mirror of
https://github.com/matrix-org/dendrite.git
synced 2025-12-22 06:13:10 -06:00
TLS HTTP setup
This commit is contained in:
Neil Alexander
parent
55df0bd374
commit
8382a9dcc2
|
|
@ -33,5 +33,6 @@ func main() {
|
||||||
base.SetupAndServeHTTP(
|
base.SetupAndServeHTTP(
|
||||||
base.Cfg.AppServiceAPI.InternalAPI.Listen,
|
base.Cfg.AppServiceAPI.InternalAPI.Listen,
|
||||||
setup.NoExternalListener,
|
setup.NoExternalListener,
|
||||||
|
nil, nil,
|
||||||
)
|
)
|
||||||
}
|
}
|
||||||
|
|
|
||||||
|
|
@ -46,5 +46,6 @@ func main() {
|
||||||
base.SetupAndServeHTTP(
|
base.SetupAndServeHTTP(
|
||||||
base.Cfg.ClientAPI.InternalAPI.Listen,
|
base.Cfg.ClientAPI.InternalAPI.Listen,
|
||||||
base.Cfg.ClientAPI.ExternalAPI.Listen,
|
base.Cfg.ClientAPI.ExternalAPI.Listen,
|
||||||
|
nil, nil,
|
||||||
)
|
)
|
||||||
}
|
}
|
||||||
|
|
|
||||||
|
|
@ -31,5 +31,6 @@ func main() {
|
||||||
base.SetupAndServeHTTP(
|
base.SetupAndServeHTTP(
|
||||||
base.Cfg.CurrentStateServer.InternalAPI.Listen,
|
base.Cfg.CurrentStateServer.InternalAPI.Listen,
|
||||||
setup.NoExternalListener,
|
setup.NoExternalListener,
|
||||||
|
nil, nil,
|
||||||
)
|
)
|
||||||
}
|
}
|
||||||
|
|
|
||||||
|
|
@ -36,5 +36,6 @@ func main() {
|
||||||
base.SetupAndServeHTTP(
|
base.SetupAndServeHTTP(
|
||||||
base.Cfg.EDUServer.InternalAPI.Listen,
|
base.Cfg.EDUServer.InternalAPI.Listen,
|
||||||
setup.NoExternalListener,
|
setup.NoExternalListener,
|
||||||
|
nil, nil,
|
||||||
)
|
)
|
||||||
}
|
}
|
||||||
|
|
|
||||||
|
|
@ -40,5 +40,6 @@ func main() {
|
||||||
base.SetupAndServeHTTP(
|
base.SetupAndServeHTTP(
|
||||||
base.Cfg.FederationAPI.InternalAPI.Listen,
|
base.Cfg.FederationAPI.InternalAPI.Listen,
|
||||||
base.Cfg.FederationAPI.ExternalAPI.Listen,
|
base.Cfg.FederationAPI.ExternalAPI.Listen,
|
||||||
|
nil, nil,
|
||||||
)
|
)
|
||||||
}
|
}
|
||||||
|
|
|
||||||
|
|
@ -38,5 +38,6 @@ func main() {
|
||||||
base.SetupAndServeHTTP(
|
base.SetupAndServeHTTP(
|
||||||
base.Cfg.FederationSender.InternalAPI.Listen,
|
base.Cfg.FederationSender.InternalAPI.Listen,
|
||||||
setup.NoExternalListener,
|
setup.NoExternalListener,
|
||||||
|
nil, nil,
|
||||||
)
|
)
|
||||||
}
|
}
|
||||||
|
|
|
||||||
|
|
@ -32,5 +32,6 @@ func main() {
|
||||||
base.SetupAndServeHTTP(
|
base.SetupAndServeHTTP(
|
||||||
base.Cfg.KeyServer.InternalAPI.Listen,
|
base.Cfg.KeyServer.InternalAPI.Listen,
|
||||||
setup.NoExternalListener,
|
setup.NoExternalListener,
|
||||||
|
nil, nil,
|
||||||
)
|
)
|
||||||
}
|
}
|
||||||
|
|
|
||||||
|
|
@ -33,5 +33,6 @@ func main() {
|
||||||
base.SetupAndServeHTTP(
|
base.SetupAndServeHTTP(
|
||||||
base.Cfg.MediaAPI.InternalAPI.Listen,
|
base.Cfg.MediaAPI.InternalAPI.Listen,
|
||||||
base.Cfg.MediaAPI.ExternalAPI.Listen,
|
base.Cfg.MediaAPI.ExternalAPI.Listen,
|
||||||
|
nil, nil,
|
||||||
)
|
)
|
||||||
}
|
}
|
||||||
|
|
|
||||||
|
|
@ -16,7 +16,6 @@ package main
|
||||||
|
|
||||||
import (
|
import (
|
||||||
"flag"
|
"flag"
|
||||||
"fmt"
|
|
||||||
"os"
|
"os"
|
||||||
|
|
||||||
"github.com/matrix-org/dendrite/appservice"
|
"github.com/matrix-org/dendrite/appservice"
|
||||||
|
|
@ -148,42 +147,24 @@ func main() {
|
||||||
}
|
}
|
||||||
monolith.AddAllPublicRoutes(base.PublicAPIMux)
|
monolith.AddAllPublicRoutes(base.PublicAPIMux)
|
||||||
|
|
||||||
fmt.Printf("Public: %+v\n", base.PublicAPIMux)
|
|
||||||
fmt.Printf("Internal: %+v\n", base.InternalAPIMux)
|
|
||||||
|
|
||||||
/*
|
|
||||||
httputil.SetupHTTPAPI(
|
|
||||||
base.BaseMux,
|
|
||||||
base.PublicAPIMux,
|
|
||||||
base.InternalAPIMux,
|
|
||||||
&cfg.Global,
|
|
||||||
base.UseHTTPAPIs,
|
|
||||||
)
|
|
||||||
*/
|
|
||||||
|
|
||||||
// Expose the matrix APIs directly rather than putting them under a /api path.
