Add HTTPS support for the web endpoint with manually configured
certificate/key files.
This commit is contained in:
parent
c5a3d0b01c
commit
252c68c50a
3 changed files with 23 additions and 2 deletions
17
app.go
17
app.go
|
@ -3,6 +3,7 @@ package headscale
|
||||||
import (
|
import (
|
||||||
"fmt"
|
"fmt"
|
||||||
"os"
|
"os"
|
||||||
|
"strings"
|
||||||
"sync"
|
"sync"
|
||||||
|
|
||||||
"github.com/gin-gonic/gin"
|
"github.com/gin-gonic/gin"
|
||||||
|
@ -22,6 +23,9 @@ type Config struct {
|
||||||
DBname string
|
DBname string
|
||||||
DBuser string
|
DBuser string
|
||||||
DBpass string
|
DBpass string
|
||||||
|
|
||||||
|
TLSCertPath string
|
||||||
|
TLSKeyPath string
|
||||||
}
|
}
|
||||||
|
|
||||||
// Headscale represents the base app of the service
|
// Headscale represents the base app of the service
|
||||||
|
@ -68,6 +72,17 @@ func (h *Headscale) Serve() error {
|
||||||
r.GET("/register", h.RegisterWebAPI)
|
r.GET("/register", h.RegisterWebAPI)
|
||||||
r.POST("/machine/:id/map", h.PollNetMapHandler)
|
r.POST("/machine/:id/map", h.PollNetMapHandler)
|
||||||
r.POST("/machine/:id", h.RegistrationHandler)
|
r.POST("/machine/:id", h.RegistrationHandler)
|
||||||
err := r.Run(h.cfg.Addr)
|
var err error
|
||||||
|
if h.cfg.TLSCertPath == "" {
|
||||||
|
if !strings.HasPrefix(h.cfg.ServerURL, "http://") {
|
||||||
|
fmt.Println("WARNING: listening without TLS but ServerURL does not start with http://")
|
||||||
|
}
|
||||||
|
err = r.Run(h.cfg.Addr)
|
||||||
|
} else {
|
||||||
|
if !strings.HasPrefix(h.cfg.ServerURL, "https://") {
|
||||||
|
fmt.Println("WARNING: listening with TLS but ServerURL does not start with https://")
|
||||||
|
}
|
||||||
|
err = r.RunTLS(h.cfg.Addr, h.cfg.TLSCertPath, h.cfg.TLSKeyPath)
|
||||||
|
}
|
||||||
return err
|
return err
|
||||||
}
|
}
|
||||||
|
|
|
@ -311,7 +311,11 @@ func getHeadscaleApp() (*headscale.Headscale, error) {
|
||||||
DBname: viper.GetString("db_name"),
|
DBname: viper.GetString("db_name"),
|
||||||
DBuser: viper.GetString("db_user"),
|
DBuser: viper.GetString("db_user"),
|
||||||
DBpass: viper.GetString("db_pass"),
|
DBpass: viper.GetString("db_pass"),
|
||||||
|
|
||||||
|
TLSCertPath: absPath(viper.GetString("tls_cert_path")),
|
||||||
|
TLSKeyPath: absPath(viper.GetString("tls_key_path")),
|
||||||
}
|
}
|
||||||
|
|
||||||
h, err := headscale.NewHeadscale(cfg)
|
h, err := headscale.NewHeadscale(cfg)
|
||||||
if err != nil {
|
if err != nil {
|
||||||
return nil, err
|
return nil, err
|
||||||
|
|
|
@ -7,5 +7,7 @@
|
||||||
"db_port": 5432,
|
"db_port": 5432,
|
||||||
"db_name": "headscale",
|
"db_name": "headscale",
|
||||||
"db_user": "foo",
|
"db_user": "foo",
|
||||||
"db_pass": "bar"
|
"db_pass": "bar",
|
||||||
|
"tls_cert_path": "",
|
||||||
|
"tls_key_path": ""
|
||||||
}
|
}
|
||||||
|
|
Loading…
Reference in a new issue