---
This adds cert and key arguments to enable HTTPS. I'm using it with
snid, a SNI-based proxy server.
cmd/tokidoki/main.go | 14 +++++++++++++-
1 file changed, 13 insertions(+), 1 deletion(-)
diff --git a/cmd/tokidoki/main.go b/cmd/tokidoki/main.go
index 0c3f4b1..a8fea6a 100644
--- a/cmd/tokidoki/main.go
+++ b/cmd/tokidoki/main.go
@@ -92,10 +92,14 @@ func main() {
debug bool
jsonLog bool
storageURL string
+ cert string
+ key string
)
flag.StringVar(&addr, "addr", ":8080", "listening address")
flag.StringVar(&authURL, "auth.url", "", "auth backend URL (required)")
flag.StringVar(&storageURL, "storage.url", "", "storage backend URL (required)")
+ flag.StringVar(&cert, "cert", "", "certificate file for TLS")
+ flag.StringVar(&key, "key", "", "key file for TLS")
flag.BoolVar(&debug, "log.debug", false, "enable debug logs")
flag.BoolVar(&jsonLog, "log.json", false, "enable structured logs")
flag.Parse()
@@ -140,6 +144,10 @@ func main() {
log.Fatal().Err(err).Msg("failed to load storage backend")
}
+ if (cert != "") != (key != "") {
+ log.Fatal().Msg("provide both cert and key for TLS")
+ }
+
carddavHandler := carddav.Handler{Backend: carddavBackend}
caldavHandler := caldav.Handler{Backend: caldavBackend}
handler := tokidokiHandler{
@@ -163,7 +171,11 @@ func main() {
log.Info().Str("address", addr).Msg("starting server")
log.Debug().Msg("debug output enabled")
- err = server.ListenAndServe()
+ if (cert != "") && (key != "") {
+ err = server.ListenAndServeTLS(cert, key)
+ } else {
+ err = server.ListenAndServe()
+ }
if err != http.ErrServerClosed {
log.Fatal().Err(err).Msg("ListenAndServe() error")
}
--
2.38.2