mirror of
https://codeberg.org/Codeberg/pages-server.git
synced 2025-05-12 13:07:50 +00:00
Apply JnCrMx's patch for optional HTTP-only mode
This commit is contained in:
Ivan Davydov
parent
9524b1eb12
commit
5352937065
6 changed files with 62 additions and 40 deletions
|
|
@ -79,51 +79,61 @@ func Serve(ctx *cli.Context) error {
|
|||
return fmt.Errorf("could not create new gitea client: %v", err)
|
||||
}
|
||||
|
||||
acmeClient, err := acme.CreateAcmeClient(cfg.ACME, cfg.Server.HttpServerEnabled, challengeCache)
|
||||
if err != nil {
|
||||
return err
|
||||
}
|
||||
var listener net.Listener
|
||||
if cfg.Server.HttpOnlyMode {
|
||||
log.Info().Msgf("Create TCP listener on %s", listeningHTTPAddress)
|
||||
listener_, err := net.Listen("tcp", listeningHTTPAddress)
|
||||
if err != nil {
|
||||
return fmt.Errorf("couldn't create listener: %v", err)
|
||||
}
|
||||
listener = listener_
|
||||
} else {
|
||||
acmeClient, err := acme.CreateAcmeClient(cfg.ACME, cfg.Server.HttpServerEnabled, challengeCache)
|
||||
if err != nil {
|
||||
return err
|
||||
}
|
||||
|
||||
if err := certificates.SetupMainDomainCertificates(cfg.Server.MainDomain, acmeClient, certDB); err != nil {
|
||||
return err
|
||||
}
|
||||
if err := certificates.SetupMainDomainCertificates(cfg.Server.MainDomain, acmeClient, certDB); err != nil {
|
||||
return err
|
||||
}
|
||||
|
||||
// Create listener for SSL connections
|
||||
log.Info().Msgf("Create TCP listener for SSL on %s", listeningSSLAddress)
|
||||
listener, err := net.Listen("tcp", listeningSSLAddress)
|
||||
if err != nil {
|
||||
return fmt.Errorf("couldn't create listener: %v", err)
|
||||
}
|
||||
// Create listener for SSL connections
|
||||
log.Info().Msgf("Create TCP listener for SSL on %s", listeningSSLAddress)
|
||||
listener, err := net.Listen("tcp", listeningSSLAddress)
|
||||
if err != nil {
|
||||
return fmt.Errorf("couldn't create listener: %v", err)
|
||||
}
|
||||
|
||||
// Setup listener for SSL connections
|
||||
listener = tls.NewListener(listener, certificates.TLSConfig(
|
||||
cfg.Server.MainDomain,
|
||||
giteaClient,
|
||||
acmeClient,
|
||||
cfg.Server.PagesBranches[0],
|
||||
challengeCache, canonicalDomainCache,
|
||||
certDB,
|
||||
cfg.ACME.NoDNS01,
|
||||
cfg.Server.RawDomain,
|
||||
))
|
||||
// Setup listener for SSL connections
|
||||
listener = tls.NewListener(listener, certificates.TLSConfig(
|
||||
cfg.Server.MainDomain,
|
||||
giteaClient,
|
||||
acmeClient,
|
||||
cfg.Server.PagesBranches[0],
|
||||
challengeCache, canonicalDomainCache,
|
||||
certDB,
|
||||
cfg.ACME.NoDNS01,
|
||||
cfg.Server.RawDomain,
|
||||
))
|
||||
|
||||
interval := 12 * time.Hour
|
||||
certMaintainCtx, cancelCertMaintain := context.WithCancel(context.Background())
|
||||
defer cancelCertMaintain()
|
||||
go certificates.MaintainCertDB(certMaintainCtx, interval, acmeClient, cfg.Server.MainDomain, certDB)
|
||||
interval := 12 * time.Hour
|
||||
certMaintainCtx, cancelCertMaintain := context.WithCancel(context.Background())
|
||||
defer cancelCertMaintain()
|
||||
go certificates.MaintainCertDB(certMaintainCtx, interval, acmeClient, cfg.Server.MainDomain, certDB)
|
||||
|
||||
if cfg.Server.HttpServerEnabled {
|
||||
// Create handler for http->https redirect and http acme challenges
|
||||
httpHandler := certificates.SetupHTTPACMEChallengeServer(challengeCache, uint(cfg.Server.Port))
|
||||
if cfg.Server.HttpServerEnabled {
|
||||
// Create handler for http->https redirect and http acme challenges
|
||||
httpHandler := certificates.SetupHTTPACMEChallengeServer(challengeCache, uint(cfg.Server.Port))
|
||||
|
||||
// Create listener for http and start listening
|
||||
go func() {
|
||||
log.Info().Msgf("Start HTTP server listening on %s", listeningHTTPAddress)
|
||||
err := http.ListenAndServe(listeningHTTPAddress, httpHandler)
|
||||
if err != nil {
|
||||
log.Error().Err(err).Msg("Couldn't start HTTP server")
|
||||
}
|
||||
}()
|
||||
// Create listener for http and start listening
|
||||
go func() {
|
||||
log.Info().Msgf("Start HTTP server listening on %s", listeningHTTPAddress)
|
||||
err := http.ListenAndServe(listeningHTTPAddress, httpHandler)
|
||||
if err != nil {
|
||||
log.Error().Err(err).Msg("Couldn't start HTTP server")
|
||||
}
|
||||
}()
|
||||
}
|
||||
}
|
||||
|
||||
if ctx.IsSet("enable-profiling") {
|
||||
|
|
@ -134,7 +144,7 @@ func Serve(ctx *cli.Context) error {
|
|||
sslHandler := handler.Handler(cfg.Server, giteaClient, canonicalDomainCache, redirectsCache)
|
||||
|
||||
// Start the ssl listener
|
||||
log.Info().Msgf("Start SSL server using TCP listener on %s", listener.Addr())
|
||||
log.Info().Msgf("Start main server using TCP listener on %s", listener.Addr())
|
||||
|
||||
return http.Serve(listener, sslHandler)
|
||||
}
|
||||
|
|
|
|||
Loading…
Add table
Add a link
Reference in a new issue