|
1 | 1 | package main // import "github.com/hownetworks/tracetrout" |
2 | 2 |
|
3 | 3 | import ( |
| 4 | + "crypto/tls" |
4 | 5 | "encoding/binary" |
5 | 6 | "encoding/json" |
6 | 7 | "errors" |
@@ -403,12 +404,15 @@ func (st *StreamTracker) Get(id StreamID) *Stream { |
403 | 404 | } |
404 | 405 |
|
405 | 406 | type settings struct { |
406 | | - Host string |
407 | | - Port uint16 `default:"8080"` |
408 | | - HopTimeout time.Duration `default:"1s" split_words:"true"` |
409 | | - HopRetries uint `default:"5" split_words:"true"` |
410 | | - HopOffset byte `default:"0" split_words:"true"` |
411 | | - FilterQueue uint16 `default:"0" split_words:"true"` |
| 407 | + Host string |
| 408 | + Port uint16 `default:"8080"` |
| 409 | + HopTimeout time.Duration `default:"1s" split_words:"true"` |
| 410 | + HopRetries uint `default:"5" split_words:"true"` |
| 411 | + HopOffset byte `default:"0" split_words:"true"` |
| 412 | + FilterQueue uint16 `default:"0" split_words:"true"` |
| 413 | + HTTPSEnabled bool `default:"false" envconfig:"HTTPS_ENABLED"` |
| 414 | + HTTPSCertFile string `default:"" envconfig:"HTTPS_CERT_FILE"` |
| 415 | + HTTPSKeyFile string `default:"" envconfig:"HTTPS_KEY_FILE"` |
412 | 416 | } |
413 | 417 |
|
414 | 418 | func (s settings) HostPort() string { |
@@ -436,6 +440,12 @@ func main() { |
436 | 440 | if err := envconfig.Process("", &s); err != nil { |
437 | 441 | log.Fatal(err) |
438 | 442 | } |
| 443 | + if s.HTTPSEnabled && (s.HTTPSCertFile == "" || s.HTTPSKeyFile == "") { |
| 444 | + log.Fatal("HTTPS_ENABLED=true requires HTTPS_CERT_FILE and HTTPS_KEY_FILE") |
| 445 | + } |
| 446 | + if !s.HTTPSEnabled && (s.HTTPSCertFile != "" || s.HTTPSKeyFile != "") { |
| 447 | + log.Fatal("HTTPS_CERT_FILE and HTTPS_KEYF_ILE require HTTPS_ENABLED=true") |
| 448 | + } |
439 | 449 |
|
440 | 450 | tracker := NewStreamTracker() |
441 | 451 | queue, err := nfq.New(s.FilterQueue, func(pkt nfq.Packet) { |
@@ -536,11 +546,16 @@ func main() { |
536 | 546 |
|
537 | 547 | fmt.Printf("Serving on %v...\n", s.HostPort()) |
538 | 548 | server := http.Server{ |
539 | | - Addr: s.HostPort(), |
540 | | - Handler: handlers.CombinedLoggingHandler(os.Stdout, cors.Default().Handler(handler)), |
| 549 | + Addr: s.HostPort(), |
| 550 | + Handler: handlers.CombinedLoggingHandler(os.Stdout, cors.Default().Handler(handler)), |
| 551 | + TLSNextProto: map[string]func(*http.Server, *tls.Conn, http.Handler){}, |
541 | 552 | } |
542 | 553 | server.SetKeepAlivesEnabled(false) |
543 | | - server.ListenAndServe() |
| 554 | + if s.HTTPSEnabled { |
| 555 | + log.Fatal(server.ListenAndServeTLS(s.HTTPSCertFile, s.HTTPSKeyFile)) |
| 556 | + } else { |
| 557 | + log.Fatal(server.ListenAndServe()) |
| 558 | + } |
544 | 559 | } |
545 | 560 |
|
546 | 561 | func write(w io.Writer, s string) error { |
|
0 commit comments