|
// Expose the matrix APIs directly rather than putting them under a /api path.
|
||||||
go func() {
|
go func() {
|
||||||
base.SetupAndServeHTTP(
|
base.SetupAndServeHTTP(
|
||||||
config.HTTPAddress(httpAddr), // internal API
|
config.HTTPAddress(httpAddr), // internal API
|
||||||
config.HTTPAddress(httpAddr), // external API
|
config.HTTPAddress(httpAddr), // external API
|
||||||
|
nil, nil, // TLS settings
|
||||||
)
|
)
|
||||||
}()
|
}()
|
||||||
// Handle HTTPS if certificate and key are provided
|
// Handle HTTPS if certificate and key are provided
|
||||||
_ = httpsAddr
|
|
||||||
/*
|
|
||||||
if *certFile != "" && *keyFile != "" {
|
if *certFile != "" && *keyFile != "" {
|
||||||
go func() {
|
go func() {
|
||||||
serv := http.Server{
|
base.SetupAndServeHTTP(
|
||||||
Addr: config.HTTPAddress(httpsAddr).,
|
config.HTTPAddress(httpsAddr), // internal API
|
||||||
WriteTimeout: setup.HTTPServerTimeout,
|
config.HTTPAddress(httpsAddr), // external API
|
||||||
Handler: base.BaseMux,
|
certFile, keyFile, // TLS settings
|
||||||
}
|
)
|
||||||
|
|
||||||
logrus.Info("Listening on ", serv.Addr)
|
|
||||||
logrus.Fatal(serv.ListenAndServeTLS(*certFile, *keyFile))
|
|
||||||
}()
|
}()
|
||||||
}
|
}
|
||||||
*/
|
|
||||||
|
|
||||||
// We want to block forever to let the HTTP and HTTPS handler serve the APIs
|
// We want to block forever to let the HTTP and HTTPS handler serve the APIs
|
||||||
select {}
|
select {}
|
||||||
|
|
|
||||||
|
|
@ -36,5 +36,6 @@ func main() {
|
||||||
base.SetupAndServeHTTP(
|
base.SetupAndServeHTTP(
|
||||||
base.Cfg.RoomServer.InternalAPI.Listen,
|
base.Cfg.RoomServer.InternalAPI.Listen,
|
||||||
setup.NoExternalListener,
|
setup.NoExternalListener,
|
||||||
|
nil, nil,
|
||||||
)
|
)
|
||||||
}
|
}
|
||||||
|
|
|
||||||
|
|
@ -32,5 +32,6 @@ func main() {
|
||||||
base.SetupAndServeHTTP(
|
base.SetupAndServeHTTP(
|
||||||
base.Cfg.ServerKeyAPI.InternalAPI.Listen,
|
base.Cfg.ServerKeyAPI.InternalAPI.Listen,
|
||||||
setup.NoExternalListener,
|
setup.NoExternalListener,
|
||||||
|
nil, nil,
|
||||||
)
|
)
|
||||||
}
|
}
|
||||||
|
|
|
||||||
|
|
@ -36,5 +36,6 @@ func main() {
|
||||||
base.SetupAndServeHTTP(
|
base.SetupAndServeHTTP(
|
||||||
base.Cfg.SyncAPI.InternalAPI.Listen,
|
base.Cfg.SyncAPI.InternalAPI.Listen,
|
||||||
setup.NoExternalListener,
|
setup.NoExternalListener,
|
||||||
|
nil, nil,
|
||||||
)
|
)
|
||||||
}
|
}
|
||||||
|
|
|
||||||
|
|
@ -34,5 +34,6 @@ func main() {
|
||||||
base.SetupAndServeHTTP(
|
base.SetupAndServeHTTP(
|
||||||
base.Cfg.UserAPI.InternalAPI.Listen,
|
base.Cfg.UserAPI.InternalAPI.Listen,
|
||||||
setup.NoExternalListener,
|
setup.NoExternalListener,
|
||||||
|
nil, nil,
|
||||||
)
|
)
|
||||||
}
|
}
|
||||||
|
|
|
||||||
|
|
@ -264,7 +264,10 @@ func (b *BaseDendrite) CreateFederationClient() *gomatrixserverlib.FederationCli
|
||||||
|
|
||||||
// SetupAndServeHTTP sets up the HTTP server to serve endpoints registered on
|
// SetupAndServeHTTP sets up the HTTP server to serve endpoints registered on
|
||||||
// ApiMux under /api/ and adds a prometheus handler under /metrics.
