Added pre-generated TLS certificate

2024-02-27 21:58:57 +02:00 · 2024-02-27 21:58:57 +02:00 · 3aeae98404
parent 5ff923ce2c
commit 3aeae98404
6 changed files with 125 additions and 14 deletions
--- a/README.md
+++ b/README.md
@ -24,8 +24,6 @@ Once downloaded, you can launch Cosmium using the following command:
 ```sh
 ./cosmium-linux-amd64 \
  -Cert "cert.crt" \
  -CertKey "cert.key" \
  -Persist "./save.json" \
  -InitialData "./save.json"
 ```
@ -43,7 +41,9 @@ Once running, the explorer can be reached by navigating following URL: `https://
 ### SSL Certificate
-By default, Cosmium runs on HTTP. However, if you provide an SSL certificate, it will use HTTPS. Most applications will require HTTPS, so you can specify paths to the SSL certificate and key (PEM format) using the `-Cert` and `-CertKey` arguments, respectively.
+By default, Cosmium uses a pre-generated SSL certificate. You can provide your own certificates by specifying paths to the SSL certificate and key (PEM format) using the `-Cert` and `-CertKey` arguments, respectively.
 To disable SSL and run Cosmium on HTTP instead, you can use the `-DisableTls` flag. However most applications will require HTTPS.
 ### Other Available Arguments
--- a/api/config/config.go
+++ b/api/config/config.go
@ -20,6 +20,7 @@ func ParseFlags() {
 	initialDataPath := flag.String("InitialData", "", "Path to JSON containing initial state")
 	accountKey := flag.String("AccountKey", DefaultAccountKey, "Account key for authentication")
 	disableAuthentication := flag.Bool("DisableAuth", false, "Disable authentication")
 	disableTls := flag.Bool("DisableTls", false, "Disable TLS, serve over HTTP")
 	persistDataPath := flag.String("Persist", "", "Saves data to given path on application exit")
 	flag.Parse()
@ -32,6 +33,7 @@ func ParseFlags() {
 	Config.InitialDataFilePath = *initialDataPath
 	Config.PersistDataFilePath = *persistDataPath
 	Config.DisableAuth = *disableAuthentication
 	Config.DisableTls = *disableTls
 	Config.DatabaseAccount = Config.Host
 	Config.DatabaseDomain = Config.Host
--- a/api/config/constants.go
+++ b/api/config/constants.go
@ -0,0 +1,78 @@
 package config
 import (
 	"crypto/tls"
 	"fmt"
 )
 const certificate = `
 -----BEGIN CERTIFICATE-----
 MIIEaDCCAlCgAwIBAgIUAY7ito1IQfbIi52C0evhqHWgEvQwDQYJKoZIhvcNAQEL
 BQAwMzELMAkGA1UEBhMCTFQxEjAQBgNVBAgMCUxpdGh1YW5pYTEQMA4GA1UECgwH
 Q29zbWl1bTAeFw0yNDAyMjcxOTE4NThaFw0zNDAyMjYxOTE4NThaMD8xCzAJBgNV
 BAYTAkxUMRIwEAYDVQQIDAlMaXRodWFuaWExEDAOBgNVBAoMB0Nvc21pdW0xCjAI
 BgNVBAMMASowggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCZxGz5clcf
 fvE6wS9Q2xPsUjeKdwotRCfKRu9kT7o1cZOSRBp7DgdeLvZ7BzqU1tk5wiLLiZwB
