From e69dc686f0a1763040f794f4735e0deede9e68f9 Mon Sep 17 00:00:00 2001 From: Leonard Lorenz Date: Fri, 23 Oct 2020 00:55:27 +0200 Subject: [PATCH] added more SSL config flags --- doc/environment.md | 3 ++- site/src/main.rs | 11 +++++++---- 2 files changed, 9 insertions(+), 5 deletions(-) diff --git a/doc/environment.md b/doc/environment.md index 54c6566..af6e49f 100644 --- a/doc/environment.md +++ b/doc/environment.md @@ -4,4 +4,5 @@ - ROOT_PATH: path where html, static and database reside - SSL_PATH: path to SSL certificates containing key.pem and cert.pem - BIND_PORT: port to bind to - +- SSL_PRIV_NAME: private key for the certificate +- SSL_CERT_NAME: public key for the certificate (fullchain) diff --git a/site/src/main.rs b/site/src/main.rs index 2ad5f23..8d39ef0 100644 --- a/site/src/main.rs +++ b/site/src/main.rs @@ -10,22 +10,25 @@ extern crate tera; use actix_files as fs; use actix_web::{App, HttpServer}; +use config::get_from_env; use openssl::ssl::{SslAcceptor, SslFiletype, SslMethod}; #[actix_web::main] async fn main() -> std::io::Result<()> { HttpServer::new(|| { - let root_path = config::get_from_env("ROOT_PATH", true); + let root_path = get_from_env("ROOT_PATH", true); let mut builder = SslAcceptor::mozilla_intermediate(SslMethod::tls()).unwrap(); builder .set_private_key_file( - config::get_from_env("SSL_PATH", true) + "/key.pem", + get_from_env("SSL_PATH", true) + &get_from_env("SSL_PRIV_NAME", true), SslFiletype::PEM, ) .unwrap(); builder - .set_certificate_chain_file(config::get_from_env("SSL_PATH", true) + "/cert.pem") + .set_certificate_chain_file( + get_from_env("SSL_PATH", true) + &get_from_env("SSL_CERT_NAME", true), + ) .unwrap(); App::new() @@ -37,7 +40,7 @@ async fn main() -> std::io::Result<()> { .service(routes::blog_new_post) .service(fs::Files::new("/static", root_path + "/static")) }) - .bind(String::from("localhost:") + &config::get_from_env("BIND_PORT", true))? + .bind(String::from("localhost:") + &get_from_env("BIND_PORT", true))? .run() .await }