mirror of
				https://github.com/juanfont/headscale.git
				synced 2025-10-25 06:01:06 +02:00 
			
		
		
		
	Add HTTPS support for the web endpoint with manually configured
certificate/key files.
This commit is contained in:
		
							parent
							
								
									c5a3d0b01c
								
							
						
					
					
						commit
						252c68c50a
					
				
							
								
								
									
										17
									
								
								app.go
									
									
									
									
									
								
							
							
						
						
									
										17
									
								
								app.go
									
									
									
									
									
								
							| @ -3,6 +3,7 @@ package headscale | ||||
| import ( | ||||
| 	"fmt" | ||||
| 	"os" | ||||
| 	"strings" | ||||
| 	"sync" | ||||
| 
 | ||||
| 	"github.com/gin-gonic/gin" | ||||
| @ -22,6 +23,9 @@ type Config struct { | ||||
| 	DBname string | ||||
| 	DBuser string | ||||
| 	DBpass string | ||||
| 
 | ||||
| 	TLSCertPath string | ||||
| 	TLSKeyPath  string | ||||
| } | ||||
| 
 | ||||
| // Headscale represents the base app of the service | ||||
| @ -68,6 +72,17 @@ func (h *Headscale) Serve() error { | ||||
| 	r.GET("/register", h.RegisterWebAPI) | ||||
| 	r.POST("/machine/:id/map", h.PollNetMapHandler) | ||||
| 	r.POST("/machine/:id", h.RegistrationHandler) | ||||
| 	err := r.Run(h.cfg.Addr) | ||||
| 	var err error | ||||
| 	if h.cfg.TLSCertPath == "" { | ||||
| 		if !strings.HasPrefix(h.cfg.ServerURL, "http://") { | ||||
| 			fmt.Println("WARNING: listening without TLS but ServerURL does not start with http://") | ||||
| 		} | ||||
| 		err = r.Run(h.cfg.Addr) | ||||
| 	} else { | ||||
| 		if !strings.HasPrefix(h.cfg.ServerURL, "https://") { | ||||
| 			fmt.Println("WARNING: listening with TLS but ServerURL does not start with https://") | ||||
| 		} | ||||
| 		err = r.RunTLS(h.cfg.Addr, h.cfg.TLSCertPath, h.cfg.TLSKeyPath) | ||||
| 	} | ||||
| 	return err | ||||
| } | ||||
|  | ||||
| @ -311,7 +311,11 @@ func getHeadscaleApp() (*headscale.Headscale, error) { | ||||
| 		DBname: viper.GetString("db_name"), | ||||
| 		DBuser: viper.GetString("db_user"), | ||||
| 		DBpass: viper.GetString("db_pass"), | ||||
| 
 | ||||
| 		TLSCertPath: absPath(viper.GetString("tls_cert_path")), | ||||
| 		TLSKeyPath:  absPath(viper.GetString("tls_key_path")), | ||||
| 	} | ||||
| 
 | ||||
| 	h, err := headscale.NewHeadscale(cfg) | ||||
| 	if err != nil { | ||||
| 		return nil, err | ||||
|  | ||||
| @ -7,5 +7,7 @@ | ||||
|     "db_port": 5432, | ||||
|     "db_name": "headscale", | ||||
|     "db_user": "foo", | ||||
|     "db_pass": "bar" | ||||
|     "db_pass": "bar", | ||||
|     "tls_cert_path": "", | ||||
|     "tls_key_path": "" | ||||
| } | ||||
|  | ||||
		Loading…
	
	
			
			x
			
			
		
	
		Reference in New Issue
	
	Block a user