*refactor ssl support

src/config.ts

@@ -26,6 +26,7 @@ switch (os.platform()) {
 config.inject({
   "core.confdir": configDir,
   "core.port": 8080,
+  "core.apport": 80,
   "core.loglevel": "info",
   "core.plugindir": path.resolve(configDir, "..", "plugins"),
 });

src/modules/app.ts

@@ -3,6 +3,7 @@ import log from "../log.js";
 import fastify from "fastify";
 import type { FastifyInstance } from "fastify";
 import { getKeyPair } from "../lib/seed.js";
+import config from "../config";
 
 let app: FastifyInstance;
 
@@ -16,5 +17,5 @@ export async function start() {
     res.send(Buffer.from(keyPair.publicKey).toString("hex"));
   });
 
-  await app.listen({ port: 80, host: "0.0.0.0" });
+  await app.listen({ port: config.uint("core.appport"), host: "0.0.0.0" });
 }

src/modules/relay.ts

@@ -20,7 +20,7 @@ export async function start() {
   const dht = getSwarm();
   let sslOptions: boolean | http2.SecureServerOptions = false;
 
-  if (getSslManager().enabled) {
+  if (getSslManager().ready) {
     sslOptions = {
       SNICallback: () => getSslManager().context,
     } as http2.SecureServerOptions;

src/modules/ssl.ts

@@ -6,37 +6,47 @@ import config from "../config.js";
 export type SSLManagerRenewHandler = (domain: string) => Promise<boolean>;
 
 export class SSLManager {
-  private _context?: tls.SecureContext;
   private _key?: Buffer;
-  private _cert?: Buffer;
   private _domain: string;
-  private _renewHandler?: SSLManagerRenewHandler;
 
   constructor(domain: string) {
     this._domain = domain;
   }
 
+  private _context?: tls.SecureContext;
+
   get context(): tls.SecureContext {
     return this._context as tls.SecureContext;
   }
 
+  private _cert?: Buffer;
+
+  set cert(cert: Buffer) {
+    this._cert = cert;
+    this._maybeUpdateContext();
+  }
+
+  private _renewHandler?: SSLManagerRenewHandler;
+
+  get renewHandler(): SSLManagerRenewHandler {
+    return this._renewHandler as any;
+  }
+
+  set renewHandler(value: SSLManagerRenewHandler) {
+    this._renewHandler = value;
+  }
+
   set privateKey(key: Buffer) {
     this._key = key;
     this._maybeUpdateContext();
   }
 
-  set cert(cert: Buffer) {
+  get enabled() {
-    this._cert = cert;
+    return config.bool("core.ssl");
-    this._maybeUpdateContext();
   }
 
-  private _maybeUpdateContext() {
+  get ready() {
-    if (b4a.isBuffer(this._cert) && b4a.isBuffer(this._key)) {
+    return this.enabled && this.renewHandler;
-      this._context = tls.createSecureContext({
-        cert: this._cert,
-        key: this._key,
-      });
-    }
   }
 
   public async renew(): Promise<boolean> {
@@ -50,8 +60,13 @@ export class SSLManager {
     return result;
   }
 
-  get enabled() {
+  private _maybeUpdateContext() {
-    return config.bool("core.ssl") && this._renewHandler;
+    if (b4a.isBuffer(this._cert) && b4a.isBuffer(this._key)) {
+      this._context = tls.createSecureContext({
+        cert: this._cert,
+        key: this._key,
+      });
+    }
   }
 }