Second reverseproxy now handles incoming https requests

2015-03-30 12:57:07 -07:00 · 2015-03-30 12:57:07 -07:00 · 6562e6067c
commit 6562e6067c
parent 2e573f440a
4 changed files with 42 additions and 5 deletions
--- a/yesod-bin/Devel.hs
+++ b/yesod-bin/Devel.hs
@ -78,7 +78,8 @@ import           Network.HTTP.Types                    (status200, status503)
 import           Network.Socket                        (sClose)
 import           Network.Wai                           (responseLBS, requestHeaders)
 import           Network.Wai.Parse                     (parseHttpAccept)
-import           Network.Wai.Handler.Warp              (run)
+import           Network.Wai.Handler.Warp              (run, defaultSettings, setPort)
+import           Network.Wai.Handler.WarpTLS           (runTLS, tlsSettingsMemory)
 import           SrcLoc                                (Located)
 import           Data.FileEmbed        (embedFile)

@ -160,8 +161,7 @@ reverseProxy opts iappPort = do
                ]
                refreshHtml

-    let runProxy port =
-            run port $ waiProxyToSettings
+    let proxyApp = waiProxyToSettings
                (const $ do
                    appPort <- liftIO $ I.readIORef iappPort
                    return $
@ -175,8 +175,13 @@ reverseProxy opts iappPort = do
                            else Just (1000000 * proxyTimeout opts)
                    }
                manager
-    _ <- forkIO $ loop "https" (runProxy $ develTlsPort opts) `Ex.onException` exitFailure
-    loop "http" (runProxy $ develPort opts) `Ex.onException` exitFailure
+        runProxyTls port app = do
+          let cert = $(embedFile "certificate.pem")
+              key = $(embedFile "key.pem")
+              tlsSettings = tlsSettingsMemory cert key
+          runTLS tlsSettings (setPort port defaultSettings) app
+    _ <- forkIO $ loop "https" (runProxyTls (develTlsPort opts) proxyApp) `Ex.onException` exitFailure
+    loop "http" (run (develPort opts) proxyApp) `Ex.onException` exitFailure
  where
    loop label proxy = forever $ do
        void proxy
--- a/yesod-bin/certificate.pem
+++ b/yesod-bin/certificate.pem
@ -0,0 +1,15 @@
+-----BEGIN CERTIFICATE-----
+MIICWDCCAcGgAwIBAgIJAJG1ZMlcMDW6MA0GCSqGSIb3DQEBBQUAMEUxCzAJBgNV
+BAYTAkFVMRMwEQYDVQQIDApTb21lLVN0YXRlMSEwHwYDVQQKDBhJbnRlcm5ldCBX
+aWRnaXRzIFB0eSBMdGQwHhcNMTExMDIyMTk0MjU3WhcNMTExMTIxMTk0MjU3WjBF
+MQswCQYDVQQGEwJBVTETMBEGA1UECAwKU29tZS1TdGF0ZTEhMB8GA1UECgwYSW50
+ZXJuZXQgV2lkZ2l0cyBQdHkgTHRkMIGfMA0GCSqGSIb3DQEBAQUAA4GNADCBiQKB
+gQCfYZx7kV6ybogMyAf9MINm7Rwin5LKh+TpD1ZkbLgmqFVotQCdthgTK66SPXkx
+EXGI27biNzacJhX7Ml7/4o8sp2GslYKUO46DYvgi/nnNX/bzA5cDJSSGK11eQEVs
+p0GEZ/6Juhpx/oQwMDMgo0UHkiH8QtKI8ojXnFF2MsLNwIDAQABo1AwTjAdBgNV
+HQ4EFgQUaA6FbOj/0VJMb4egNyIDZ/ZNV/YwHwYDVR0jBBgwFoAUaA6FbOj/0VJM
+b4egNyIDZ/ZNV/YwDAYDVR0TBAUwAwEB/zANBgkqhkiG9w0BAQUFAAOBgQCTQyOk
+D86Z+yzedXjTLI6FT8QugmQne1YQ8P0w37P76z2reagSvNee2e9B1oTHoPeKZMs0
+k99oS9yJ/NOQ1Ms90P+q0yBVGxAs/gF65qKgE27YGXzNtNobj/D4OoxcFG+BsORw
+VvYSBV4FiVy9RwJsr7AMqkUBcOEPCuJHgTx58w==
+-----END CERTIFICATE-----
--- a/yesod-bin/key.pem
+++ b/yesod-bin/key.pem
@ -0,0 +1,15 @@
+-----BEGIN RSA PRIVATE KEY-----
+MIICXAIBAAKBgQCfYZx7kV6ybogMyAf9MINm7Rwin5LKh+TpD1ZkbLgmqFVotQCd
+thgTK66SPXkxEXGI27biNzacJhX7Ml7/4o8sp2GslYKUO46DYvgi/nnNX/bzA5cD
+JSSGK11eQEVs+p0GEZ/6Juhpx/oQwMDMgo0UHkiH8QtKI8ojXnFF2MsLNwIDAQAB
+AoGAR8pgAgjo7tZ60ccIUjOX/LSxB6d5J2Eu6wvNjk6qZD9OuWtOa7up/HigmZ63
+CDMjQNI2/o6AOrWtEQkPYZNbibuifzg5V517nHGSqkqjoIgesAiwEsoKpeOgGTtM
+MM08oHbJ9uOnDnEEnDBiE0iE3jCTDfmwjqDMpUhu9dZ1EAECQQDKVpzSSV3pzMOp
+ixNxMpYxzcE+4K9jgM+MlxPBJSQhVrg/cRQWb26cKBi8LdSxF23hQTsFr+8qLwid
+Ah2AgUOBAkEAyaaCjrNRCiHRpd6YzWZ6GKkxbUvxSuOKX3N7hDaE2OFzQTv2Li8B
+5mrCsXnSZtOG+MBFdHU66UYie1OzDSDKtwJAKMsvkOID0ihbZmpIwDC/wUjHZkLs
+eXY14hVvgShY0XPnb7r/nspWlZsr6Xyf/hhIKfr5yFrBMFMNPIJ5qjflgQJAWsyV
+YTgxN4S+6BdxapvIQq58ySA3CGeo+Q4BAimibB4oTal4UpdsHZrZDB00toRs9Dlv
+jN70pfGkuS+ZIkIvxQJBAKSf5qpXWp4oZcThkieAiMeAhG96xqRPXhPUxq6QF+YG
+T4PF1sjlpZwqy7C+2oF3BqLP09mCW7YkH9Jgnl1zDF8=
+-----END RSA PRIVATE KEY-----
--- a/yesod-bin/yesod-bin.cabal
+++ b/yesod-bin/yesod-bin.cabal
@ -17,6 +17,7 @@ extra-source-files:
  input/*.cg
  hsfiles/*.hsfiles
  ChangeLog.md
+  *.pem

 executable             yesod-ghc-wrapper
    main-is: ghcwrapper.hs
@ -87,6 +88,7 @@ executable             yesod
                     , wai-extra
                     , data-default-class
                     , streaming-commons
+                     , warp-tls

    ghc-options:       -Wall -threaded -rtsopts
    main-is:           main.hs