 gI6amQAd6z6EwUcUH0mHtFiWU0y/FROz0QUojbbYp0PMUhWjlPAxAGaiwgF/82z7
 /lmgMjf5v32XsMfa4U+FaaNYs7gu7aCQBQTAHmOIPnEAeFk9xQ2VzntRUWwzDYOV
 SimtPZk2O2X18V8KTgTLMQF1KErIyznIwEPB/BLi+ihLkh/8BaaxoIeOPIhRLNFr
 ecZrc/8+S4dUSUQDfmV3JFYFFheG0XIPEwXIaXiDAphpkCGhMIC2pDL8r14sntvn
 juHFZxmSP4V5AgMBAAGjaDBmMB8GA1UdIwQYMBaAFEbQ/7hV4FWrptdOk540R2lF
 SB1BMAkGA1UdEwQCMAAwCwYDVR0PBAQDAgTwMAwGA1UdEQQFMAOCASowHQYDVR0O
 BBYEFGv5XvoFFzrG54GQ+WMFm6UO36BJMA0GCSqGSIb3DQEBCwUAA4ICAQBZh/vZ
 PBamebTEpiQz6cgf8+GcTi++ebYUGQ3YJj82pqVBdipOhYQOZJ0fOlT1qRGNglut
 +m5zn0iuXsNucP/32xdf1aJBnsU/aGrlf5ohJpGNxYfNPsewxeqQI23Yj22ec1gy
 WL2pFDYNyTZMM7Wgys7m3i9lb6TYOF2lNO3WbNuuuETsDAPa0rD0R8QsQOfYOSNJ
 YuWE4qZu+ySvTWsMZwlcqs7QL3Sd91UjItIS/AgqbnLvgt4z5ckGCIvickUfAZuQ
 6x592hTz4OZ+WIYDejtb5MMXRaKEXgfF6o1idrD7YgVutm+2+mYpN1v9aLbCs7QW
 9RkJoTXFQRNGq6j/cO0ZrCKFkttduziMWRz5X9QWADME1NsL53DfDkaxp9Nh+CCu
 0S9OF9nVLJVigdXe4O1cQ0Qh633O6k+F/xWYcmMyVt3V2bs7FPfygGUx60tfIbpi
 cBK3BsuzUrId3ozvYPsmfxYlzmyspyS6G+f7zLFOakm3fuqDJpnFNXmRY2Ljd3Cp
 punuMT6zSctHAxpgJm1g9R6PcaGr+b/n6zkbxyK9+SFzwN3Lb18WFj5OcslNM/g5
 ERE5Ws+Vae6MleSmsxSytgH4qn0ormPWuouBLaW0Rv2ZHdkt3myq8kTqtqdw3LRR
 ogcLQ3cL6I5FKGjm2TOF72DQHvOol8ck0uMz/w==
 -----END CERTIFICATE-----
 `
 const certificateKey = `
 -----BEGIN PRIVATE KEY-----
 MIIEuwIBADANBgkqhkiG9w0BAQEFAASCBKUwggShAgEAAoIBAQCZxGz5clcffvE6
 wS9Q2xPsUjeKdwotRCfKRu9kT7o1cZOSRBp7DgdeLvZ7BzqU1tk5wiLLiZwBgI6a
 mQAd6z6EwUcUH0mHtFiWU0y/FROz0QUojbbYp0PMUhWjlPAxAGaiwgF/82z7/lmg
 Mjf5v32XsMfa4U+FaaNYs7gu7aCQBQTAHmOIPnEAeFk9xQ2VzntRUWwzDYOVSimt
 PZk2O2X18V8KTgTLMQF1KErIyznIwEPB/BLi+ihLkh/8BaaxoIeOPIhRLNFrecZr
 c/8+S4dUSUQDfmV3JFYFFheG0XIPEwXIaXiDAphpkCGhMIC2pDL8r14sntvnjuHF
 ZxmSP4V5AgMBAAECgf89wcgjpZnzoWoiM3Z6QDJnkiUdXQumHQracBnRFXnMy8p9
 wCd4ecnu9ptd8OArXgVMiaILWZeGXlqtW872m6Lej6DrJkpOt3NG9CvscdaHdthW
 9dzv8d7IEtuRN4/WWOm7Tke7eD7763ta9i9/niR2q7DazPVw8vYhkyoNe864qVrq
 Vw6+MMetz3TDHZ68p17yJJ9FJ0z0vHj3KJFrxnJonMe+/LcQX490y4zZw+zeyCkh
 y/bsgvFGhnUhJ+mOz+qv0KL7HyUR69p9/+mjQH+AQH+j24xgd1IL0Dror9Cy1kxY
 uKmi8pN1y288GmjkWosGMb0p3Pse1OkOyYFIbxECgYEA2ED3PSPoHWLHfKhg2BFw
 yMPtern06rjKuwMNlD+mKS66Z+OsQi2EBsqomGnr1HGvYgQik0jwMcx0+Sup9/Zp
 az8ebH6S4Tdxmnlwn34lhTIAF1KJS19AYvbhOydV+M+hq7Y7QxTqYsJAgEYwsozQ
 0XeAzRBIiRxdcMFHP40zZIkCgYEAtgdiwo5d5iyvXEqx/5+NdM4b/ImrbaFIAb0v
 MqiPpOA/+7EKlx72gJKVKh2iv4jvEUfduNEUXt77Yqo66HhfiTBVYxYwThK8E0Mq
 TSKKdJsdPSThLS3qjeARpzQpWLiBZH90GxbfFL3ogIOa/UcgwRrqPc5a/yq8adSs
 KGrfvXECgYEAmSMAMbqgn1aY32y5D6jiDjm4jMTsa98qKN5TmlysRNODSxhNnptu
 uASA+VVgnBNZV/aHqXboKMuZNe22shI7uqd62ueTCYtiljpTB46j8TtkFx/qe4Zb
 KPmcq3ACkGwwF1G3i5xfEkputKd/yqCvKvYOLqjORNHiVXt5Acby0skCgYBYkZ9s
