add tls support
This commit is contained in:
Sergey Krashevich
@@ -580,11 +580,19 @@ api:
|
||||
base_path: "/rtc" # default "", API prefix for serve on suburl (/api => /rtc/api)
|
||||
static_dir: "www" # default "", folder for static files (custom web interface)
|
||||
origin: "*" # default "", allow CORS requests (only * supported)
|
||||
tls_listen: ":1985" # default "", HTTPS port
|
||||
tls_cert: | # default "". PEM-encoded fullchain certificate for https
|
||||
-----BEGIN CERTIFICATE-----
|
||||
.....
|
||||
-----END CERTIFICATE-----
|
||||
tls_private_key: | # default "". PEM-encoded private key for https
|
||||
-----BEGIN PRIVATE KEY-----
|
||||
.....
|
||||
-----END PRIVATE KEY-----
|
||||
```
|
||||
|
||||
**PS:**
|
||||
|
||||
- go2rtc doesn't provide HTTPS. Use [Nginx](https://nginx.org/) or [Ngrok](#module-ngrok) or [Home Assistant Add-on](#go2rtc-home-assistant-add-on) for this tasks
|
||||
- MJPEG over WebSocket plays better than native MJPEG because Chrome [bug](https://bugs.chromium.org/p/chromium/issues/detail?id=527446)
|
||||
- MP4 over WebSocket was created only for Apple iOS because it doesn't support MSE and native MP4
|
||||
|
||||
|
||||
@@ -1,6 +1,7 @@
|
||||
package api
|
||||
|
||||
import (
|
||||
"crypto/tls"
|
||||
"encoding/json"
|
||||
"github.com/AlexxIT/go2rtc/cmd/app"
|
||||
"github.com/rs/zerolog"
|
||||
@@ -21,6 +22,9 @@ func Init() {
|
||||
BasePath string `yaml:"base_path"`
|
||||
StaticDir string `yaml:"static_dir"`
|
||||
Origin string `yaml:"origin"`
|
||||
TLSListen string `yaml:"tls_listen"`
|
||||
TLSCert string `yaml:"tls_cert"`
|
||||
TLSPrivateKey string `yaml:"tls_private_key"`
|
||||
} `yaml:"api"`
|
||||
}
|
||||
|
||||
@@ -75,6 +79,37 @@ func Init() {
|
||||
log.Fatal().Err(err).Msg("[api] serve")
|
||||
}
|
||||
}()
|
||||
|
||||
// Initialize the HTTPS server
|
||||
if cfg.Mod.TLSListen != "" {
|
||||
tlsConfig := &tls.Config{}
|
||||
if cfg.Mod.TLSCert != "" && cfg.Mod.TLSPrivateKey != "" {
|
||||
tlsListener, err := net.Listen("tcp", cfg.Mod.TLSListen)
|
||||
if err != nil {
|
||||
log.Fatal().Err(err).Msg("[api] tls listen")
|
||||
return
|
||||
}
|
||||
log.Info().Str("addr", cfg.Mod.TLSListen).Msg("[api] tls listen")
|
||||
|
||||
cert, err := tls.X509KeyPair([]byte(cfg.Mod.TLSCert), []byte(cfg.Mod.TLSPrivateKey))
|
||||
if err != nil {
|
||||
print(cfg.Mod.TLSCert)
|
||||
log.Fatal().Err(err).Msg("[api] tls load cert/key")
|
||||
return
|
||||
}
|
||||
tlsConfig.Certificates = []tls.Certificate{cert}
|
||||
|
||||
tlsServer := &http.Server{
|
||||
Handler: Handler,
|
||||
TLSConfig: tlsConfig,
|
||||
}
|
||||
go func() {
|
||||
if err := tlsServer.ServeTLS(tlsListener, "", ""); err != nil {
|
||||
log.Fatal().Err(err).Msg("[api] tls serve")
|
||||
}
|
||||
}()
|
||||
}
|
||||
}
|
||||
}
|
||||
|
||||
var Handler http.Handler
|
||||
|
||||
Reference in New Issue
Block a user