mirror of
https://github.com/juanfont/headscale.git
synced 2024-11-26 08:53:05 +00:00
Add HTTPS support for the web endpoint with manually configured
certificate/key files.
This commit is contained in:
parent
c5a3d0b01c
commit
252c68c50a
3 changed files with 23 additions and 2 deletions
17
app.go
17
app.go
|
@ -3,6 +3,7 @@ package headscale
|
|||
import (
|
||||
"fmt"
|
||||
"os"
|
||||
"strings"
|
||||
"sync"
|
||||
|
||||
"github.com/gin-gonic/gin"
|
||||
|
@ -22,6 +23,9 @@ type Config struct {
|
|||
DBname string
|
||||
DBuser string
|
||||
DBpass string
|
||||
|
||||
TLSCertPath string
|
||||
TLSKeyPath string
|
||||
}
|
||||
|
||||
// Headscale represents the base app of the service
|
||||
|
@ -68,6 +72,17 @@ func (h *Headscale) Serve() error {
|
|||
r.GET("/register", h.RegisterWebAPI)
|
||||
r.POST("/machine/:id/map", h.PollNetMapHandler)
|
||||
r.POST("/machine/:id", h.RegistrationHandler)
|
||||
err := r.Run(h.cfg.Addr)
|
||||
var err error
|
||||
if h.cfg.TLSCertPath == "" {
|
||||
if !strings.HasPrefix(h.cfg.ServerURL, "http://") {
|
||||
fmt.Println("WARNING: listening without TLS but ServerURL does not start with http://")
|
||||
}
|
||||
err = r.Run(h.cfg.Addr)
|
||||
} else {
|
||||
if !strings.HasPrefix(h.cfg.ServerURL, "https://") {
|
||||
fmt.Println("WARNING: listening with TLS but ServerURL does not start with https://")
|
||||
}
|
||||
err = r.RunTLS(h.cfg.Addr, h.cfg.TLSCertPath, h.cfg.TLSKeyPath)
|
||||
}
|
||||
return err
|
||||
}
|
||||
|
|
|
@ -311,7 +311,11 @@ func getHeadscaleApp() (*headscale.Headscale, error) {
|
|||
DBname: viper.GetString("db_name"),
|
||||
DBuser: viper.GetString("db_user"),
|
||||
DBpass: viper.GetString("db_pass"),
|
||||
|
||||
TLSCertPath: absPath(viper.GetString("tls_cert_path")),
|
||||
TLSKeyPath: absPath(viper.GetString("tls_key_path")),
|
||||
}
|
||||
|
||||
h, err := headscale.NewHeadscale(cfg)
|
||||
if err != nil {
|
||||
return nil, err
|
||||
|
|
|
@ -7,5 +7,7 @@
|
|||
"db_port": 5432,
|
||||
"db_name": "headscale",
|
||||
"db_user": "foo",
|
||||
"db_pass": "bar"
|
||||
"db_pass": "bar",
|
||||
"tls_cert_path": "",
|
||||
"tls_key_path": ""
|
||||
}
|
||||
|
|
Loading…
Reference in a new issue