diff --git a/client_test.go b/client_test.go index a2aea93..3e1f180 100644 --- a/client_test.go +++ b/client_test.go @@ -22,7 +22,15 @@ func TestAPI(t *testing.T) { httpClient := http.DefaultClient defer httpClient.CloseIdleConnections() - vokiClient := voki.New(httpClient, "localhost", cfg.API.Key, cfg.API.Port, "http") + var protocol string + switch cfg.API.TLS.Enabled { + case true: + protocol = "https" + case false: + protocol = "http" + } + + vokiClient := voki.New(httpClient, "localhost", cfg.API.Key, cfg.API.Port, protocol) apiClient := APIClient{vokiClient} t.Run("get API health", func(t *testing.T) { diff --git a/cmd.go b/cmd.go index 8c5571d..508af62 100644 --- a/cmd.go +++ b/cmd.go @@ -114,7 +114,22 @@ var apiCmd = &cobra.Command{ */ // Execution - e.Logger.Fatal(e.Start(fmt.Sprintf(":%d", cfg.API.Port))) + switch cfg.API.TLS.Enabled { + case false: + e.Logger.Fatal( + e.Start( + fmt.Sprintf(":%d", cfg.API.Port), + ), + ) + case true: + e.Logger.Fatal( + e.StartTLS( + fmt.Sprintf(":%d", cfg.API.Port), + cfg.API.TLS.CertificateFile, + cfg.API.TLS.PrivateKeyFile, + ), + ) + } }, } diff --git a/config.go b/config.go index 3096960..927227c 100644 --- a/config.go +++ b/config.go @@ -11,6 +11,21 @@ import ( ) const ( + ViperAPITLSEnabled string = "api.tls.enabled" + FlagAPITLSEnabled string = "api-tls-enabled" + DefaultAPITLSEnabled bool = false + DescriptionAPITLSEnabled string = "Whether to use TLS or not. Requires certificate and private key files." + + ViperAPITLSCertificateFile string = "api.tls.certificate_file" + FlagAPITLSCertificateFile string = "api-tls-certificate-file" + DefaultAPITLSCertificateFile string = "" + DescriptionAPITLSCertificateFile string = "Path to TLS certificate file" + + ViperAPITLSPrivateKeyFile string = "api.tls.private_key_file" + FlagAPITLSPrivateKeyFile string = "api-tls-private-key-file" + DefaultAPITLSPrivateKeyFile string = "" + DescriptionAPITLSPrivateKeyFile string = "Path to TLS private key file" + ViperAPIPort string = "api.port" FlagAPIPort string = "api-port" DefaultAPIPort int = 1312 @@ -89,6 +104,15 @@ const ( type Config struct { API struct { + TLS struct { + Enabled bool `yaml:"enabled"` + + // Path to file containing TLS certificate + CertificateFile string `yaml:"certificate_file"` + + // Path to file containing TLS private key + PrivateKeyFile string `yaml:"private_key_file"` + } Port int `yaml:"port"` Key string `yaml:"key"` } `yaml:"api"` @@ -116,6 +140,9 @@ type Config struct { // DefaultConfig returns a Config filled with the default values from the // `Default*` constants defined in this file. func DefaultConfig() (cfg Config) { + cfg.API.TLS.Enabled = DefaultAPITLSEnabled + cfg.API.TLS.CertificateFile = DefaultAPITLSCertificateFile + cfg.API.TLS.PrivateKeyFile = DefaultAPITLSPrivateKeyFile cfg.API.Port = DefaultAPIPort cfg.API.Key = DefaultAPIKey cfg.DB.Database = DefaultDBDatabase @@ -145,6 +172,24 @@ func init() { rootCmd.AddCommand(apiCmd) + // api.tls.enabled + apiCmd.Flags().Bool(FlagAPITLSEnabled, DefaultAPITLSEnabled, DescriptionAPITLSEnabled) + if err := viper.BindPFlag(ViperAPITLSEnabled, apiCmd.Flags().Lookup(FlagAPITLSEnabled)); err != nil { + log.Fatal(err) + } + + // api.tls.certificate_file + apiCmd.Flags().String(FlagAPITLSCertificateFile, DefaultAPITLSCertificateFile, DescriptionAPITLSCertificateFile) + if err := viper.BindPFlag(ViperAPITLSCertificateFile, apiCmd.Flags().Lookup(FlagAPITLSCertificateFile)); err != nil { + log.Fatal(err) + } + + // api.tls.private_key_file + apiCmd.Flags().String(FlagAPITLSPrivateKeyFile, DefaultAPITLSPrivateKeyFile, DescriptionAPITLSPrivateKeyFile) + if err := viper.BindPFlag(ViperAPITLSPrivateKeyFile, apiCmd.Flags().Lookup(FlagAPITLSPrivateKeyFile)); err != nil { + log.Fatal(err) + } + // api.key apiCmd.Flags().String(FlagAPIKey, DefaultAPIKey, DescriptionAPIKey) if err := viper.BindPFlag(ViperAPIKey, apiCmd.Flags().Lookup(FlagAPIKey)); err != nil {