better test certs

2025-08-20 17:55:35 +02:00 · 2025-08-20 17:55:35 +02:00 · 7180ddcfbc
parent bbf56ec34e
commit 7180ddcfbc
6 changed files with 33 additions and 9 deletions
--- a/.gitignore
+++ b/.gitignore
@ -1,8 +1,7 @@
 sanic
 result
 # self-signed certs for testing
-cert.pem
-key.pem
+*.pem
 # test files
 *.mp3

--- a/3
+++ b/3
@ -1,4 +1,4 @@
-FROM docker.io/golang:1.22 as builder
+FROM docker.io/golang:alpine as builder

 WORKDIR /usr/src/app

@ -18,5 +18,6 @@ COPY --from=builder /usr/src/app/sanic /sanic
 COPY --from=builder /usr/src/app/static /static

 EXPOSE 8080
+EXPOSE 8443

 ENTRYPOINT ["/sanic"]
--- a/12
+++ b/12
@ -10,6 +10,10 @@ mpd:  ## Run mpd test instance
 	touch /tmp/${PROJECT}/mpd_db
 	mpd --no-daemon ./mpd.conf

+.PHONY: tls
+tls: localhost+2.pem localhost+2-key.pem  ## Create certificate and key for HTTPS
+	mkcert -ecdsa localhost 127.0.0.1 ::1
+
 run: build  ## Run project
 	./${PROJECT}

@ -42,7 +46,13 @@ build-container:  ## Build container image
 	podman build --tag ${PROJECT}:latest .

 run-container: build-container  ## Run container image
-	podman run --rm --volume ./config.ini:/config.ini --publish-all ${PROJECT}:latest
+	podman run --rm \
+		--volume ./config.ini:/config.ini \
+		--volume ./localhost+2.pem:/localhost+2.pem \
+		--volume ./localhost+2-key.pem:/localhost+2-key.pem \
+		--publish 8080:8080 \
+		--publish 8443:8443 \
+		${PROJECT}:latest

 help: ## Display this help
 	@grep -h -E '^[a-zA-Z_-]+:.*?## .*$$' $(MAKEFILE_LIST) | awk 'BEGIN {FS = ":.*?## "}; {printf "\033[36m%-30s\033[0m %s\n", $$1, $$2}'
--- a/README.md
+++ b/README.md
@ -41,7 +41,19 @@ Example flake setup (untested):
    nixosConfigurations."myhostname".nixpkgs.lib.nixosSystem = {
      inherit system;
      modules = [
-        { environment.systemPackages = [ sanic.packages.${system}.default ]; }
+        { sanic.nixosModules.default }
+        { services.sanic = {
+            ui = {
+              host = "[::1]";
+              port = 8080;
+              tls = false;
+            };
+            backend = {
+              host = "localhost";
+              port = 6600;
+            };
+          };
+        }
      ];
    };
  };
@ -125,3 +137,4 @@ Made with ❤️ and ![golang logo][golang].
 [golang]: https://go.dev/images/favicon-gopher.svg
 [mpd]: https://musicpd.org/
 [mpc]: https://www.musicpd.org/clients/mpc/
+
--- a/config.ini
+++ b/config.ini
@ -5,8 +5,8 @@ port = 6600
 #pasword =

 [ui]
-hostname = [::1]
-port = 443
+hostname = 0.0.0.0
+port = 8443
 tls = yes
-cert = cert.pem
-key = key.pem
+cert = localhost+2.pem
+key = localhost+2-key.pem
--- a/flake.nix
+++ b/flake.nix
@ -33,6 +33,7 @@
        packages = with pkgs; [
          mpd
          mpc-cli
+          mkcert
        ];
      };
      packages.default = sanic;