StringFlag{Name: "cert-file", Aliases: []string{"E"}, EnvVars: []string{"NTFY_CERT_FILE"}, Usage: "certificate file, if listen-https is set"}),
|
||||
altsrc.NewStringFlag(&cli.StringFlag{Name: "firebase-key-file", Aliases: []string{"F"}, EnvVars: []string{"NTFY_FIREBASE_KEY_FILE"}, Usage: "Firebase credentials file; if set additionally publish to FCM topic"}),
|
||||
altsrc.NewStringFlag(&cli.StringFlag{Name: "cache-file", Aliases: []string{"C"}, EnvVars: []string{"NTFY_CACHE_FILE"}, Usage: "cache file used for message caching"}),
|
||||
altsrc.NewDurationFlag(&cli.DurationFlag{Name: "cache-duration", Aliases: []string{"b"}, EnvVars: []string{"NTFY_CACHE_DURATION"}, Value: config.DefaultCacheDuration, Usage: "buffer messages for this time to allow `since` requests"}),
|
||||
|
@ -50,6 +53,9 @@ func New() *cli.App {
|
|||
func execRun(c *cli.Context) error {
|
||||
// Read all the options
|
||||
listenHTTP := c.String("listen-http")
|
||||
listenHTTPS := c.String("listen-https")
|
||||
keyFile := c.String("key-file")
|
||||
certFile := c.String("cert-file")
|
||||
firebaseKeyFile := c.String("firebase-key-file")
|
||||
cacheFile := c.String("cache-file")
|
||||
cacheDuration := c.Duration("cache-duration")
|
||||
|
@ -70,10 +76,19 @@ func execRun(c *cli.Context) error {
|
|||
return errors.New("manager interval cannot be lower than five seconds")
|
||||
} else if cacheDuration < managerInterval {
|
||||
return errors.New("cache duration cannot be lower than manager interval")
|
||||
} else if keyFile != "" && !util.FileExists(keyFile) {
|
||||
return errors.New("if set, key file must exist")
|
||||
} else if certFile != "" && !util.FileExists(certFile) {
|
||||
return errors.New("if set, certificate file must exist")
|
||||
} else if listenHTTPS != "" && (keyFile == "" || certFile == "") {
|
||||
return errors.New("if listen-https is set, both key-file and cert-file must be set")
|
||||
}
|
||||
|
||||
// Run server
|
||||
conf := config.New(listenHTTP)
|
||||
conf.ListenHTTPS = listenHTTPS
|
||||
conf.KeyFile = keyFile
|
||||
conf.CertFile = certFile
|
||||
conf.FirebaseKeyFile = firebaseKeyFile
|
||||
conf.CacheFile = cacheFile
|
||||
conf.CacheDuration = cacheDuration
|
||||
|
|
|
@ -27,6 +27,9 @@ const (
|
|||
// Config is the main config struct for the application. Use New to instantiate a default config struct.
|
||||
type Config struct {
|
||||
ListenHTTP string
|
||||
ListenHTTPS string
|
||||
KeyFile string
|
||||
CertFile string
|
||||
FirebaseKeyFile string
|
||||
CacheFile string
|
||||
CacheDuration time.Duration
|
||||
|
@ -43,6 +46,9 @@ type Config struct {
|
|||
func New(listenHTTP string) *Config {
|
||||
return &Config{
|
||||
ListenHTTP: listenHTTP,
|
||||
ListenHTTPS: "",
|
||||
KeyFile: "",
|
||||
CertFile: "",
|
||||
FirebaseKeyFile: "",
|
||||
CacheFile: "",
|
||||
CacheDuration: DefaultCacheDuration,
|
||||
|
|
|
@ -5,6 +5,21 @@
|
|||
#
|
||||
# listen-http: ":80"
|
||||
|
||||
# Listen address for the HTTPS web server. If set, you must also set "key-file" and "cert-file".
|
||||
# Format: <hostname>:<port>
|
||||
#
|
||||
# listen-https:
|
||||
|
||||
# Path to the private key file for the HTTPS web server. Not used if "listen-https" is not set.
|
||||
# Format: <filename>
|
||||
#
|
||||
# key-file:
|
||||
|
||||
# Path to the cert file for the HTTPS web server. Not used if "listen-https" is not set.
|
||||
# Format: <filename>
|
||||
#
|
||||
# cert-file:
|
||||
|
||||
# If set, also publish messages to a Firebase Cloud Messaging (FCM) topic for your app.
|
||||
# This is optional and only required to support Android apps (which don't allow background services anymore).
|
||||
#
|
||||
|
|
|
@ -173,13 +173,23 @@ func (s *Server) Run() error {
|
|||
s.updateStatsAndExpire()
|
||||
}
|
||||
}()
|
||||
return s.listenAndServe()
|
||||
listenStr := fmt.Sprintf("%s/http", s.config.ListenHTTP)
|
||||
if s.config.ListenHTTPS != "" {
|
||||
listenStr += fmt.Sprintf(" %s/https", s.config.ListenHTTPS)
|
||||
}
|
||||
log.Printf("Listening on %s", listenStr)
|
||||
|
||||
func (s *Server) listenAndServe() error {
|
||||
log.Printf("Listening on %s", s.config.ListenHTTP)
|
||||
http.HandleFunc("/", s.handle)
|
||||
return http.ListenAndServe(s.config.ListenHTTP, nil)
|
||||
errChan := make(chan error)
|
||||
go func() {
|
||||
errChan <- http.ListenAndServe(s.config.ListenHTTP, nil)
|
||||
}()
|
||||
if s.config.ListenHTTPS != "" {
|
||||
go func() {
|
||||
errChan <- http.ListenAndServeTLS(s.config.ListenHTTPS, s.config.CertFile, s.config.KeyFile, nil)
|
||||
}()
|
||||
}
|
||||
return <-errChan
|
||||
}
|
||||
|
||||
func (s *Server) handle(w http.ResponseWriter, r *http.Request) {
|
||||
|
|
Loading…
Reference in New Issue