Add TLS mode support and checkbox in Settings -> General

Author: SCP002

README.md

@@ -160,6 +160,15 @@ gox -output="./xteve-build/{{.Dir}}_{{.OS}}_{{.Arch}}" ./
 
 ---
 
+## Certificate generation
+
+See:
+* <https://pkg.go.dev/net/http#ListenAndServeTLS>
+* <https://github.com/denji/golang-tls>
+* <https://gist.github.com/fntlnz/cf14feb5a46b2eda428e000157447309>
+
+---
+
 ## Fork without pull request :mega:
 
 When creating a fork, the xTeVe GitHub account must be changed from the source code or the update function disabled.

certeficates/xteve.crt

@@ -0,0 +1,21 @@
+-----BEGIN CERTIFICATE-----
+MIIDhTCCAm2gAwIBAgIURgwIxlYujaBGZneE0xkvk9VWzeAwDQYJKoZIhvcNAQEL
+BQAwUjELMAkGA1UEBhMCQVUxEzARBgNVBAgMClNvbWUtU3RhdGUxDjAMBgNVBAoM
+BXh0ZXZlMQ4wDAYDVQQLDAV4dGV2ZTEOMAwGA1UEAwwFeHRldmUwHhcNMjIwNDIw
+MjMzNzU3WhcNMzIwNDE3MjMzNzU3WjBSMQswCQYDVQQGEwJBVTETMBEGA1UECAwK
+U29tZS1TdGF0ZTEOMAwGA1UECgwFeHRldmUxDjAMBgNVBAsMBXh0ZXZlMQ4wDAYD
+VQQDDAV4dGV2ZTCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoCggEBAOdrEV93
+ZcxZP47CrzpVWF6dMXeS7nYcyK7aQOoDl2oDj7m5JKsPjl/khRiAUxQ0QgIFVCSi
+Xgod4FFjj1HWc7qgpEqyulCP3GR8vnrP63iGptVO8ffU034BifevwyRqEj8Vy11d
+uFrn0FxmpSCW8o28TPnEebuZcTVx+zARFEc+Hc48JgTsRIaGbWCnkJ5VQ0Uq6+td
+cjHzM7l7yK+xAPOSP4jLQ+zfY5n6C/cjBzZqf/oQU0JuSr12xF17Eccx+EPNdwhk
+OLNmcvDEcKAEv9OSzLv3csn8zIqRnpCEYehPBGL+CX5Rz8Vn6/qb2fmqf53B0leV
+PmEmjvUOAVj053MCAwEAAaNTMFEwHQYDVR0OBBYEFLfYxsVRzA8l3RuPUp2N+bbv
+xVscMB8GA1UdIwQYMBaAFLfYxsVRzA8l3RuPUp2N+bbvxVscMA8GA1UdEwEB/wQF
+MAMBAf8wDQYJKoZIhvcNAQELBQADggEBAEiL4LcPZ4HVeTxqrNQjRV2SJNJmUMT2
+AWBrpH4bbKPVgdOJGvQkH4K8OW/P5dCvIum+PZFUR+jkgv2EUppZCU7R6mGyhDBA
+DBQU7z0R5NdB+bKqKP/Wxs30r6u1lCELQA1PC4PQt04MXKTmLoOscHTTE9qBhrnv
+Un8sEr0SHwxtrSupLRRcRMzZvz9q9s9xOjZQa3gNnUsGv9aPrjnrCsBflQ4Vrzym
+70aj379sQ8lpkml+0pKiJ+S2aRmt9jQ47fODYSB8A/0iDJSQ4WiOuItiJIQ1q5qV
+T6PGzJotCXk9ZXCz84ZZnVcIKFEC9cNWGxdDq/y04t8poyxXLwWRbnY=
+-----END CERTIFICATE-----

