Add TLS support.

This commit is contained in:
Aaron Bieber 2021-05-20 06:23:18 -06:00
parent 62ad6c78d6
commit 85d4c11447

36
main.go
View File

@ -1,6 +1,7 @@
package main package main
import ( import (
"crypto/tls"
"embed" "embed"
"encoding/csv" "encoding/csv"
"flag" "flag"
@ -56,12 +57,15 @@ type userHandlers struct {
} }
var ( var (
davDir string
listen string
auth bool auth bool
passPath string davDir string
users map[string]string fullListen string
handlers map[string]userHandlers handlers map[string]userHandlers
listen string
passPath string
tlsCert string
tlsKey string
users map[string]string
) )
func init() { func init() {
@ -74,6 +78,8 @@ func init() {
flag.StringVar(&davDir, "wikis", dir, "Directory of TiddlyWikis to serve over WebDAV.") flag.StringVar(&davDir, "wikis", dir, "Directory of TiddlyWikis to serve over WebDAV.")
flag.StringVar(&listen, "http", "localhost:8080", "Listen on") flag.StringVar(&listen, "http", "localhost:8080", "Listen on")
flag.StringVar(&tlsCert, "tlscert", "", "TLS certificate.")
flag.StringVar(&tlsKey, "tlskey", "", "TLS key.")
flag.StringVar(&passPath, "htpass", fmt.Sprintf("%s/.htpasswd", dir), "Path to .htpasswd file..") flag.StringVar(&passPath, "htpass", fmt.Sprintf("%s/.htpasswd", dir), "Path to .htpasswd file..")
flag.BoolVar(&auth, "auth", true, "Enable HTTP Basic Authentication.") flag.BoolVar(&auth, "auth", true, "Enable HTTP Basic Authentication.")
flag.Parse() flag.Parse()
@ -246,7 +252,7 @@ func main() {
handler.fs.ServeHTTP(w, r) handler.fs.ServeHTTP(w, r)
} else { } else {
l := Landing{ l := Landing{
URL: fmt.Sprintf("http://%s/wiki.html", listen), URL: fmt.Sprintf("%s/wiki.html", fullListen),
} }
if user != "" { if user != "" {
l.User = user l.User = user
@ -266,9 +272,25 @@ func main() {
lis, err := net.Listen("tcp", listen) lis, err := net.Listen("tcp", listen)
if err != nil { if err != nil {
log.Panic(err) log.Fatalln(err)
} }
if tlsCert != "" && tlsKey != "" {
fullListen = fmt.Sprintf("https://%s", listen)
s.TLSConfig = &tls.Config{
MinVersion: tls.VersionTLS12,
CurvePreferences: []tls.CurveID{tls.CurveP521, tls.CurveP384, tls.CurveP256},
PreferServerCipherSuites: true,
}
log.Printf("Listening for HTTPS on 'https://%s'", listen)
log.Fatalln(s.ServeTLS(lis, tlsCert, tlsKey))
} else {
fullListen = fmt.Sprintf("http://%s", listen)
log.Printf("Listening for HTTP on 'http://%s'", listen) log.Printf("Listening for HTTP on 'http://%s'", listen)
log.Panic(s.Serve(lis)) log.Fatalln(s.Serve(lis))
}
} }