Add support for https endpoint

cmd/smoothmq/server/server.go

@@ -10,14 +10,14 @@ import (
 	"time"
 
 	"github.com/gofiber/fiber/v2"
-	"github.com/gofiber/fiber/v2/middleware/adaptor"
 	"github.com/poundifdef/smoothmq/config"
 	"github.com/poundifdef/smoothmq/dashboard"
+	"github.com/poundifdef/smoothmq/metrics"
 	"github.com/poundifdef/smoothmq/models"
 	"github.com/poundifdef/smoothmq/protocols/sqs"
 	"github.com/poundifdef/smoothmq/queue/sqlite"
 	"github.com/poundifdef/smoothmq/tenants/defaultmanager"
-	"github.com/prometheus/client_golang/prometheus/promhttp"
+	"github.com/poundifdef/smoothmq/web"
 )
 
 func recordTelemetry(message string, disabled bool) {
@@ -58,8 +58,9 @@ func Run(tm models.TenantManager, queue models.Queue, cfg config.ServerCommand)
 		queue = sqlite.NewSQLiteQueue(cfg.SQLite)
 	}
 
-	dashboardServer := dashboard.NewDashboard(queue, tm, cfg.Dashboard)
-	sqsServer := sqs.NewSQS(queue, tm, cfg.SQS)
+	dashboardServer := dashboard.NewDashboard(queue, tm, cfg.Dashboard, cfg.TLS)
+	sqsServer := sqs.NewSQS(queue, tm, cfg.SQS, cfg.TLS)
+	metricsServer := metrics.NewMetrics(cfg.Metrics, cfg.TLS)
 
 	c := make(chan os.Signal, 1)
 	signal.Notify(c, os.Interrupt, syscall.SIGTERM)
@@ -73,47 +74,51 @@ func Run(tm models.TenantManager, queue models.Queue, cfg config.ServerCommand)
 			sqsServer.Start()
 		}()
 
-		if cfg.Metrics.PrometheusEnabled {
-			fmt.Printf("Prometheus metrics: http://localhost:%d%s\n", cfg.Metrics.PrometheusPort, cfg.Metrics.PrometheusPath)
-			go func() {
-				http.Handle(cfg.Metrics.PrometheusPath, promhttp.Handler())
-				http.ListenAndServe(fmt.Sprintf(":%d", cfg.Metrics.PrometheusPort), nil)
-			}()
-		}
+		go func() {
+			metricsServer.Start()
+		}()
 
 		<-c // This blocks the main thread until an interrupt is received
 		fmt.Println("Gracefully shutting down...")
 
 		dashboardServer.Stop()
 		sqsServer.Stop()
+		metricsServer.Stop()
 	} else {
 		app := fiber.New(fiber.Config{
 			DisableStartupMessage: true,
 		})
 
-		if cfg.Dashboard.Enabled {
-			app.Mount("/", dashboardServer.App)
-			fmt.Printf("Dashboard http://localhost:%d\n", cfg.Port)
-		}
-
 		if cfg.SQS.Enabled {
-			app.Mount("/sqs", sqsServer.App)
-			fmt.Printf("SQS Endpoint http://localhost:%d/sqs\n", cfg.Port)
+			sqsServer.App.Port = cfg.Port
+			sqsServer.App.Path = "/sqs"
+			app.Mount("/sqs", sqsServer.App.FiberApp)
+			sqsServer.App.OutputPort()
 		}
 
 		if cfg.Metrics.PrometheusEnabled {
-			app.Group("/metrics", adaptor.HTTPHandler(promhttp.Handler()))
-			fmt.Printf("Prometheus http://localhost:%d/metrics\n", cfg.Port)
+			// "/metrics" is the standard path for prometheus - no need to add it here
+			app.Mount("", metricsServer.App.FiberApp)
+			metricsServer.App.Port = cfg.Port
+			metricsServer.App.OutputPort()
+		}
+
+		// This needs to go last to avoid confliciting with prometheus
+		if cfg.Dashboard.Enabled {
+			dashboardServer.App.Port = cfg.Port
+			app.Mount("/", dashboardServer.App.FiberApp)
+			dashboardServer.App.OutputPort()
 		}
 
+		web_app := web.Web{FiberApp: app, TLS: cfg.TLS, Port: cfg.Port}
 		go func() {
-			app.Listen(fmt.Sprintf(":%d", cfg.Port))
+			web_app.Start()
 		}()
 
 		<-c // This blocks the main thread until an interrupt is received
 		fmt.Println("Gracefully shutting down...")
 
