feat(web): Support TLS encryption (#322)

* Basic setup to serve HTTPS * Correctly handle the case of missing TLS configs * Documenting TLS * Refactor TLS configuration setup * Add TLS Encryption section again to README * Extending TOC in README * Moving TLS settings to subsection of web settings * Adding tests for config/web * Add test for handling TLS * Rename some variables as suggested * Corrected error formatting * Update test module import * Polishing the readme file * Error handling for TLSConfig() --------- Co-authored-by: TwiN <twin@linux.com>
2023-04-22 18:12:56 +02:00
parent 0bd0c1fd15
commit a05daeda2e
6 changed files with 241 additions and 27 deletions
--- a/controller/controller.go
+++ b/controller/controller.go
@ -24,8 +24,14 @@ func Handle(cfg *config.Config) {
 	if os.Getenv("ENVIRONMENT") == "dev" {
 		router = handler.DevelopmentCORS(router)
 	}
+	tlsConfig, err := cfg.Web.TLSConfig()
+	if err != nil {
+		panic(err) // Should be unreachable, because the config is validated before
+	}
+
 	server = &http.Server{
 		Addr:         fmt.Sprintf("%s:%d", cfg.Web.Address, cfg.Web.Port),
+		TLSConfig:    tlsConfig,
 		Handler:      router,
 		ReadTimeout:  15 * time.Second,
 		WriteTimeout: 15 * time.Second,
@ -35,7 +41,11 @@ func Handle(cfg *config.Config) {
 	if os.Getenv("ROUTER_TEST") == "true" {
 		return
 	}
-	log.Println("[controller][Handle]", server.ListenAndServe())
+	if tlsConfig != nil {
+		log.Println("[controller][Handle]", server.ListenAndServeTLS("", ""))
+	} else {
+		log.Println("[controller][Handle]", server.ListenAndServe())
+	}
 }

 // Shutdown stops the server