|
// ApiMux under /api/ and adds a prometheus handler under /metrics.
|
||||||
func (b *BaseDendrite) SetupAndServeHTTP(internalHTTPAddr, externalHTTPAddr config.HTTPAddress) {
|
func (b *BaseDendrite) SetupAndServeHTTP(
|
||||||
|
internalHTTPAddr, externalHTTPAddr config.HTTPAddress,
|
||||||
|
certFile, keyFile *string,
|
||||||
|
) {
|
||||||
block := make(chan struct{})
|
block := make(chan struct{})
|
||||||
|
|
||||||
internalAddr, _ := internalHTTPAddr.Address()
|
internalAddr, _ := internalHTTPAddr.Address()
|
||||||
|
|
@ -292,24 +295,36 @@ func (b *BaseDendrite) SetupAndServeHTTP(internalHTTPAddr, externalHTTPAddr conf
|
||||||
internalRouter.PathPrefix(httputil.InternalPathPrefix).Handler(b.InternalAPIMux)
|
internalRouter.PathPrefix(httputil.InternalPathPrefix).Handler(b.InternalAPIMux)
|
||||||
externalRouter.PathPrefix(httputil.PublicPathPrefix).Handler(b.PublicAPIMux)
|
externalRouter.PathPrefix(httputil.PublicPathPrefix).Handler(b.PublicAPIMux)
|
||||||
|
|
||||||
go func() {
|
|
||||||
defer close(block)
|
|
||||||
logrus.Infof("Starting %s listener on %s", b.componentName, internalServ.Addr)
|
|
||||||
if err := internalServ.ListenAndServe(); err != nil {
|
|
||||||
logrus.WithError(err).Fatal("failed to serve HTTP")
|
|
||||||
}
|
|
||||||
logrus.Infof("Stopped %s listener on %s", b.componentName, internalServ.Addr)
|
|
||||||
}()
|
|
||||||
|
|
||||||
if externalAddr != "" && internalAddr != externalAddr {
|
|
||||||
go func() {
|
go func() {
|
||||||
defer close(block)
|
defer close(block)
|
||||||
logrus.Infof("Starting %s listener on %s", b.componentName, externalServ.Addr)
|
logrus.Infof("Starting %s listener on %s", b.componentName, externalServ.Addr)
|
||||||
|
if certFile != nil && keyFile != nil {
|
||||||
|
if err := externalServ.ListenAndServeTLS(*certFile, *keyFile); err != nil {
|
||||||
|
logrus.WithError(err).Fatal("failed to serve HTTPS")
|
||||||
|
}
|
||||||
|
} else {
|
||||||
if err := externalServ.ListenAndServe(); err != nil {
|
if err := externalServ.ListenAndServe(); err != nil {
|
||||||
logrus.WithError(err).Fatal("failed to serve HTTP")
|
logrus.WithError(err).Fatal("failed to serve HTTP")
|
||||||
}
|
}
|
||||||
|
}
|
||||||
logrus.Infof("Stopped %s listener on %s", b.componentName, externalServ.Addr)
|
logrus.Infof("Stopped %s listener on %s", b.componentName, externalServ.Addr)
|
||||||
}()
|
}()
|
||||||
|
|
||||||
|
if internalAddr != "" && internalAddr != externalAddr {
|
||||||
|
go func() {
|
||||||
|
defer close(block)
|
||||||
|
logrus.Infof("Starting %s listener on %s", b.componentName, internalServ.Addr)
|
||||||
|
if certFile != nil && keyFile != nil {
|
||||||
|
if err := internalServ.ListenAndServeTLS(*certFile, *keyFile); err != nil {
|
||||||
|
logrus.WithError(err).Fatal("failed to serve HTTPS")
|
||||||
|
}
|
||||||
|
} else {
|
||||||
|
if err := internalServ.ListenAndServe(); err != nil {
|
||||||
|
logrus.WithError(err).Fatal("failed to serve HTTP")
|
||||||
|
}
|
||||||
|
}
|
||||||
|
logrus.Infof("Stopped %s listener on %s", b.componentName, internalServ.Addr)
|
||||||
|
}()
|
||||||
}
|
}
|
||||||
|
|
||||||
<-block
|
<-block
|
||||||
|
|
|
||||||
Loading…
Reference in a new issue