-		app.Shutdown()
+		web_app.Stop()
 	}
 
 	queue.Shutdown()

config.yaml

@@ -7,6 +7,12 @@ server:
       - accesskey: DEV_ACCESS_KEY_ID
         secretkey: DEV_SECRET_ACCESS_KEY
 
+# Allow for tls based servers
+#  tls:
+#    cert: /shared/ssl-certs/bundle.pem
+#    private-key: /shared/ssl-certs/pk.pem
+
+
   dashboard:
     enabled: true
     port: 3000

config/config.go

@@ -29,6 +29,7 @@ type TesterCommand struct {
 
 type ServerCommand struct {
 	SQS       SQSConfig       `embed:"" prefix:"sqs-" envprefix:"Q_SQS_"`
+	TLS       TLSConfig       `embed:"" prefix:"tls-" envprefix:"Q_TLS_"`
 	Dashboard DashboardConfig `embed:"" prefix:"dashboard-" envprefix:"Q_DASHBOARD_"`
 	SQLite    SQLiteConfig    `embed:"" prefix:"sqlite-" envprefix:"Q_SQLITE_"`
 	Metrics   MetricsConfig   `embed:"" prefix:"metrics-" name:"metrics" envprefix:"Q_METRICS_"`
@@ -64,6 +65,11 @@ type SQSConfig struct {
 	EndpointOverride string   `name:"endpoint-override" default:"" env:"ENDPOINT_OVERRIDE" help:"Endpoint to advertise in queue URLs. Defaults to HTTP hostname."`
 }
 
+type TLSConfig struct {
+	Cert       string `name:"cert" default:"" env:"CERT" help:"TLS Certificate"`
+	PrivateKey string `name:"private-key" default:"" env:"PRIVATE_KEY" help:"TLS Private Key"`
+}
+
 type AWSKey struct {
 	AccessKey string `name:"accesskey"`
 	SecretKey string `name:"secretkey"`

dashboard/dashboard.go

@@ -5,14 +5,14 @@ import (
 	"encoding/base64"
 	"encoding/json"
 	"errors"
-	"fmt"
 	"io/fs"
 	"net/http"
 	"strconv"
 	"strings"
 
 	"github.com/poundifdef/smoothmq/config"
 	"github.com/poundifdef/smoothmq/models"
+	"github.com/poundifdef/smoothmq/web"
 
 	"github.com/rs/zerolog/log"
 
@@ -26,15 +26,15 @@ import (
 var viewsfs embed.FS
 
 type Dashboard struct {
-	App *fiber.App
+	App *web.Web
 
 	queue         models.Queue
 	tenantManager models.TenantManager
 
 	cfg config.DashboardConfig
 }
 
-func NewDashboard(queue models.Queue, tenantManager models.TenantManager, cfg config.DashboardConfig) *Dashboard {
+func NewDashboard(queue models.Queue, tenantManager models.TenantManager, cfg config.DashboardConfig, tls config.TLSConfig) *Dashboard {
 	var engine *html.Engine
 
 	if cfg.Dev {
@@ -75,7 +75,6 @@ func NewDashboard(queue models.Queue, tenantManager models.TenantManager, cfg co
 	}
 
 	d := &Dashboard{
-		App:           app,
 		queue:         queue,
 		tenantManager: tenantManager,
 		cfg:           cfg,
@@ -90,6 +89,12 @@ func NewDashboard(queue models.Queue, tenantManager models.TenantManager, cfg co
 	app.Post("/queues/:queue/delete", d.DeleteQueue)
 	app.Get("/queues/:queue/messages/:message", d.Message)
 
+	d.App = &web.Web{
+		FiberApp: app,
+		Port:     cfg.Port,
+		TLS:      tls,
+		Type:     "Dashboard"}
+
 	return d
 }
 
@@ -98,13 +103,12 @@ func (d *Dashboard) Start() error {
 		return nil
 	}
 
-	fmt.Printf("Dashboard: http://localhost:%d\n", d.cfg.Port)
-	return d.App.Listen(fmt.Sprintf(":%d", d.cfg.Port))
+	return d.App.Start()
 }
 
 func (d *Dashboard) Stop() error {
 	if d.cfg.Enabled {
-		return d.App.Shutdown()
+		return d.App.Stop()
 	}
 