certeficates/xteve.key

@@ -0,0 +1,27 @@
+-----BEGIN RSA PRIVATE KEY-----
+MIIEpgIBAAKCAQEA52sRX3dlzFk/jsKvOlVYXp0xd5LudhzIrtpA6gOXagOPubkk
+qw+OX+SFGIBTFDRCAgVUJKJeCh3gUWOPUdZzuqCkSrK6UI/cZHy+es/reIam1U7x
+99TTfgGJ96/DJGoSPxXLXV24WufQXGalIJbyjbxM+cR5u5lxNXH7MBEURz4dzjwm
+BOxEhoZtYKeQnlVDRSrr611yMfMzuXvIr7EA85I/iMtD7N9jmfoL9yMHNmp/+hBT
+Qm5KvXbEXXsRxzH4Q813CGQ4s2Zy8MRwoAS/05LMu/dyyfzMipGekIRh6E8EYv4J
+flHPxWfr+pvZ+ap/ncHSV5U+YSaO9Q4BWPTncwIDAQABAoIBAQDb1viQCmrob7hT
+NFsmPUFP0GDXyPtDtSBoCuoz5OmISo3Uzy8oWgTUz9AocG97+BDkvo8qphxT3AHn
+D39tLR6Pol+wno0kTyX9SAvju3Vj7/a5GOAAoWuwfmHErHHjO+jNiTTCI3Ao26My
+xEgF55/QSZuOgrlqH+BN91O6W985tNfNHoIbAVjiDm3R8VDB+tjhBoFW5ZLQn8Xa
+/lKAlEZ3tmzwi8QxCRxX1JYQ09UD9E/RV1DCbOaownyplocjVNwWd0wTQ7/Peqr5
++/lvN9DiRGgPWogX0cvmNYoLFP+98s++v8zvJWI6uO3P7LzQIClXowxE12KNzUKE
+2zuf93pBAoGBAP6XDwnjmgttldlxcwhuDEo6enl5kvfzELSoYwvO63xJi/+lLd/E
+/83ePBiBgoZFdzBLuNaQUZVibzlt5PJUtlejoTap98+0hcjU+Dw416AkQ2eHabXj
+JjuiXPb5Gio3FIN55HnTTme8LQiyF0g9Ok+w/YvOjeTfJa1UMlkyRdsRAoGBAOiz
+KFfewniBdZt1KrwI3JAGGDr+W3koxtI3BBszqA5dPjGVeA1M6pt+kbk+zI0dBleY
+AmUDHDPKU4RXDc0rESwUhKF/kxMAh1O25Tt0RY5vWRcDlAgKoPbVVZLbSkwkHx6S
+VxXHT2wEFdqJrmrZp047Be9hIuKziVJijiMNL3JDAoGBAJJq2AhM8Jwf8y1yFMFF
+YSYTibpxE/grv3DW4te4si/xsGVfXwmxp5iDdjZ1zVZhfxG0iuJDb9glG2iA7kn8
+ND4k6iOhDtdSsBp3eShRXJlKIcXZ2A72S1fCogqb6tNaiB6xLJhv0UjRrWix27f9
+FpscZEVSjsKRH38WzDoGMqyxAoGBALhjtrUiO+E3XFTqHAnRz8yEN9EPWraAHEPY
++nT/ksyHEFBEC1QmvcSnH5u1amrrM+pW9pbKRx+21EUKolIQLVRLkelS6Nzmz1UD
+mVNqR++cxfCZkkRo/7F3zI5JG++Hs+0Kstz8CTAjcJmx/baHb65q0MIlq3oOH+Nb
+WxvlR9J3AoGBALFFee66OHfgHx/pi+/NUWo9DHPcypGmJskmmNm+Z94utpyZrSxj
+KiiZi79cQiNTzBwANQ9h5lvGguKONE4v4vLTrqzOnaCCVGm/Q/I4cAXwidjTZmhC
+v6Pw1OPHRglCDuXUy2v7eDPXpusJ36Rp4y/+ALu4tnBk6eZ3b02zw6qB
+-----END RSA PRIVATE KEY-----

html/js/base_ts.js

@@ -18,7 +18,7 @@ menuItems.push(new MainMenuItem("log", "{{.mainMenu.item.log}}", "log.png", "{{.
 menuItems.push(new MainMenuItem("logout", "{{.mainMenu.item.logout}}", "logout.png", "{{.mainMenu.headline.logout}}"));
 // Settings categories
 var settingsCategory = new Array();
-settingsCategory.push(new SettingsCategoryItem("{{.settings.category.general}}", "xteveAutoUpdate,tuner,epgSource,api"));
+settingsCategory.push(new SettingsCategoryItem("{{.settings.category.general}}", "tlsMode,xteveAutoUpdate,tuner,epgSource,api"));
 settingsCategory.push(new SettingsCategoryItem("{{.settings.category.files}}", "update,files.update,temp.path,cache.images,xepg.replace.missing.images"));
 settingsCategory.push(new SettingsCategoryItem("{{.settings.category.streaming}}", "buffer,udpxy,buffer.size.kb,buffer.timeout,user.agent,ffmpeg.path,ffmpeg.options,vlc.path,vlc.options"));
 settingsCategory.push(new SettingsCategoryItem("{{.settings.category.backup}}", "backup.path,backup.keep"));

