Merge pull request #528 from r0fls/523

allow running with SSL via commandline
This commit is contained in:
Raphael Deem 2017-03-10 00:35:46 -08:00 committed by GitHub
commit 313edadf47
4 changed files with 32 additions and 6 deletions

View File

@ -10,3 +10,11 @@ Optionally pass in an SSLContext:
context.load_cert_chain("/path/to/cert", keyfile="/path/to/keyfile") context.load_cert_chain("/path/to/cert", keyfile="/path/to/keyfile")
app.run(host="0.0.0.0", port=8443, ssl=context) app.run(host="0.0.0.0", port=8443, ssl=context)
You can also pass in the locations of a certificate and key as a dictionary:
.. code:: python
ssl = {'cert': "/path/to/cert", 'key': "/path/to/keyfile"}
app.run(host="0.0.0.0", port=8443, ssl=ssl)

View File

@ -2,3 +2,4 @@ aiofiles
httptools httptools
ujson ujson
uvloop uvloop
websockets

View File

@ -8,6 +8,10 @@ if __name__ == "__main__":
parser = ArgumentParser(prog='sanic') parser = ArgumentParser(prog='sanic')
parser.add_argument('--host', dest='host', type=str, default='127.0.0.1') parser.add_argument('--host', dest='host', type=str, default='127.0.0.1')
parser.add_argument('--port', dest='port', type=int, default=8000) parser.add_argument('--port', dest='port', type=int, default=8000)
parser.add_argument('--cert', dest='cert', type=str,
help='location of certificate for SSL')
parser.add_argument('--key', dest='key', type=str,
help='location of keyfile for SSL.')
parser.add_argument('--workers', dest='workers', type=int, default=1, ) parser.add_argument('--workers', dest='workers', type=int, default=1, )
parser.add_argument('--debug', dest='debug', action="store_true") parser.add_argument('--debug', dest='debug', action="store_true")
parser.add_argument('module') parser.add_argument('module')
@ -26,7 +30,8 @@ if __name__ == "__main__":
.format(type(app).__name__, args.module)) .format(type(app).__name__, args.module))
app.run(host=args.host, port=args.port, app.run(host=args.host, port=args.port,
workers=args.workers, debug=args.debug) workers=args.workers, debug=args.debug,
cert=args.cert, key=args.key)
except ImportError: except ImportError:
log.error("No module named {} found.\n" log.error("No module named {} found.\n"
" Example File: project/sanic_server.py -> app\n" " Example File: project/sanic_server.py -> app\n"

View File

@ -7,6 +7,7 @@ from functools import partial
from inspect import isawaitable, stack, getmodulename from inspect import isawaitable, stack, getmodulename
from traceback import format_exc from traceback import format_exc
from urllib.parse import urlencode, urlunparse from urllib.parse import urlencode, urlunparse
from ssl import create_default_context
from sanic.config import Config from sanic.config import Config
from sanic.constants import HTTP_METHODS from sanic.constants import HTTP_METHODS
@ -503,17 +504,18 @@ class Sanic:
:param port: Port to host on :param port: Port to host on
:param debug: Enables debug output (slows server) :param debug: Enables debug output (slows server)
:param before_start: Functions to be executed before the server starts :param before_start: Functions to be executed before the server starts
accepting connections accepting connections
:param after_start: Functions to be executed after the server starts :param after_start: Functions to be executed after the server starts
accepting connections accepting connections
:param before_stop: Functions to be executed when a stop signal is :param before_stop: Functions to be executed when a stop signal is
received before it is respected received before it is respected
:param after_stop: Functions to be executed when all requests are :param after_stop: Functions to be executed when all requests are
complete complete
:param ssl: SSLContext for SSL encryption of worker(s) :param ssl: SSLContext, or location of certificate and key
for SSL encryption of worker(s)
:param sock: Socket for the server to accept connections from :param sock: Socket for the server to accept connections from
:param workers: Number of processes :param workers: Number of processes
received before it is respected received before it is respected
:param loop: :param loop:
:param backlog: :param backlog:
:param stop_event: :param stop_event:
@ -578,6 +580,16 @@ class Sanic:
register_sys_signals=True, run_async=False): register_sys_signals=True, run_async=False):
"""Helper function used by `run` and `create_server`.""" """Helper function used by `run` and `create_server`."""
if isinstance(ssl, dict):
# try common aliaseses
cert = ssl.get('cert') or ssl.get('certificate')
key = ssl.get('key') or ssl.get('keyfile')
if not cert and key:
raise ValueError("SSLContext or certificate and key required.")
context = create_default_context(purpose=ssl.Purpose.CLIENT_AUTH)
context.load_cert_chain(cert, keyfile=key)
ssl = context
if loop is not None: if loop is not None:
if debug: if debug:
warnings.simplefilter('default') warnings.simplefilter('default')