diff --git a/README.md b/README.md index b2fb87b..254d221 100644 --- a/README.md +++ b/README.md @@ -56,7 +56,7 @@ By default, gotty starts a web server at port 8080. Open the URL on your web bro --random-url, -r Add a random string to the URL [$GOTTY_RANDOM_URL] --profile-file, -f "~/.gotty" Path to profile file [$GOTTY_PROFILE_FILE] --enable-tls, -t Enable TLS/SSL [$GOTTY_ENABLE_TLS] ---tls-cert "~/.gotty.crt" TLS/SSL cert [$GOTTY_TLS_CERT] +--tls-crt "~/.gotty.crt" TLS/SSL cert [$GOTTY_TLS_CRT] --tls-key "~/.gotty.key" TLS/SSL key [$GOTTY_TLS_KEY] --title-format "GoTTY - {{ .Command }} ({{ .Hostname }})" Title format of browser window [$GOTTY_TITLE_FORMAT] --auto-reconnect "-1" Seconds to automatically reconnect to the server when the connection is closed (default: disabled) [$GOTTY_AUTO_RECONNECT] @@ -84,7 +84,7 @@ By default, gotty doesn't allow clients to send any keystrokes or commands excep To restrict client access, you can use the `-c` option to enable the basic authentication. With option, clients need to input the specified username and passwords to connect to the gotty server. The `-r` option is a little bit casualer way to restrict access. With this option, gotty generates a random URL so that only people who know the URL can get access to the server. -All traffic between servers and clients are NOT encrypted by default. When you send secret information through gotty, we strongly recommend you use the `-t` option which enables TLS/SSL on the session. By default, gotty loads the cert and key files placed at `~/.gotty.cert` and `~/.gotty.key`. You can overwrite these file paths with the `--tls-cert` and `--tls-key` options. When you need to generate a self-signed certification file, you can use the `openssl` command. +All traffic between servers and clients are NOT encrypted by default. When you send secret information through gotty, we strongly recommend you use the `-t` option which enables TLS/SSL on the session. By default, gotty loads the crt and key files placed at `~/.gotty.crt` and `~/.gotty.key`. You can overwrite these file paths with the `--tls-cert` and `--tls-key` options. When you need to generate a self-signed certification file, you can use the `openssl` command. ```sh openssl req -x509 -nodes -days 9999 -newkey rsa:2048 -keyout ~/.gotty.key -out ~/.gotty.crt diff --git a/app/app.go b/app/app.go index 6cd2f97..00f3d29 100644 --- a/app/app.go +++ b/app/app.go @@ -41,7 +41,7 @@ type Options struct { RandomUrl bool ProfileFile string EnableTLS bool - TLSCert string + TLSCrt string TLSKey string TitleFormat string AutoReconnect int @@ -51,7 +51,7 @@ type Options struct { const DefaultProfileFilePath = "~/.gotty" const DefaultTLSKeyPath = "~/.gotty.key" -const DefaultTLSCertPath = "~/.gotty.crt" +const DefaultTLSCrtPath = "~/.gotty.crt" func New(options Options) (*App, error) { titleTemplate, err := template.New("title").Parse(options.TitleFormat) @@ -168,8 +168,8 @@ func (app *App) Run() error { &http.Server{Addr: endpoint, Handler: siteHandler}, ) if app.options.EnableTLS { - cert, key := app.loadTLSFiles() - err = app.server.ListenAndServeTLS(cert, key) + crt, key := app.loadTLSFiles() + err = app.server.ListenAndServeTLS(crt, key) } else { err = app.server.ListenAndServe() } @@ -182,10 +182,10 @@ func (app *App) Run() error { return nil } -func (app *App) loadTLSFiles() (cert string, key string) { - cert = app.options.TLSCert - if app.options.TLSCert == DefaultTLSCertPath { - cert = os.Getenv("HOME") + "/.gotty.crt" +func (app *App) loadTLSFiles() (crt string, key string) { + crt = app.options.TLSCrt + if app.options.TLSCrt == DefaultTLSCrtPath { + crt = os.Getenv("HOME") + "/.gotty.crt" } key = app.options.TLSKey diff --git a/main.go b/main.go index 83be0af..ea7be67 100644 --- a/main.go +++ b/main.go @@ -57,10 +57,10 @@ func main() { EnvVar: "GOTTY_ENABLE_TLS", }, cli.StringFlag{ - Name: "tls-cert", - Value: app.DefaultTLSCertPath, - Usage: "TLS/SSL cert", - EnvVar: "GOTTY_TLS_CERT", + Name: "tls-crt", + Value: app.DefaultTLSCrtPath, + Usage: "TLS/SSL crt", + EnvVar: "GOTTY_TLS_CRT", }, cli.StringFlag{ Name: "tls-key",