 	return nil

metrics/metrics.go

@@ -0,0 +1,53 @@
+package metrics
+
+import (
+	"github.com/poundifdef/smoothmq/config"
+	"github.com/poundifdef/smoothmq/web"
+	"github.com/prometheus/client_golang/prometheus/promhttp"
+
+	"github.com/gofiber/fiber/v2"
+	"github.com/gofiber/fiber/v2/middleware/adaptor"
+)
+
+type Metrics struct {
+	App *web.Web
+
+	cfg config.MetricsConfig
+}
+
+func NewMetrics(cfg config.MetricsConfig, tls config.TLSConfig) *Metrics {
+	app := fiber.New(fiber.Config{
+		DisableStartupMessage: true,
+	})
+
+	m := &Metrics{
+		cfg: cfg,
+	}
+
+	m.App = &web.Web{
+		FiberApp: app,
+		Path:     "/metrics",
+		Port:     cfg.PrometheusPort,
+		TLS:      tls,
+		Type:     "Prometheus Metrics"}
+
+	m.App.FiberApp.Group(m.App.Path, adaptor.HTTPHandler(promhttp.Handler()))
+
+	return m
+}
+
+func (m *Metrics) Start() error {
+	if !m.cfg.PrometheusEnabled {
+		return nil
+	}
+
+	return m.App.Start()
+}
+
+func (m *Metrics) Stop() error {
+	if m.cfg.PrometheusEnabled {
+		return m.App.Stop()
+	}
+
+	return nil
+}

protocols/sqs/sqs.go

@@ -32,6 +32,7 @@ import (
 
 	"github.com/poundifdef/smoothmq/config"
 	"github.com/poundifdef/smoothmq/models"
+	"github.com/poundifdef/smoothmq/web"
 	"github.com/prometheus/client_golang/prometheus"
 	"github.com/prometheus/client_golang/prometheus/promauto"
 	"github.com/tidwall/gjson"
@@ -46,7 +47,7 @@ import (
 )
 
 type SQS struct {
-	App           *fiber.App
+	App           *web.Web
 	queue         models.Queue
 	tenantManager models.TenantManager
 
@@ -70,7 +71,7 @@ var requestStatus = promauto.NewCounterVec(
 	[]string{"tenant_id", "aws_method", "status"},
 )
 
-func NewSQS(queue models.Queue, tenantManager models.TenantManager, cfg config.SQSConfig) *SQS {
+func NewSQS(queue models.Queue, tenantManager models.TenantManager, cfg config.SQSConfig, tls config.TLSConfig) *SQS {
 	s := &SQS{
 		queue:         queue,
 		tenantManager: tenantManager,
@@ -91,7 +92,11 @@ func NewSQS(queue models.Queue, tenantManager models.TenantManager, cfg config.S
 	app.Use(s.authMiddleware)
 	app.Post("/*", s.Action)
 
-	s.App = app
+	s.App = &web.Web{
+		FiberApp: app,
+		Port:     cfg.Port,
+		TLS:      tls,
+		Type:     "SQS Endpoint"}
 
 	return s
 }
@@ -135,14 +140,14 @@ func (s *SQS) Start() error {
 		return nil
 	}
 
-	fmt.Printf("SQS Endpoint: http://localhost:%d\n", s.cfg.Port)
-	return s.App.Listen(fmt.Sprintf(":%d", s.cfg.Port))
+	return s.App.Start()
 }
 
 func (s *SQS) Stop() error {
 	if s.cfg.Enabled {
-		return s.App.Shutdown()
+		return s.App.Stop()
 	}
+
 	return nil
 }
 

web/web.go

@@ -0,0 +1,56 @@
+package web
+
+import (
+	"crypto/tls"
+	"fmt"
+
+	"github.com/gofiber/fiber/v2"
+	"github.com/poundifdef/smoothmq/config"
+)
+
+type Web struct {
+	FiberApp *fiber.App
+	Path     string
+	Port     int
+	TLS      config.TLSConfig
+	Type     string
+}
+
+func (w *Web) Start() error {
+	port := fmt.Sprintf(":%d", w.Port)
+
+	if w.TLS.Cert != "" {
+		cer, err := tls.LoadX509KeyPair(w.TLS.Cert, w.TLS.PrivateKey)
+		if err != nil {
+			panic(err)
+		}
+
+		tlsCfg := &tls.Config{Certificates: []tls.Certificate{cer}}
+
+		listener, err := tls.Listen("tcp", port, tlsCfg)
+		if err != nil {
+			panic(err)
+		}
+
+		w.OutputPort()
+		return w.FiberApp.Listener(listener)
+	}
+
+	w.OutputPort()
+	return w.FiberApp.Listen(port)
+}
+
+func (w *Web) Stop() error {
+	return w.FiberApp.Shutdown()
+}
+
+func (w *Web) OutputPort() {
+	if w.Type != "" {
+		scheme := "http"
+		if w.TLS.Cert != "" {
+			scheme = "https"
+		}
+
+		fmt.Printf("%18s: %s://localhost:%d%s\n", w.Type, scheme, w.Port, w.Path)
+	}
+}