html/js/network_ts.js

@@ -7,7 +7,6 @@ class Server {
             return;
         }
         SERVER_CONNECTION = true;
-        console.log(data);
         if (this.cmd != "updateLog") {
             showElement("loading", true);
             UNDO = new Object();
@@ -25,35 +24,32 @@ class Server {
         var ws = new WebSocket(url);
         ws.onopen = function () {
             WS_AVAILABLE = true;
-            console.log("REQUEST (JS):");
-            console.log(data);
-            console.log("REQUEST: (JSON)");
-            console.log(JSON.stringify(data));
             this.send(JSON.stringify(data));
         };
-        ws.onerror = function (e) {
+        ws.onerror = function (wsErrEvt) {
             console.log("No websocket connection to xTeVe could be established. Check your network configuration.");
             SERVER_CONNECTION = false;
             if (WS_AVAILABLE == false) {
                 alert("No websocket connection to xTeVe could be established. Check your network configuration.");
             }
         };
-        ws.onmessage = function (e) {
+        ws.onmessage = function (wsMessageEvt) {
             SERVER_CONNECTION = false;
             showElement("loading", false);
-            console.log("RESPONSE:");
-            var response = JSON.parse(e.data);
-            console.log(response);
+            const response = JSON.parse(wsMessageEvt.data);
             if (response.hasOwnProperty("token")) {
                 document.cookie = "Token=" + response["token"];
             }
             if (response["status"] == false) {
                 alert(response["err"]);
-                if (response.hasOwnProperty("reload")) {
-                    location.reload();
-                }
                 return;
             }
+            if (response.hasOwnProperty("newWebUrl")) {
+                window.location = response["newWebUrl"];
+            }
+            if (response.hasOwnProperty("reload")) {
+                window.location.reload();
+            }
             if (response.hasOwnProperty("alert")) {
                 alert(response["alert"]);
             }
@@ -70,7 +66,6 @@ class Server {
                         showLogs(false);
                     }
                     return;
-                    break;
                 default:
                     SERVER = new Object();
                     SERVER = response;
@@ -99,6 +94,7 @@ class Server {
 function getCookie(name) {
     var value = "; " + document.cookie;
     var parts = value.split("; " + name + "=");
-    if (parts.length == 2)
+    if (parts.length == 2) {
         return parts.pop().split(";").shift();
+    }
 }

html/js/settings_ts.js

@@ -117,6 +117,17 @@ class SettingsCategory {
                 setting.appendChild(tdRight);
                 break;
             // Checkboxes
+            case "tlsMode":
+                var tdLeft = document.createElement("TD");
+                tdLeft.innerHTML = "{{.settings.tlsMode.title}}" + ":";
+                var tdRight = document.createElement("TD");
+                var input = content.createCheckbox(settingsKey);
+                input.checked = data;
+                input.setAttribute("onchange", "javascript: this.className = 'changed'");
+                tdRight.appendChild(input);
+                setting.appendChild(tdLeft);
+                setting.appendChild(tdRight);
+                break;
             case "authentication.web":
                 var tdLeft = document.createElement("TD");
                 tdLeft.innerHTML = "{{.settings.authenticationWEB.title}}" + ":";
@@ -310,6 +321,9 @@ class SettingsCategory {
         var description = document.createElement("TR");
         var text;
         switch (settingsKey) {
+            case "tlsMode":
+                text = "{{.settings.tlsMode.description}}";
+                break;
             case "authentication.web":
                 text = "{{.settings.authenticationWEB.description}}";
                 break;

