torsten/yourpart3
1
0
Fork 0
Code Issues 1 Pull Requests Actions Packages Projects Releases Wiki Activity

Implement TLS support in WebSocket server for secure connections

Browse Source 
- Added environment variable configuration for enabling TLS in the WebSocket server.
- Implemented logic to read TLS key, certificate, and optional CA paths from environment variables.
- Enhanced server initialization to handle both secure (WSS) and non-secure (WS) connections based on the TLS setting.
- Included error handling for missing TLS configuration to prevent server startup failures.
This commit is contained in:
Torsten Schulz (local)
2026-01-05 16:06:37 +01:00
parent 352d672bdd
commit 8e618ab443
1 changed files with 26 additions and 3 deletions
Download Patch File Download Diff File Expand all files Collapse all files

29
backend/daemonServer.js
View File

@@ -1,14 +1,37 @@
import WebSocket, { WebSocketServer } from 'ws'; import WebSocket, { WebSocketServer } from 'ws';
import https from 'https';
import fs from 'fs';
const PORT = 4551; const PORT = Number.parseInt(process.env.DAEMON_PORT || '4551', 10);
const USE_TLS = process.env.DAEMON_TLS === '1';
const TLS_KEY_PATH = process.env.DAEMON_TLS_KEY_PATH;
const TLS_CERT_PATH = process.env.DAEMON_TLS_CERT_PATH;
const TLS_CA_PATH = process.env.DAEMON_TLS_CA_PATH; // optional
// Einfache In-Memory-Struktur für Verbindungen (für spätere Erweiterungen) // Einfache In-Memory-Struktur für Verbindungen (für spätere Erweiterungen)
const connections = new Set(); const connections = new Set();
function createServer() { function createServer() {
const wss = new WebSocketServer({ port: PORT }); let wss;
console.log(`[Daemon] WebSocket-Server startet auf Port ${PORT} ...`); if (USE_TLS) {
if (!TLS_KEY_PATH || !TLS_CERT_PATH) {
console.error('[Daemon] DAEMON_TLS=1 gesetzt, aber DAEMON_TLS_KEY_PATH/DAEMON_TLS_CERT_PATH fehlen.');
process.exit(1);
}
const httpsServer = https.createServer({
key: fs.readFileSync(TLS_KEY_PATH),
cert: fs.readFileSync(TLS_CERT_PATH),
ca: TLS_CA_PATH ? fs.readFileSync(TLS_CA_PATH) : undefined,
});
wss = new WebSocketServer({ server: httpsServer });
httpsServer.listen(PORT, '0.0.0.0', () => {
console.log(`[Daemon] WSS (TLS) Server gestartet auf Port ${PORT}`);
});
} else {
wss = new WebSocketServer({ port: PORT });
console.log(`[Daemon] WS (ohne TLS) Server startet auf Port ${PORT} ...`);
}
wss.on('connection', (ws, req) => { wss.on('connection', (ws, req) => {
const peer = req.socket.remoteAddress + ':' + req.socket.remotePort; const peer = req.socket.remoteAddress + ':' + req.socket.remotePort;