Merge pull request #120 from mahmednabil109/Add_TLS_config_and_middle…

…wares [admin_server] Add tls and middlewares parameter
linuxboot · Aug 4, 2022 · 927ea7f · 927ea7f
2 parents cd42c60 + d49cb24
commit 927ea7f
Show file tree

Hide file tree

Showing 2 changed files with 37 additions and 7 deletions.
diff --git a/cmds/admin_server/main.go b/cmds/admin_server/main.go
@@ -1,6 +1,7 @@
 package main
 
 import (
+	"crypto/tls"
 	"flag"
 	"fmt"
 	"os"
@@ -20,13 +21,17 @@ var (
 	flagSet      *flag.FlagSet
 	flagPort     *int
 	flagDBURI    *string
+	flagTLSCert  *string
+	flagTLSKey   *string
 	flagLogLevel *string
 )
 
 func initFlags(cmd string) {
 	flagSet = flag.NewFlagSet(cmd, flag.ContinueOnError)
 	flagPort = flagSet.Int("port", 8000, "Port to init the admin server on")
 	flagDBURI = flagSet.String("dbURI", "mongodb://localhost:27017", "Database URI")
+	flagTLSCert = flagSet.String("tlsCert", "", "Path to the tls cert file")
+	flagTLSKey = flagSet.String("tlsKey", "", "Path to the tls key file")
 	flagLogLevel = flagSet.String("logLevel", "debug", "A log level, possible values: debug, info, warning, error, panic, fatal")
 
 }
@@ -72,7 +77,18 @@ func main() {
 		cancel()
 	}()
 
-	if err := server.Serve(ctx, *flagPort, storage); err != nil {
+	var tlsConfig *tls.Config
+	if *flagTLSCert != "" && *flagTLSKey != "" {
+		cert, err := tls.LoadX509KeyPair(*flagTLSCert, *flagTLSKey)
+		if err != nil {
+			exitWithError(err, 1)
+		}
+		tlsConfig = &tls.Config{
+			Certificates: []tls.Certificate{cert},
+		}
+	}
+
+	if err := server.Serve(ctx, *flagPort, storage, nil, tlsConfig); err != nil {
 		exitWithError(fmt.Errorf("server err: %w", err), 1)
 	}
 }
diff --git a/cmds/admin_server/server/server.go b/cmds/admin_server/server/server.go
@@ -1,6 +1,7 @@
 package server
 
 import (
+	"crypto/tls"
 	"errors"
 	"fmt"
 	"net/http"
@@ -156,11 +157,16 @@ func (r *RouteHandler) getLogs(c *gin.Context) {
 	c.JSON(http.StatusOK, toServerResult(result))
 }
 
-func initRouter(ctx xcontext.Context, rh RouteHandler) *gin.Engine {
+func initRouter(ctx xcontext.Context, rh RouteHandler, middlewares []gin.HandlerFunc) *gin.Engine {
 
 	r := gin.New()
 	r.Use(gin.Logger())
 
+	// add the middlewares
+	for _, hf := range middlewares {
+		r.Use(hf)
+	}
+
 	r.GET("/status", rh.status)
 	r.POST("/log", rh.addLog)
 	r.GET("/log", rh.getLogs)
@@ -171,15 +177,16 @@ func initRouter(ctx xcontext.Context, rh RouteHandler) *gin.Engine {
 	return r
 }
 
-func Serve(ctx xcontext.Context, port int, storage storage.Storage) error {
+func Serve(ctx xcontext.Context, port int, storage storage.Storage, middlewares []gin.HandlerFunc, tlsConfig *tls.Config) error {
 	routeHandler := RouteHandler{
 		storage: storage,
 		log:     ctx.Logger(),
 	}
-	router := initRouter(ctx, routeHandler)
+	router := initRouter(ctx, routeHandler, middlewares)
 	server := &http.Server{
-		Addr:    fmt.Sprintf(":%d", port),
-		Handler: router,
+		Addr:      fmt.Sprintf(":%d", port),
+		Handler:   router,
+		TLSConfig: tlsConfig,
 	}
 
 	go func() {
@@ -191,7 +198,14 @@ func Serve(ctx xcontext.Context, port int, storage storage.Storage) error {
 		}
 	}()
 
-	if err := server.ListenAndServe(); err != nil && err != http.ErrServerClosed {
+	var err error
+	if tlsConfig != nil {
+		err = server.ListenAndServeTLS("", "")
+	} else {
+		err = server.ListenAndServe()
+	}
+
+	if err != nil && err != http.ErrServerClosed {
 		return err
 	}