Implement TLS support for WebSocket connections in yourchat2. Updated main.rs to handle secure WebSocket connections based on environment variables. Enhanced install-systemd.sh to include a template for environment configuration. Updated README to document new TLS-related environment variables and installation instructions.

2026-03-04 17:42:47 +01:00
parent 0037ac5c28
commit aca290f1d0
6 changed files with 331 additions and 18 deletions
--- a/config/yourchat2.env.example
+++ b/config/yourchat2.env.example
@@ -0,0 +1,21 @@
+# yourchat2 standard environment configuration
+
+# Network bindings
+CHAT_WS_ADDR=0.0.0.0:1235
+CHAT_TCP_ADDR=127.0.0.1:1236
+# CHAT_UNIX_SOCKET=/run/yourchat2/yourchat2.sock
+
+# Enable direct WSS on CHAT_WS_ADDR (TLS in daemon itself)
+# CHAT_WS_TLS=true
+# CHAT_TLS_CERT_PATH=/etc/letsencrypt/live/www.your-part.de/fullchain.pem
+# CHAT_TLS_KEY_PATH=/etc/letsencrypt/live/www.your-part.de/privkey.pem
+
+# Optional user allowlist (comma-separated)
+# CHAT_ALLOWED_USERS=alice,bob,carol
+
+# Database authentication and room metadata
+# CHAT_DB_URL=postgres://user:pass@127.0.0.1:5432/yourchat
+
+# Required if encrypted birthdate values are used in DB
+# Must match the key from the legacy system.
+# SECRET_KEY=replace-with-real-secret