Merge pull request #132 from stevvooe/add-tls-support

Add native TLS support to registry

cmd/registry/main.go

@@ -47,10 +47,17 @@ func main() {
 	handler = handlers.CombinedLoggingHandler(os.Stdout, handler)
 	log.SetLevel(logLevel(config.Loglevel))
 
+	if config.HTTP.TLS.Certificate == "" {
 		log.Infof("listening on %v", config.HTTP.Addr)
 		if err := http.ListenAndServe(config.HTTP.Addr, handler); err != nil {
 			log.Fatalln(err)
 		}
+	} else {
+		log.Infof("listening on %v, tls", config.HTTP.Addr)
+		if err := http.ListenAndServeTLS(config.HTTP.Addr, config.HTTP.TLS.Certificate, config.HTTP.TLS.Key, handler); err != nil {
+			log.Fatalln(err)
+		}
+	}
 }
 
 func usage() {

configuration/configuration.go

@@ -38,6 +38,22 @@ type Configuration struct {
 
 		// Secret specifies the secret key which HMAC tokens are created with.
 		Secret string `yaml:"secret"`
+
+		// TLS instructs the http server to listen with a TLS configuration.
+		// This only support simple tls configuration with a cert and key.
+		// Mostly, this is useful for testing situations or simple deployments
+		// that require tls. If more complex configurations are required, use
+		// a proxy or make a proposal to add support here.
+		TLS struct {
+			// Certificate specifies the path to an x509 certificate file to
+			// be used for TLS.
+			Certificate string `yaml:"certificate"`
+
+			// Key specifies the path to the x509 key file, which should
+			// contain the private portion for the file specified in
+			// Certificate.
+			Key string `yaml:"key"`
+		} `yaml:"tls"`
 	} `yaml:"http"`
 }