feat: 增加系统 ssl 设置功能 (#780)

2023-04-25 14:34:16 +08:00
parent edf07be281
commit 34e84081e3
17 changed files with 731 additions and 20 deletions
--- a/backend/server/server.go
+++ b/backend/server/server.go
@@ -1,8 +1,11 @@
 package server

 import (
+	"crypto/tls"
 	"encoding/gob"
 	"fmt"
+	"net/http"
+	"os"
 	"time"

 	"github.com/1Panel-dev/1Panel/backend/init/app"
@@ -43,22 +46,42 @@ func Start() {

 	rootRouter := router.Routers()
 	address := fmt.Sprintf(":%s", global.CONF.System.Port)
-	s := initServer(address, rootRouter)
-	global.LOG.Infof("server run success on %s", global.CONF.System.Port)
-	if err := s.ListenAndServe(); err != nil {
-		global.LOG.Error(err)
-		panic(err)
-	}
-}
-
-type server interface {
-	ListenAndServe() error
-}
-
-func initServer(address string, router *gin.Engine) server {
-	s := endless.NewServer(address, router)
+	s := endless.NewServer(address, rootRouter)
 	s.ReadHeaderTimeout = 20 * time.Second
 	s.WriteTimeout = 60 * time.Second
 	s.MaxHeaderBytes = 1 << 20
-	return s
+
+	if global.CONF.System.SSL == "disable" {
+		global.LOG.Infof("server run success on %s with http", global.CONF.System.Port)
+		if err := s.ListenAndServe(); err != nil {
+			global.LOG.Error(err)
+			panic(err)
+		}
+	} else {
+		certificate, err := os.ReadFile(global.CONF.System.BaseDir + "/1panel/secret/server.crt")
+		if err != nil {
+			panic(err)
+		}
+		key, err := os.ReadFile(global.CONF.System.BaseDir + "/1panel/secret/server.key")
+		if err != nil {
+			panic(err)
+		}
+		cert, err := tls.X509KeyPair(certificate, key)
+		if err != nil {
+			panic(err)
+		}
+		s := &http.Server{
+			Addr:    address,
+			Handler: rootRouter,
+			TLSConfig: &tls.Config{
+				Certificates: []tls.Certificate{cert},
+			},
+		}
+
+		global.LOG.Infof("server run success on %s with https", global.CONF.System.Port)
+		if err := s.ListenAndServeTLS("", ""); err != nil {
+			global.LOG.Error(err)
+			panic(err)
+		}
+	}
 }