feat: tls-encryption

HilkopterBob · Aug 19, 2024 · 9ab6bc7 · 9ab6bc7
1 parent 0187cdd
commit 9ab6bc7
Show file tree

Hide file tree

Showing 4 changed files with 21 additions and 6 deletions.
diff --git a/README.md b/README.md
@@ -133,7 +133,6 @@ TODO: explain usage
 - [ ] installable agent as background daemon
 - [ ] config management
 - [ ] TLS Encryption
-- [ ] Secured API
 - [ ] Best Practice based Package Layout
 - [ ] Check Vars and Func-Names for naming convention
 - [ ] persistent storage

diff --git a/config.yaml b/config.yaml
@@ -1,11 +1,12 @@
 general:
   debug: true
-  production: true
+  production: false
 network:
   forcehttp: true
   fqdn: 0.0.0.0
   port: 8080
-  ssl:
+  ssl: true
+  ssl-config:
     allowselfsigned: true
     certificatepath: ./certs/testing.crt
     privatekeypath: ./certs/testing.key
diff --git a/main.go b/main.go
@@ -49,9 +49,18 @@ func main() {
 
 			// Fiber specific server start
 			go func() {
-				fmt.Printf("Starting Fiber server at %s...\n", serverAddr)
-				if err := router.Router.Listen(serverAddr); err != nil {
-					fmt.Printf("Server error: %s\n", err)
+				fmt.Printf("Starting Fiber HTTPS server at https://%s...\n", serverAddr)
+
+				// start ssl session if ssl:true is set in config file, else start http
+				if config.Config.Get("network.ssl") == true {
+					if err := server.ListenAndServeTLS(router.Router, config.Config.GetString("network.ssl-config.certificatepath"), config.Config.GetString("network.ssl-config.privatekeypath"), serverAddr); err != nil {
+						fmt.Printf("Server error: %s\n", err)
+					}
+				} else {
+					fmt.Printf("Starting Fiber server at %s...\n", serverAddr)
+					if err := router.Router.Listen(serverAddr); err != nil {
+						fmt.Printf("Server error: %s\n", err)
+					}
 				}
 			}()
 

diff --git a/server/router.go b/server/router.go
@@ -108,3 +108,9 @@ func AddRoutes(Config config.ConfigProvider) Routes {
 
 	return router
 }
+
+// ListenAndServeTLS starts the Fiber server using TLS (HTTPS)
+func ListenAndServeTLS(router *fiber.App, certFile, keyFile, addr string) error {
+	// Start HTTPS server using the provided certificate and key files
+	return router.ListenTLS(addr, certFile, keyFile)
+}