From e740e8198cf03ecdc976261c1f4d9a5177ceef40 Mon Sep 17 00:00:00 2001
From: Ayman Bagabas <ayman.bagabas@gmail.com>
Date: Fri, 31 Mar 2023 11:09:34 -0400
Subject: [PATCH] feat(http): use tls keys when provided

---
 server/config/config.go | 6 ++++++
 server/config/file.go   | 6 ++++++
 server/http.go          | 3 +++
 3 files changed, 15 insertions(+)

diff --git a/server/config/config.go b/server/config/config.go
index 649ff70929e8ad6edac925d33258944ecb5b5ecf..6a3d5610cdb2182c93d02607ea9f67d98a81cc10 100644
--- a/server/config/config.go
+++ b/server/config/config.go
@@ -51,6 +51,12 @@ type HTTPConfig struct {
 	// ListenAddr is the address on which the HTTP server will listen.
 	ListenAddr string `env:"LISTEN_ADDR" yaml:"listen_addr"`
 
+	// TLSKeyPath is the path to the TLS private key.
+	TLSKeyPath string `env:"TLS_KEY_PATH" yaml:"tls_key_path"`
+
+	// TLSCertPath is the path to the TLS certificate.
+	TLSCertPath string `env:"TLS_CERT_PATH" yaml:"tls_cert_path"`
+
 	// PublicURL is the public URL of the HTTP server.
 	PublicURL string `env:"PUBLIC_URL" yaml:"public_url"`
 }
diff --git a/server/config/file.go b/server/config/file.go
index 00baa13154babf334df97282b6bbbf121e8f5644..932b8063700bb17ceb19649583530f02c596ae4c 100644
--- a/server/config/file.go
+++ b/server/config/file.go
@@ -54,6 +54,12 @@ http:
   # The address on which the HTTP server will listen.
   listen_addr: "{{ .HTTP.ListenAddr }}"
 
+  # The relative path to the TLS private key.
+  tls_key_path: "{{ .HTTP.TLSKeyPath }}"
+
+  # The relative path to the TLS certificate.
+  tls_cert_path: "{{ .HTTP.TLSCertPath }}"
+
   # The public URL of the HTTP server.
   # This is the address will be used to clone repositories.
   public_url: "{{ .HTTP.PublicURL }}"
diff --git a/server/http.go b/server/http.go
index f36e041cf0e6aade521aab563c8897811280b3de..2ac99b5e497db0ceb1d954a0a23801caa7d5f733 100644
--- a/server/http.go
+++ b/server/http.go
@@ -105,6 +105,9 @@ func (s *HTTPServer) Close() error {
 
 // ListenAndServe starts the HTTP server.
 func (s *HTTPServer) ListenAndServe() error {
+	if s.cfg.HTTP.TLSKeyPath != "" && s.cfg.HTTP.TLSCertPath != "" {
+		return s.server.ListenAndServeTLS(s.cfg.HTTP.TLSCertPath, s.cfg.HTTP.TLSKeyPath)
+	}
 	return s.server.ListenAndServe()
 }