added support for TLS and hostname resolution

3 files changed, 40 insertions, 7 deletions

diff --git a/svc/conf.go b/svc/conf.go
index f15bd13..538b701 100644
--- a/svc/conf.go
+++ b/svc/conf.go
@@ -25,6 +25,7 @@ type Configuration struct {
 	CacheInterval time.Duration `yaml:"StatusFetchInterval"`
 	DBInterval    time.Duration `yaml:"DatabasePushInterval"`
 	Instance      `yaml:"Instance"`
+	TLS
 }
 
 // Instance refers to meta data about
@@ -38,6 +39,14 @@ type Instance struct {
 	Desc  string `yaml:"Instance.Description"`
 }
 
+// TLS holds the tls config from the
+// config file
+type TLS struct {
+	Use  bool   `yaml:"UseTLS"`
+	Cert string `yaml:"TLSCert"`
+	Key  string `yaml:"TLSKey"`
+}
+
 // Called on start-up. Initializes everything
 // related to configuration values.
 func initConfig() {
@@ -88,6 +97,10 @@ func initLogging() {
 // Default values should a config file
 // not be available.
 func setConfigDefaults() {
+	viper.SetDefault("BehindProxy", true)
+	viper.SetDefault("UseTLS", false)
+	viper.SetDefault("TLSCert", "cert.pem")
+	viper.SetDefault("TLSKey", "key.pem")
 	viper.SetDefault("ListenPort", 9001)
 	viper.SetDefault("LogFile", "getwtxt.log")
 	viper.SetDefault("DatabasePath", "getwtxt.db")
@@ -150,6 +163,12 @@ func bindConfig() {
 	confObj.Instance.Mail = viper.GetString("Instance.Email")
 	confObj.Instance.Desc = viper.GetString("Instance.Description")
 
+	confObj.TLS.Use = viper.GetBool("UseTLS")
+	if confObj.TLS.Use {
+		confObj.TLS.Cert = viper.GetString("TLSCert")
+		confObj.TLS.Key = viper.GetString("TLSKey")
+	}
+
 	if *flagDBType != "" {
 		confObj.DBType = *flagDBType
 	}
@@ -159,15 +178,24 @@ func bindConfig() {
 	if *flagAssets != "" {
 		confObj.AssetsDir = *flagAssets
 	}
-	if *flagProxied {
-		confObj.IsProxied = true
-	}
+	confObj.Mu.Unlock()
+
+	announceConfig()
 
+}
+
+func announceConfig() {
+	confObj.Mu.RLock()
 	if confObj.IsProxied {
 		log.Printf("Behind reverse proxy, not using host matching\n")
 	} else {
 		log.Printf("Matching host: %v\n", confObj.Instance.URL)
 	}
+	if confObj.TLS.Use {
+		log.Printf("Using TLS\n")
+		log.Printf("Cert: %v\n", confObj.TLS.Cert)
+		log.Printf("Key: %v\n", confObj.TLS.Key)
+	}
 	if confObj.StdoutLogging {
 		log.Printf("Logging to: stdout\n")
 	} else {
@@ -176,6 +204,5 @@ func bindConfig() {
 	log.Printf("Using %v database: %v\n", confObj.DBType, confObj.DBPath)
 	log.Printf("Database push interval: %v\n", confObj.DBInterval)
 	log.Printf("User status fetch interval: %v\n", confObj.CacheInterval)
-
-	confObj.Mu.Unlock()
+	confObj.Mu.RUnlock()
 }
diff --git a/svc/init.go b/svc/init.go
index 082cef8..fe83145 100644
--- a/svc/init.go
+++ b/svc/init.go
@@ -22,7 +22,6 @@ var (
 	flagAssets   *string = pflag.StringP("assets", "a", "", "The location of the getwtxt assets directory.")
 	flagDBPath   *string = pflag.StringP("db", "d", "", "Path to the getwtxt database.")
 	flagDBType   *string = pflag.StringP("dbtype", "t", "", "Type of database being used.")
-	flagProxied  *bool   = pflag.BoolP("proxied", "p", false, "Use if getwtxt is behind a reverse proxy.")
 )
 
 // Holds the global configuration
diff --git a/svc/svc.go b/svc/svc.go
index e5802d2..1748bf0 100644
--- a/svc/svc.go
+++ b/svc/svc.go
@@ -25,6 +25,9 @@ func Start() {
 	if !confObj.IsProxied {
 		index.Host(confObj.Instance.URL)
 	}
+	TLS := confObj.TLS.Use
+	TLSCert := confObj.TLS.Cert
+	TLSKey := confObj.TLS.Key
 	confObj.Mu.RUnlock()
 
 	setIndexRouting(index)
@@ -34,7 +37,11 @@ func Start() {
 	server := newServer(portnum, index)
 	log.Printf("*** Listening on %v\n", portnum)
 	log.Printf("*** getwtxt %v Startup finished at %v, took %v\n\n", Vers, time.Now().Format(time.RFC3339), time.Since(before))
-	errLog("", server.ListenAndServe())
+	if TLS {
+		errLog("", server.ListenAndServeTLS(TLSCert, TLSKey))
+	} else {
+		errLog("", server.ListenAndServe())
+	}
 
 	closeLog <- true
 	killTickers()