feat: [#426] add TSL info to the [net] section in the config toml file

```toml [net] port = 3001 [net.tsl] ssl_cert_path = "./storage/index/lib/tls/localhost.crt" ssl_key_path = "./storage/index/lib/tls/localhost.key" ``` ```json { "net": { "port": 3001, "tsl": { "ssl_cert_path": "./storage/index/lib/tls/localhost.crt", "ssl_key_path": "./storage/index/lib/tls/localhost.key" } } } ``` The TSL configuration is optional, but if you have that table (dict), it must contain the fields. This is an invalid configuration: ``` [net.tsl] ssl_cert_path = "" ssl_key_path = "" ``` See torrust/torrust-tracker#853.
torrust · May 15, 2024 · 969ffff · 969ffff
1 parent 5d82968
commit 969ffff
Show file tree

Hide file tree

Showing 2 changed files with 43 additions and 9 deletions.
diff --git a/share/default/config/index.development.sqlite3.toml b/share/default/config/index.development.sqlite3.toml
@@ -4,19 +4,23 @@ log_level = "info"
 name = "Torrust"
 
 [tracker]
-url = "udp://localhost:6969"
-mode = "Public"
 api_url = "http://localhost:1212"
+mode = "Public"
 token = "MyAccessToken"
 token_valid_seconds = 7257600
+url = "udp://localhost:6969"
 
 [net]
 port = 3001
 
+#[net.tsl]
+#ssl_cert_path = "./storage/index/lib/tls/localhost.crt"
+#ssl_key_path = "./storage/index/lib/tls/localhost.key"
+
 [auth]
 email_on_signup = "Optional"
-min_password_length = 6
 max_password_length = 64
+min_password_length = 6
 secret_key = "MaxVerstappenWC2021"
 
 [database]
@@ -25,23 +29,23 @@ connect_url = "sqlite://data.db?mode=rwc"
 [mail]
 email_verification_enabled = false
 from = "[email protected]"
-reply_to = "[email protected]"
-username = ""
 password = ""
-server = ""
 port = 25
+reply_to = "[email protected]"
+server = ""
+username = ""
 
 [image_cache]
-max_request_timeout_ms = 1000
 capacity = 128000000
 entry_size_limit = 4000000
-user_quota_period_seconds = 3600
+max_request_timeout_ms = 1000
 user_quota_bytes = 64000000
+user_quota_period_seconds = 3600
 
 [api]
 default_torrent_page_size = 10
 max_torrent_page_size = 30
 
 [tracker_statistics_importer]
+port = 3002
 torrent_info_update_interval = 3600
-port = 3002
diff --git a/src/config.rs b/src/config.rs
@@ -3,9 +3,11 @@ use std::path::Path;
 use std::sync::Arc;
 use std::{env, fs};
 
+use camino::Utf8PathBuf;
 use config::{Config, ConfigError, File, FileFormat};
 use log::warn;
 use serde::{Deserialize, Serialize};
+use serde_with::{serde_as, NoneAsEmptyString};
 use thiserror::Error;
 use tokio::sync::RwLock;
 use torrust_index_located_error::{Located, LocatedError};
@@ -216,13 +218,16 @@ pub struct Network {
     /// The base URL for the API. For example: `http://localhost`.
     /// If not set, the base URL will be inferred from the request.
     pub base_url: Option<String>,
+    /// TSL configuration.
+    pub tsl: Option<Tsl>,
 }
 
 impl Default for Network {
     fn default() -> Self {
         Self {
             port: 3001,
             base_url: None,
+            tsl: None,
         }
     }
 }
@@ -394,6 +399,31 @@ impl Default for ImageCache {
     }
 }
 
+#[serde_as]
+#[derive(Serialize, Deserialize, PartialEq, Eq, Debug, Clone, Default)]
+pub struct Tsl {
+    /// Path to the SSL certificate file.
+    #[serde_as(as = "NoneAsEmptyString")]
+    #[serde(default = "Tsl::default_ssl_cert_path")]
+    pub ssl_cert_path: Option<Utf8PathBuf>,
+    /// Path to the SSL key file.
+    #[serde_as(as = "NoneAsEmptyString")]
+    #[serde(default = "Tsl::default_ssl_key_path")]
+    pub ssl_key_path: Option<Utf8PathBuf>,
+}
+
+impl Tsl {
+    #[allow(clippy::unnecessary_wraps)]
+    fn default_ssl_cert_path() -> Option<Utf8PathBuf> {
+        Some(Utf8PathBuf::new())
+    }
+
+    #[allow(clippy::unnecessary_wraps)]
+    fn default_ssl_key_path() -> Option<Utf8PathBuf> {
+        Some(Utf8PathBuf::new())
+    }
+}
+
 /// The whole configuration for the index.
 #[derive(Debug, Default, Clone, Serialize, Deserialize)]
 pub struct TorrustIndex {