diff options
Diffstat (limited to 'internal')
| -rw-r--r-- | internal/config/config.go | 17 | ||||
| -rw-r--r-- | internal/config/default.go | 7 | ||||
| -rw-r--r-- | internal/config/letsencrypt.go | 8 | ||||
| -rw-r--r-- | internal/router/router.go | 22 |
4 files changed, 35 insertions, 19 deletions
diff --git a/internal/config/config.go b/internal/config/config.go index 117b8efb5..6f943d684 100644 --- a/internal/config/config.go +++ b/internal/config/config.go @@ -50,6 +50,7 @@ type Config struct { Host string `yaml:"host"` AccountDomain string `yaml:"accountDomain"` Protocol string `yaml:"protocol"` + Port int `yaml:"port"` DBConfig *DBConfig `yaml:"db"` TemplateConfig *TemplateConfig `yaml:"template"` AccountsConfig *AccountsConfig `yaml:"accounts"` @@ -150,6 +151,10 @@ func (c *Config) ParseCLIFlags(f KeyedFlags, version string) error { return errors.New("protocol was not set") } + if c.Port == 0 || f.IsSet(fn.Port) { + c.Port = f.Int(fn.Port) + } + // db flags if c.DBConfig.Type == "" || f.IsSet(fn.DbType) { c.DBConfig.Type = f.String(fn.DbType) @@ -262,6 +267,10 @@ func (c *Config) ParseCLIFlags(f KeyedFlags, version string) error { c.LetsEncryptConfig.Enabled = f.Bool(fn.LetsEncryptEnabled) } + if c.LetsEncryptConfig.Port == 0 || f.IsSet(fn.LetsEncryptPort) { + c.LetsEncryptConfig.Port = f.Int(fn.LetsEncryptPort) + } + if c.LetsEncryptConfig.CertDir == "" || f.IsSet(fn.LetsEncryptCertDir) { c.LetsEncryptConfig.CertDir = f.String(fn.LetsEncryptCertDir) } @@ -329,6 +338,7 @@ type Flags struct { Host string AccountDomain string Protocol string + Port string DbType string DbAddress string @@ -366,6 +376,7 @@ type Flags struct { LetsEncryptEnabled string LetsEncryptCertDir string LetsEncryptEmailAddress string + LetsEncryptPort string OIDCEnabled string OIDCIdpName string @@ -384,6 +395,7 @@ type Defaults struct { Host string AccountDomain string Protocol string + Port int SoftwareVersion string DbType string @@ -422,6 +434,7 @@ type Defaults struct { LetsEncryptEnabled bool LetsEncryptCertDir string LetsEncryptEmailAddress string + LetsEncryptPort int OIDCEnabled bool OIDCIdpName string @@ -442,6 +455,7 @@ func GetFlagNames() Flags { Host: "host", AccountDomain: "account-domain", Protocol: "protocol", + Port: "port", DbType: "db-type", DbAddress: "db-address", @@ -477,6 +491,7 @@ func GetFlagNames() Flags { StatusesMaxMediaFiles: "statuses-max-media-files", LetsEncryptEnabled: "letsencrypt-enabled", + LetsEncryptPort: "letsencrypt-port", LetsEncryptCertDir: "letsencrypt-cert-dir", LetsEncryptEmailAddress: "letsencrypt-email", @@ -500,6 +515,7 @@ func GetEnvNames() Flags { Host: "GTS_HOST", AccountDomain: "GTS_ACCOUNT_DOMAIN", Protocol: "GTS_PROTOCOL", + Port: "GTS_PORT", DbType: "GTS_DB_TYPE", DbAddress: "GTS_DB_ADDRESS", @@ -535,6 +551,7 @@ func GetEnvNames() Flags { StatusesMaxMediaFiles: "GTS_STATUSES_MAX_MEDIA_FILES", LetsEncryptEnabled: "GTS_LETSENCRYPT_ENABLED", + LetsEncryptPort: "GTS_LETSENCRYPT_PORT", LetsEncryptCertDir: "GTS_LETSENCRYPT_CERT_DIR", LetsEncryptEmailAddress: "GTS_LETSENCRYPT_EMAIL", diff --git a/internal/config/default.go b/internal/config/default.go index 61940eff4..35e9f1ad2 100644 --- a/internal/config/default.go +++ b/internal/config/default.go @@ -10,6 +10,7 @@ func TestDefault() *Config { ApplicationName: defaults.ApplicationName, Host: defaults.Host, Protocol: defaults.Protocol, + Port: defaults.Port, SoftwareVersion: defaults.SoftwareVersion, DBConfig: &DBConfig{ Type: defaults.DbType, @@ -51,6 +52,7 @@ func TestDefault() *Config { }, LetsEncryptConfig: &LetsEncryptConfig{ Enabled: defaults.LetsEncryptEnabled, + Port: defaults.LetsEncryptPort, CertDir: defaults.LetsEncryptCertDir, EmailAddress: defaults.LetsEncryptEmailAddress, }, @@ -115,6 +117,7 @@ func Default() *Config { }, LetsEncryptConfig: &LetsEncryptConfig{ Enabled: defaults.LetsEncryptEnabled, + Port: defaults.LetsEncryptPort, CertDir: defaults.LetsEncryptCertDir, EmailAddress: defaults.LetsEncryptEmailAddress, }, @@ -140,6 +143,7 @@ func GetDefaults() Defaults { Host: "", AccountDomain: "", Protocol: "https", + Port: 8080, DbType: "postgres", DbAddress: "localhost", @@ -175,6 +179,7 @@ func GetDefaults() Defaults { StatusesMaxMediaFiles: 6, LetsEncryptEnabled: true, + LetsEncryptPort: 80, LetsEncryptCertDir: "/gotosocial/storage/certs", LetsEncryptEmailAddress: "", @@ -197,6 +202,7 @@ func GetTestDefaults() Defaults { Host: "localhost:8080", AccountDomain: "", Protocol: "http", + Port: 8080, DbType: "postgres", DbAddress: "localhost", @@ -230,6 +236,7 @@ func GetTestDefaults() Defaults { StatusesMaxMediaFiles: 6, LetsEncryptEnabled: false, + LetsEncryptPort: 0, LetsEncryptCertDir: "", LetsEncryptEmailAddress: "", diff --git a/internal/config/letsencrypt.go b/internal/config/letsencrypt.go index ae40cb878..a71172635 100644 --- a/internal/config/letsencrypt.go +++ b/internal/config/letsencrypt.go @@ -3,9 +3,11 @@ package config // LetsEncryptConfig wraps everything needed to manage letsencrypt certificates from within gotosocial. type LetsEncryptConfig struct { // Should letsencrypt certificate fetching be enabled? - Enabled bool + Enabled bool `yaml:"enabled"` + // What port should the server listen for letsencrypt challenges on? + Port int `yaml:"port"` // Where should certificates be stored? - CertDir string + CertDir string `yaml:"certDir"` // Email address to pass to letsencrypt for notifications about certificate expiry etc. - EmailAddress string + EmailAddress string `yaml:"emailAddress"` } diff --git a/internal/router/router.go b/internal/router/router.go index 100e0b38e..64d7267be 100644 --- a/internal/router/router.go +++ b/internal/router/router.go @@ -68,30 +68,24 @@ func (r *router) AttachStaticFS(relativePath string, fs http.FileSystem) { r.engine.StaticFS(relativePath, fs) } -// Start starts the router nicely. -// -// Different ports and handlers will be served depending on whether letsencrypt is enabled or not. -// If it is enabled, then port 80 will be used for handling LE requests, and port 443 will be used -// for serving actual requests. -// -// If letsencrypt is not being used, then port 8080 only will be used for serving requests. +// Start starts the router nicely. It will serve two handlers if letsencrypt is enabled, and only the web/API handler if letsencrypt is not enabled. func (r *router) Start() { if r.config.LetsEncryptConfig.Enabled { - // serve the http handler on port 80 for receiving letsencrypt requests and solving their devious riddles + // serve the http handler on the selected letsencrypt port, for receiving letsencrypt requests and solving their devious riddles go func() { - if err := http.ListenAndServe(":http", r.certManager.HTTPHandler(http.HandlerFunc(httpsRedirect))); err != nil && err != http.ErrServerClosed { + if err := http.ListenAndServe(fmt.Sprintf(":%d", r.config.LetsEncryptConfig.Port), r.certManager.HTTPHandler(http.HandlerFunc(httpsRedirect))); err != nil && err != http.ErrServerClosed { r.logger.Fatalf("listen: %s", err) } }() - // and serve the actual TLS handler on port 443 + // and serve the actual TLS handler go func() { if err := r.srv.ListenAndServeTLS("", ""); err != nil && err != http.ErrServerClosed { r.logger.Fatalf("listen: %s", err) } }() } else { - // no tls required so just serve on port 8080 + // no tls required go func() { if err := r.srv.ListenAndServe(); err != nil && err != http.ErrServerClosed { r.logger.Fatalf("listen: %s", err) @@ -148,6 +142,7 @@ func New(cfg *config.Config, db db.DB, logger *logrus.Logger) (Router, error) { // create the http server here, passing the gin engine as handler s := &http.Server{ + Addr: fmt.Sprintf(":%d", cfg.Port), Handler: engine, ReadTimeout: readTimeout, WriteTimeout: writeTimeout, @@ -167,12 +162,7 @@ func New(cfg *config.Config, db db.DB, logger *logrus.Logger) (Router, error) { Cache: autocert.DirCache(cfg.LetsEncryptConfig.CertDir), Email: cfg.LetsEncryptConfig.EmailAddress, } - // and create an HTTPS server - s.Addr = ":https" s.TLSConfig = m.TLSConfig() - } else { - // le is NOT enabled, so just serve bare requests on port 8080 - s.Addr = ":8080" } return &router{ |