mirrors/dendrite
1
0
Fork 0
mirror of https://github.com/matrix-org/dendrite.git synced 2026-01-16 18:43:10 -06:00
Code Issues Packages Projects Releases Wiki Activity

Add Monolith HTTPS listener TLS config options

Browse source 
Signed-off-by: Timo Rothenpieler <timo@rothenpieler.org>
This commit is contained in:
Timo Rothenpieler 2022-10-15 16:55:06 +02:00 committed by BtbN
parent 3bfd5f18ae
commit 77c7aaaf13
3 changed files with 24 additions and 3 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

15
cmd/dendrite-monolith-server/main.go
View file

@ -46,6 +46,9 @@ func main() {
cfg := setup.ParseFlags(true) cfg := setup.ParseFlags(true)
httpAddr := cfg.Global.Monolith.HTTPBindAddr httpAddr := cfg.Global.Monolith.HTTPBindAddr
httpsAddr := cfg.Global.Monolith.HTTPBindAddr httpsAddr := cfg.Global.Monolith.HTTPBindAddr
certPath := string(cfg.Global.Monolith.TlsCertificatePath)
keyPath := string(cfg.Global.Monolith.TlsPrivateKeyPath)
if *httpBindAddr != "" { if *httpBindAddr != "" {
httpAddr = config.HTTPAddress("http://" + *httpBindAddr) httpAddr = config.HTTPAddress("http://" + *httpBindAddr)
} }
@ -53,6 +56,14 @@ func main() {
httpsAddr = config.HTTPAddress("https://" + *httpsBindAddr) httpsAddr = config.HTTPAddress("https://" + *httpsBindAddr)
} }
httpAPIAddr := httpAddr httpAPIAddr := httpAddr
if *certFile != "" {
certPath = *certFile
}
if *keyFile != "" {
keyPath = *keyFile
}
options := []basepkg.BaseDendriteOptions{} options := []basepkg.BaseDendriteOptions{}
if *enableHTTPAPIs { if *enableHTTPAPIs {
logrus.Warnf("DANGER! The -api option is enabled, exposing internal APIs on %q!", *apiBindAddr) logrus.Warnf("DANGER! The -api option is enabled, exposing internal APIs on %q!", *apiBindAddr)
@ -168,12 +179,12 @@ func main() {
) )
}() }()
// Handle HTTPS if certificate and key are provided // Handle HTTPS if certificate and key are provided
if *certFile != "" && *keyFile != "" { if certPath != "" && keyPath != "" {
go func() { go func() {
base.SetupAndServeHTTP( base.SetupAndServeHTTP(
basepkg.NoListener, // internal API basepkg.NoListener, // internal API
httpsAddr, // external API httpsAddr, // external API
certFile, keyFile, // TLS settings &certPath, &keyPath,// TLS settings
) )
}() }()
} }

9
dendrite-sample.monolith.yaml
View file

@ -11,10 +11,17 @@ version: 2
global: global:
# Monolith specific configuration # Monolith specific configuration
monolith: monolith:
# HTTP and HTTPS bind address # HTTP listener bind address
http_bind_address: http://:8008 http_bind_address: http://:8008
# HTTPS listener bind address.
# Only used when a valid cert and key are provided.
https_bind_address: https://:8448 https_bind_address: https://:8448
# Path to PEM formated X509 certificate and private key
tls_cert_path: ""
tls_key_path: ""
# The domain name of this homeserver. # The domain name of this homeserver.
server_name: localhost server_name: localhost

3
setup/config/config_monolith.go
View file

@ -3,6 +3,9 @@ package config
type Monolith struct { type Monolith struct {
HTTPBindAddr HTTPAddress `yaml:"http_bind_address"` HTTPBindAddr HTTPAddress `yaml:"http_bind_address"`
HTTPSBindAddr HTTPAddress `yaml:"https_bind_address"` HTTPSBindAddr HTTPAddress `yaml:"https_bind_address"`
TlsCertificatePath Path `yaml:"tls_cert_path"`
TlsPrivateKeyPath Path `yaml:"tls_key_path"`
} }
func (c *Monolith) Defaults(opts DefaultOpts) { func (c *Monolith) Defaults(opts DefaultOpts) {