🔒 Added TLS support

internal/cmd/home/home.go

@@ -198,12 +198,8 @@ func NewApp(logger *log.Logger, config *domain.Config) (*App, error) {
 	})
 	chain := middleware.Chain{
 		middleware.LogFmt(),
-		middleware.Redirect(middleware.RedirectConfig{
-			Serverer: serverer,
-		}),
-		middleware.Header(middleware.HeaderConfig{
-			Serverer: serverer,
-		}),
+		middleware.Redirect(middleware.RedirectConfig{Serverer: serverer}),
+		middleware.Header(middleware.HeaderConfig{Serverer: serverer}),
 	}
 
 	return &App{server: &http.Server{

internal/domain/config.go

@@ -13,6 +13,8 @@ type Config struct {
 	Host       string `env:"HOST" envDefault:"0.0.0.0"`
 	ThemeDir   string `env:"THEME_DIR" envDefault:"theme"`
 	StaticDir  string `env:"STATIC_DIR" envDefault:"static"`
+	CertKey    string `env:"CERT_KEY"`
+	CertFile   string `env:"CERT_FILE"`
 	Port       uint16 `env:"PORT" envDefault:"3000"`
 }
 

main.go

@@ -6,9 +6,11 @@ package main
 
 import (
 	"context"
+	"crypto/tls"
 	"errors"
 	"flag"
 	"log"
+	"net"
 	"os"
 	"os/signal"
 	"path/filepath"
@@ -40,6 +42,20 @@ func main() {
 		logger.Fatalln("cannot unmarshal configuration into domain:", err)
 	}
 
+	ln, err := net.Listen("tcp", config.AddrPort().String())
+	if err != nil {
+		logger.Fatalln("cannot listen requested address:", err)
+	}
+
+	if config.CertFile != "" && config.CertKey != "" {
+		cert, err := tls.LoadX509KeyPair(config.CertFile, config.CertKey)
+		if err != nil {
+			logger.Fatalln("cannot load certificate files from config:", err)
+		}
+
+		ln = tls.NewListener(ln, &tls.Config{Certificates: []tls.Certificate{cert}})
+	}
+
 	for _, dir := range []*string{
 		&config.ContentDir,
 		&config.ThemeDir,
@@ -90,7 +106,7 @@ func main() {
 	go func() {
 		logger.Printf("starting server on %d...", config.Port)
 
-		if err = app.Run(nil); err != nil {
+		if err = app.Run(ln); err != nil {
 			logger.Fatalln("cannot run app:", err)
 		}
 	}()