 KvllVbi9n1qclnWtr9vONO5EmYT/051zeLDr+HEpditA/L/UL36Ez4awy2AHeIBZ
 vOG8h6Kpj0q6cleJ2Qqy+8jlNBhvBu8+OOBFfHPtnFQ0N3M5NR1hze+QS7YpwBou
 VCKXZRAL9/0h38oAK6huCkocfh7PH7vkrpvPAQKBgCFDDtk7aBJsNcOW+aq4IEvf
 nZ5hhhdelNLeN29RrJ71GwJrCG3NbhopWlCDqZ/Dd6QoEUpebqvlMGvQJBuz/QKb
 ilcZlmaCS9pqIXAFK9GQ89V/xa8OibOuJUiBgShnfSQqAwQrfX1vYjtKErnjoRFs
 9+zaWugLCC47Hw6QlMDa
 -----END PRIVATE KEY-----
 `
 func GetDefaultTlsConfig() *tls.Config {
 	cert, err := tls.X509KeyPair([]byte(certificate), []byte(certificateKey))
 	if err != nil {
 		fmt.Println("Failed to parse certificate and key:", err)
 		return &tls.Config{}
 	}
 	return &tls.Config{
 		Certificates: []tls.Certificate{cert},
 	}
 }
--- a/api/config/models.go
+++ b/api/config/models.go
@ -14,4 +14,5 @@ type ServerConfig struct {
 	InitialDataFilePath string
 	PersistDataFilePath string
 	DisableAuth         bool
 	DisableTls          bool
 }
--- a/api/router.go
+++ b/api/router.go
@ -1,7 +1,11 @@
 package api
 import (
 	"fmt"
 	"net/http"
 	"github.com/gin-gonic/gin"
 	"github.com/pikami/cosmium/api/config"
 	"github.com/pikami/cosmium/api/handlers"
 	"github.com/pikami/cosmium/api/handlers/middleware"
 )
@ -43,3 +47,39 @@ func CreateRouter() *gin.Engine {
 	return router
 }
 func StartAPI() {
 	router := CreateRouter()
 	listenAddress := fmt.Sprintf(":%d", config.Config.Port)
 	if config.Config.TLS_CertificatePath != "" && config.Config.TLS_CertificateKey != "" {
 		err := router.RunTLS(
 			listenAddress,
 			config.Config.TLS_CertificatePath,
 			config.Config.TLS_CertificateKey)
 		if err != nil {
 			fmt.Println("Failed to start HTTPS server:", err)
 		}
 		return
 	}
 	if config.Config.DisableTls {
 		router.Run(listenAddress)
 	}
 	tlsConfig := config.GetDefaultTlsConfig()
 	server := &http.Server{
 		Addr:      listenAddress,
 		Handler:   router.Handler(),
 		TLSConfig: tlsConfig,
 	}
 	fmt.Printf("Listening and serving HTTPS on %s\n", server.Addr)
 	err := server.ListenAndServeTLS("", "")
 	if err != nil {
 		fmt.Println("Failed to start HTTPS server:", err)
 	}
 	router.Run()
 }
--- a/main.go
+++ b/main.go
@ -1,7 +1,6 @@
 package main
 import (
 	"fmt"
 	"os"
 	"os/signal"
 	"syscall"
@ -18,16 +17,7 @@ func main() {
 		repositories.LoadStateFS(config.Config.InitialDataFilePath)
 	}
-	router := api.CreateRouter()
+	go api.StartAPI()
 	if config.Config.TLS_CertificatePath == "" ||
 		config.Config.TLS_CertificateKey == "" {
 		go router.Run(fmt.Sprintf(":%d", config.Config.Port))
 	} else {
 		go router.RunTLS(
 			fmt.Sprintf(":%d", config.Config.Port),
 			config.Config.TLS_CertificatePath,
 			config.Config.TLS_CertificateKey)
 	}
 	waitForExit()
 }