From 7180ddcfbcb17e3c5bd5fc6a4ed9240f9e922c41 Mon Sep 17 00:00:00 2001 From: "Ricardo (XenGi) Band" Date: Wed, 20 Aug 2025 17:55:35 +0200 Subject: [PATCH] better test certs --- .gitignore | 3 +-- Dockerfile | 3 ++- Makefile | 12 +++++++++++- README.md | 15 ++++++++++++++- config.ini | 8 ++++---- flake.nix | 1 + 6 files changed, 33 insertions(+), 9 deletions(-) diff --git a/.gitignore b/.gitignore index 237e508..78b9ef6 100644 --- a/.gitignore +++ b/.gitignore @@ -1,8 +1,7 @@ sanic result # self-signed certs for testing -cert.pem -key.pem +*.pem # test files *.mp3 diff --git a/Dockerfile b/Dockerfile index 2c1e850..1e45346 100644 --- a/Dockerfile +++ b/Dockerfile @@ -1,4 +1,4 @@ -FROM docker.io/golang:1.22 as builder +FROM docker.io/golang:alpine as builder WORKDIR /usr/src/app @@ -18,5 +18,6 @@ COPY --from=builder /usr/src/app/sanic /sanic COPY --from=builder /usr/src/app/static /static EXPOSE 8080 +EXPOSE 8443 ENTRYPOINT ["/sanic"] diff --git a/Makefile b/Makefile index 2a89362..3c9b9e9 100644 --- a/Makefile +++ b/Makefile @@ -10,6 +10,10 @@ mpd: ## Run mpd test instance touch /tmp/${PROJECT}/mpd_db mpd --no-daemon ./mpd.conf +.PHONY: tls +tls: localhost+2.pem localhost+2-key.pem ## Create certificate and key for HTTPS + mkcert -ecdsa localhost 127.0.0.1 ::1 + run: build ## Run project ./${PROJECT} @@ -42,7 +46,13 @@ build-container: ## Build container image podman build --tag ${PROJECT}:latest . run-container: build-container ## Run container image - podman run --rm --volume ./config.ini:/config.ini --publish-all ${PROJECT}:latest + podman run --rm \ + --volume ./config.ini:/config.ini \ + --volume ./localhost+2.pem:/localhost+2.pem \ + --volume ./localhost+2-key.pem:/localhost+2-key.pem \ + --publish 8080:8080 \ + --publish 8443:8443 \ + ${PROJECT}:latest help: ## Display this help @grep -h -E '^[a-zA-Z_-]+:.*?## .*$$' $(MAKEFILE_LIST) | awk 'BEGIN {FS = ":.*?## "}; {printf "\033[36m%-30s\033[0m %s\n", $$1, $$2}' diff --git a/README.md b/README.md index e8eb686..d79a228 100644 --- a/README.md +++ b/README.md @@ -41,7 +41,19 @@ Example flake setup (untested): nixosConfigurations."myhostname".nixpkgs.lib.nixosSystem = { inherit system; modules = [ - { environment.systemPackages = [ sanic.packages.${system}.default ]; } + { sanic.nixosModules.default } + { services.sanic = { + ui = { + host = "[::1]"; + port = 8080; + tls = false; + }; + backend = { + host = "localhost"; + port = 6600; + }; + }; + } ]; }; }; @@ -125,3 +137,4 @@ Made with ❤️ and ![golang logo][golang]. [golang]: https://go.dev/images/favicon-gopher.svg [mpd]: https://musicpd.org/ [mpc]: https://www.musicpd.org/clients/mpc/ + diff --git a/config.ini b/config.ini index 631e751..e9f5109 100644 --- a/config.ini +++ b/config.ini @@ -5,8 +5,8 @@ port = 6600 #pasword = [ui] -hostname = [::1] -port = 443 +hostname = 0.0.0.0 +port = 8443 tls = yes -cert = cert.pem -key = key.pem +cert = localhost+2.pem +key = localhost+2-key.pem diff --git a/flake.nix b/flake.nix index 38facd4..80aa871 100644 --- a/flake.nix +++ b/flake.nix @@ -33,6 +33,7 @@ packages = with pkgs; [ mpd mpc-cli + mkcert ]; }; packages.default = sanic;