packages feed

warp-tls-simple 0.1.0.1 → 0.1.0.2

raw patch · 2 files changed

+124/−7 lines, 2 filesPVP ok

version bump matches the API change (PVP)

API changes (from Hackage documentation)

Files

src/Network/Wai/Handler/WarpTLS/Simple.hs view
@@ -2,15 +2,68 @@ {-# LANGUAGE StandaloneDeriving #-} {-# LANGUAGE TemplateHaskell #-} +{- |+Simplified TLS configuration for Warp servers with automatic certificate generation++This module provides a simplified interface for running Warp servers with TLS support,+including automatic self-signed certificate generation for development environments.++The main design goals are:++* __HTTPS by default__: TLS is enabled by default with automatic certificate generation+* __Zero-configuration development__: Works out of the box for local development+* __Production-ready__: Supports custom certificates for production deployment+* __CLI integration__: Provides 'tlsConfigParser' for command-line argument parsing++= Quick Start++@+import Network.Wai.Handler.WarpTLS.Simple+import Network.Wai.Handler.Warp qualified as Warp++main :: IO ()+main = do+  let settings = Warp.defaultSettings & Warp.setPort 8080+  startWarpServer settings ".\/state" TLSAuto myWaiApplication+@++= Certificate Management++The module supports three TLS configurations:++* 'TLSAuto' - Automatically generates self-signed certificates (default)+* 'TLSExplicit' - Uses user-provided certificate and key files+* 'TLSDisabled' - Runs HTTP only (must be explicitly requested)++Auto-generated certificates include Subject Alternative Names (SAN) for:++* @localhost@ and the specified hostname+* Common local network IP ranges (@127.0.0.1@, @192.168.*.*@, @10.*.*.*@, etc.)+* IPv6 loopback (@::1@)++= CLI Integration++@+data MyAppConfig = MyAppConfig+  { port :: Int+  , tlsConfig :: TLSConfig+  }++myConfigParser :: Parser MyAppConfig+myConfigParser = MyAppConfig+  \<$\> option auto (long \"port\" \<\> value 8080)+  \<*\> tlsConfigParser+@+-} module Network.Wai.Handler.WarpTLS.Simple (-  -- * Type+  -- * TLS Configuration   TLSConfig (..), -  -- * Function+  -- * Server Functions   tlsConfigResolve,   startWarpServer, -  -- * CLI parser+  -- * CLI Integration   tlsConfigParser, ) where @@ -32,7 +85,42 @@ opensslBin :: FilePath opensslBin = $(staticWhich "openssl") --- | TLS configuration with HTTPS enabled by default+{- | TLS configuration with HTTPS enabled by default++This type represents the three supported TLS modes for the Warp server:++[TLSDisabled] HTTP-only mode. Must be explicitly requested with @--no-https@ flag.+This is useful for development behind a reverse proxy or when TLS termination+happens elsewhere.++[TLSAuto] __Default mode__. Automatically generates self-signed certificates for HTTPS.+Certificates are stored in @\<stateDir\>\/tls\/@ and include SAN entries for local+development. This provides zero-configuration HTTPS for development environments.++[TLSExplicit] Production mode with user-provided certificates. Requires both+certificate and private key files specified via @--tls-cert@ and @--tls-key@ flags.++== Examples++Auto-generated certificates (default):+@+tlsConfig = TLSAuto+@++Custom certificates for production:+@+tlsSettings <- WarpTLS.tlsSettings "\/path\/to\/cert.pem" "\/path\/to\/key.pem"+tlsConfig = TLSExplicit tlsSettings+@++HTTP-only mode:+@+tlsConfig = TLSDisabled+@++The 'Show' instance provides debugging information including certificate details+for 'TLSExplicit' configurations.+-} data TLSConfig   = -- | No TLS - run HTTP only (explicit)     TLSDisabled@@ -47,7 +135,16 @@     TLSAuto -> "TLSAuto"     TLSExplicit tlsSettings -> "TLSExplicit (user-provided certificates): " <> Text.Show.show (WarpTLS.getCertSettings tlsSettings) --- | Parser for TLS configuration with HTTPS enabled by default+{- | Command-line parser for TLS configuration++Provides @optparse-applicative@ integration with HTTPS enabled by default:++* @--no-https@ - Disable HTTPS+* @--tls-cert FILE --tls-key FILE@ - Use custom certificates+* Default - Auto-generate certificates++Both certificate options must be provided together.+-} tlsConfigParser :: Parser TLSConfig tlsConfigParser =   noHttpsMode <|> tlsExplicitMode <|> defaultMode@@ -75,6 +172,17 @@     -- Default to auto-generation (HTTPS enabled by default)     defaultMode = pure TLSAuto +{- | Resolve TLS configuration to WarpTLS settings++Converts a 'TLSConfig' to the appropriate 'WarpTLS.TLSSettings' for the Warp server:++* 'TLSDisabled' → 'Nothing' (HTTP mode)+* 'TLSAuto' → Auto-generates certificates in @stateDir\/tls\/@+* 'TLSExplicit' → Uses provided settings++For 'TLSAuto', certificates are generated once and reused on subsequent runs.+The hostname "localhost" is used for certificate generation.+-} tlsConfigResolve :: FilePath -> TLSConfig -> IO (Maybe WarpTLS.TLSSettings) tlsConfigResolve stateDir = \case   TLSDisabled -> pure Nothing@@ -242,7 +350,16 @@ generateCertificates certDir hostArg =   generateCertificateWithRequest certDir (defaultCertRequest hostArg) --- | Start a Warp server with optional TLS+{- | Start a Warp server with TLS support++High-level function that combines Warp settings, TLS configuration, and application:++* Resolves the TLS configuration using the state directory+* Starts HTTP server if TLS is disabled+* Starts HTTPS server if TLS is enabled++This is the main entry point for applications using this module.+-} startWarpServer :: Warp.Settings -> FilePath -> TLSConfig -> Application -> IO () startWarpServer settings stateDir tlsConfig app =   tlsConfigResolve stateDir tlsConfig >>= \case
warp-tls-simple.cabal view
@@ -5,7 +5,7 @@ -- see: https://github.com/sol/hpack  name:           warp-tls-simple-version: 0.1.0.1+version: 0.1.0.2 synopsis:       Simple TLS configuration for Warp description:    Simplified TLS setup and certificate generation for Warp servers category:       Web