html/lang/en.json

@@ -397,6 +397,10 @@
       "title": "Number of Tuners",
       "description": "Number of parallel connections that can be established to the provider.<br>Available for: Plex, Emby (HDHR), M3U (with active buffer).<br>After a change, xTeVe must be delete in the Plex / Emby DVR settings and set up again."
     },
+    "tlsMode": {
+      "title": "TLS (HTTPS) mode",
+      "description": "Changes web server protocol to HTTPS. Requires xteve.crt and xteve.key in xTeVe config /certificates directory."
+    },
     "filesUpdate":
     {
       "title": "Updates all files at startup",

src/backup.go

@@ -13,7 +13,7 @@ import (
 
 func xTeVeAutoBackup() (err error) {
 
-	var archiv = "xteve_auto_backup_" + time.Now().Format("20060102_1504") + ".zip"
+	var archive = "xteve_auto_backup_" + time.Now().Format("20060102_1504") + ".zip"
 	var target string
 	var sourceFiles = make([]string, 0)
 	var oldBackupFiles = make([]string, 0)
@@ -74,13 +74,16 @@ func xTeVeAutoBackup() (err error) {
 	// Create a Backup
 	if err == nil {
 
-		target = System.Folder.Backup + archiv
+		target = System.Folder.Backup + archive
 
 		for _, i := range SystemFiles {
 			sourceFiles = append(sourceFiles, System.Folder.Config+i)
 		}
 
 		sourceFiles = append(sourceFiles, System.Folder.ImagesUpload)
+		if Settings.TLSMode {
+			sourceFiles = append(sourceFiles, System.Folder.Certificates)
+		}
 
 		err = zipFiles(sourceFiles, target)
 
@@ -98,23 +101,26 @@ func xTeVeAutoBackup() (err error) {
 	return
 }
 
-func xteveBackup() (archiv string, err error) {
+func xteveBackup() (archive string, err error) {
 
 	err = checkFolder(System.Folder.Temp)
 	if err != nil {
 		return
 	}
 
-	archiv = "xteve_backup_" + time.Now().Format("20060102_1504") + ".zip"
+	archive = "xteve_backup_" + time.Now().Format("20060102_1504") + ".zip"
 
-	var target = System.Folder.Temp + archiv
+	var target = System.Folder.Temp + archive
 	var sourceFiles = make([]string, 0)
 
 	for _, i := range SystemFiles {
 		sourceFiles = append(sourceFiles, System.Folder.Config+i)
 	}
 
 	sourceFiles = append(sourceFiles, System.Folder.Data)
+	if Settings.TLSMode {
+		sourceFiles = append(sourceFiles, System.Folder.Certificates)
+	}
 
 	err = zipFiles(sourceFiles, target)
 	if err != nil {

src/config.go

@@ -73,6 +73,7 @@ func Init() (err error) {
 	System.Folder.Backup = System.Folder.Config + "backup" + string(os.PathSeparator)
 	System.Folder.Data = System.Folder.Config + "data" + string(os.PathSeparator)
 	System.Folder.Cache = System.Folder.Config + "cache" + string(os.PathSeparator)
+	System.Folder.Certificates = System.Folder.Config + "certificates" + string(os.PathSeparator)
 	System.Folder.ImagesCache = System.Folder.Cache + "images" + string(os.PathSeparator)
 	System.Folder.ImagesUpload = System.Folder.Data + "images" + string(os.PathSeparator)
 	System.Folder.Temp = getDefaultTempDir()

src/screen.go

@@ -251,6 +251,8 @@ func getErrMsg(errCode int) (errMsg string) {
 		errMsg = fmt.Sprintf("Invalid filter rule")
 	case 1015:
 		errMsg = fmt.Sprintf("Specified temp folder path is invalid, fallback to %s", os.TempDir())
+	case 1016:
+		errMsg = fmt.Sprintf("Web server could not be stopped.")
 
 	case 1020:
 		errMsg = fmt.Sprintf("Data could not be saved, invalid keyword")

src/struct-system.go

@@ -60,6 +60,7 @@ type SystemStruct struct {
 	Folder struct {
 		Backup       string
 		Cache        string
+		Certificates string
 		Config       string
 		Data         string
 		ImagesCache  string
@@ -303,6 +304,7 @@ type SettingsStruct struct {
 	Port                      string                `json:"port"`
 	SSDP                      bool                  `json:"ssdp"`
 	TempPath                  string                `json:"temp.path"`
+	TLSMode                   bool                  `json:"tlsMode"`
 	Tuner                     int                   `json:"tuner"`
 	Update                    []string              `json:"update"`
 	UpdateURL                 string                `json:"update.url,omitempty"`

src/struct-webserver.go

@@ -36,6 +36,7 @@ type RequestStruct struct {
 		VLCPath                  *string   `json:"vlc.path,omitempty"`
 		FilesUpdate              *bool     `json:"files.update,omitempty"`
 		TempPath                 *string   `json:"temp.path,omitempty"`
+		TLSMode                  *bool     `json:"tlsMode,omitempty"`
 		Tuner                    *int      `json:"tuner,omitempty"`
 		UDPxy                    *string   `json:"udpxy,omitempty"`
 		Update                   *[]string `json:"update,omitempty"`
@@ -107,6 +108,7 @@ type ResponseStruct struct {
 	Error               string                 `json:"err,omitempty"`
 	Log                 WebScreenLogStruct     `json:"log,required"`
 	LogoURL             string                 `json:"logoURL,omitempty"`
+	NewWebURL           string                 `json:"newWebUrl,omitempty"`
 	OpenLink            string                 `json:"openLink,omitempty"`
 	OpenMenu            string                 `json:"openMenu,omitempty"`
 	Reload              bool                   `json:"reload,omitempty"`

src/system.go

@@ -112,32 +112,33 @@ func loadSettings() (settings SettingsStruct, err error) {
 	defaults["authentication.xml"] = false
 	defaults["backup.keep"] = 10
 	defaults["backup.path"] = System.Folder.Backup
-	defaults["buffer"] = "-"
 	defaults["buffer.size.kb"] = 1024
 	defaults["buffer.timeout"] = 500
+	defaults["buffer"] = "-"
 	defaults["cache.images"] = false
 	defaults["epgSource"] = "PMS"
 	defaults["ffmpeg.options"] = System.FFmpeg.DefaultOptions
-	defaults["vlc.options"] = System.VLC.DefaultOptions
-	defaults["files"] = dataMap
 	defaults["files.update"] = true
+	defaults["files"] = dataMap
 	defaults["filter"] = make(map[string]interface{})
 	defaults["git.branch"] = System.Branch
 	defaults["language"] = "en"
 	defaults["log.entries.ram"] = 500
-	defaults["mapping.first.channel"] = 1000
-	defaults["xepg.replace.missing.images"] = true
 	defaults["m3u8.adaptive.bandwidth.mbps"] = 10
+	defaults["mapping.first.channel"] = 1000
 	defaults["port"] = "34400"
 	defaults["ssdp"] = true
+	defaults["temp.path"] = System.Folder.Temp
+	defaults["tlsMode"] = false
 	defaults["tuner"] = 1
+	defaults["udpxy"] = ""
 	defaults["update"] = []string{"0000"}
 	defaults["user.agent"] = System.Name
 	defaults["uuid"] = createUUID()
-	defaults["udpxy"] = ""
 	defaults["version"] = System.DBVersion
+	defaults["vlc.options"] = System.VLC.DefaultOptions
+	defaults["xepg.replace.missing.images"] = true
 	defaults["xteveAutoUpdate"] = true
-	defaults["temp.path"] = System.Folder.Temp
 
 	// Set Default Values
 	for key, value := range defaults {
@@ -223,6 +224,14 @@ func setGlobalDomain(domain string) {
 
 	System.Domain = domain
 
+	if Settings.TLSMode {
+		System.ServerProtocol.API = "https"
+		System.ServerProtocol.DVR = "https"
+		System.ServerProtocol.M3U = "https"
+		System.ServerProtocol.WEB = "https"
+		System.ServerProtocol.XML = "https"
+	}
+
 	switch Settings.AuthenticationPMS {
 	case true:
 		System.Addresses.DVR = "username:password@" + System.Domain

src/update.go

@@ -265,7 +265,7 @@ checkVersion:
 
 			goto checkVersion
 
-		case "2.2.0", "2.2.1":
+		case "2.2.0", "2.2.1", "2.2.2":
 			// If there are changes to the Database in a later update, continue here
 
 			break