Configuration

* Added flags to customize the host and port
* Start up just one server rather than a server for HTTP and HTTPS.  HTTPS server will only start if a cert and key are found

README.md

@@ -26,6 +26,24 @@ If stash is unable to find or download FFMPEG then download it yourself from the
 
 The `ffmpeg(.exe)` and `ffprobe(.exe)` files should be placed in `~/.stash` on macOS / Linux or `C:\Users\YourUsername\.stash` on Windows.
 
+# Usage
+
+## CLI
+
+Stash provides some command line options.  See what is currently available by running `stash --help`.
+
+For example, to run stash locally on port 80 run it like this (OSX / Linux) `stash --host 127.0.0.1 --port 80`
+
+## SSL (HTTPS)
+
+Stash supports HTTPS with some additional work.  First you must generate a SSL certificate and key combo.  Here is an example using openssl:
+
+`openssl req -x509 -newkey rsa:4096 -sha256 -days 7300 -nodes -keyout stash.key -out stash.crt -extensions san -config <(echo "[req]"; echo distinguished_name=req; echo "[san]"; echo subjectAltName=DNS:stash.server,IP:127.0.0.1) -subj /CN=stash.server`
+
+This command would need to be customized for your environment.  [This link](https://stackoverflow.com/questions/10175812/how-to-create-a-self-signed-certificate-with-openssl) might be useful.
+
+Once you have a certificate and key file name them `stash.crt` and `stash.key` and place them in the `~/.stash` directory.  Stash will detect these and start up using HTTPS rather than HTTP.
+
 # FAQ
 
 > I have a question not answered here.

go.mod

@@ -16,6 +16,7 @@ require (
 	github.com/rs/cors v1.6.0
 	github.com/sirupsen/logrus v1.3.0
 	github.com/spf13/afero v1.2.0 // indirect
+	github.com/spf13/pflag v1.0.3
 	github.com/spf13/viper v1.3.2
 	github.com/vektah/gqlparser v1.1.2
 	golang.org/x/image v0.0.0-20190118043309-183bebdce1b2 // indirect

pkg/api/server.go

@@ -13,32 +13,25 @@ import (
 	"github.com/rs/cors"
 	"github.com/stashapp/stash/pkg/logger"
 	"github.com/stashapp/stash/pkg/manager/config"
+	"github.com/stashapp/stash/pkg/manager/paths"
 	"github.com/stashapp/stash/pkg/models"
 	"github.com/stashapp/stash/pkg/utils"
+	"io/ioutil"
 	"net/http"
 	"os"
 	"path"
 	"path/filepath"
 	"runtime/debug"
+	"strconv"
 	"strings"
 )
 
-const httpPort = "9998"
-const httpsPort = "9999"
-
-var certsBox *packr.Box
 var uiBox *packr.Box
 
 //var legacyUiBox *packr.Box
 var setupUIBox *packr.Box
 
 func Start() {
-	//port := os.Getenv("PORT")
-	//if port == "" {
-	//	port = defaultPort
-	//}
-
-	certsBox = packr.New("Cert Box", "../../certs")
 	uiBox = packr.New("UI Box", "../../ui/v2/build")
 	//legacyUiBox = packr.New("UI Box", "../../ui/v1/dist/stash-frontend")
 	setupUIBox = packr.New("Setup UI Box", "../../ui/setup")
@@ -71,9 +64,6 @@ func Start() {
 	})
 	gqlHandler := handler.GraphQL(models.NewExecutableSchema(models.Config{Resolvers: &Resolver{}}), recoverFunc, requestMiddleware, websocketUpgrader)
 
-	// https://stash.server:9999/certs/server.crt
-	r.Handle("/certs/*", http.FileServer(certsBox))
-
 	r.Handle("/graphql", gqlHandler)
 	r.Handle("/playground", handler.Playground("GraphQL playground", "/graphql"))
 
@@ -144,7 +134,7 @@ func Start() {
 		http.Redirect(w, r, "/", 301)
 	})
 
-	// Serve the angular app
+	// Serve the web app
 	r.HandleFunc("/*", func(w http.ResponseWriter, r *http.Request) {
 		ext := path.Ext(r.URL.Path)
 		if ext == ".html" || ext == "" {
@@ -155,35 +145,46 @@ func Start() {
 		}
 	})
 
-	httpsServer := &http.Server{
-		Addr:      ":" + httpsPort,
-		Handler:   r,
-		TLSConfig: makeTLSConfig(),
-	}
-	server := &http.Server{
-		Addr:    ":" + httpPort,
-		Handler: r,
-	}
+	address := config.GetHost() + ":" + strconv.Itoa(config.GetPort())
+	if tlsConfig := makeTLSConfig(); tlsConfig != nil {
+		httpsServer := &http.Server{
+			Addr:      address,
+			Handler:   r,
+			TLSConfig: tlsConfig,
+		}
 
-	go func() {
-		logger.Infof("stash is running on HTTP at http://localhost:9998/")
-		logger.Fatal(server.ListenAndServe())
-	}()
+		go func() {
+			logger.Infof("stash is running on HTTPS at https://" + address + "/")
+			logger.Fatal(httpsServer.ListenAndServeTLS("", ""))
+		}()
+	} else {
+		server := &http.Server{
+			Addr:    address,
+			Handler: r,
+		}
 
-	go func() {
-		logger.Infof("stash is running on HTTPS at https://localhost:9999/")
-		logger.Fatal(httpsServer.ListenAndServeTLS("", ""))
-	}()
+		go func() {
+			logger.Infof("stash is running on HTTP at http://" + address + "/")
+			logger.Fatal(server.ListenAndServe())
+		}()
+	}
 }
 
 func makeTLSConfig() *tls.Config {
-	cert, err := certsBox.Find("server.crt")
-	key, err := certsBox.Find("server.key")
+	cert, err := ioutil.ReadFile(paths.GetSSLCert())
+	if err != nil {
+		return nil
+	}
+
+	key, err := ioutil.ReadFile(paths.GetSSLKey())
+	if err != nil {
+		return nil
+	}
 
 	certs := make([]tls.Certificate, 1)
 	certs[0], err = tls.X509KeyPair(cert, key)
 	if err != nil {
-		panic(err)
+		return nil
 	}
 	tlsConfig := &tls.Config{
 		Certificates: certs,

pkg/api/types.go

@@ -4,4 +4,4 @@ package api
 const (
 	create = iota // 0
 	update = iota // 1
-)
+)

pkg/ffmpeg/regex.go

@@ -12,7 +12,9 @@ func GetTimeFromRegex(str string) float64 {
 	regexResult := TimeRegex.FindStringSubmatch(str)
 
 	// Bail early if we don't have the results we expect
-	if len(regexResult) != 4 { return 0 }
+	if len(regexResult) != 4 {
+		return 0
+	}
 
 	h, _ := strconv.ParseFloat(regexResult[1], 64)
 	m, _ := strconv.ParseFloat(regexResult[2], 64)
@@ -27,8 +29,10 @@ func GetFrameFromRegex(str string) int {
 	regexResult := FrameRegex.FindStringSubmatch(str)
 
 	// Bail early if we don't have the results we expect
-	if len(regexResult) < 2 { return 0 }
+	if len(regexResult) < 2 {
+		return 0
+	}
 
 	result, _ := strconv.Atoi(regexResult[1])
 	return result
-}
+}

pkg/manager/config/config.go

@@ -12,6 +12,9 @@ const Downloads = "downloads"
 
 const Database = "database"
 
+const Host = "host"
+const Port = "port"
+
 func Set(key string, value interface{}) {
 	viper.Set(key, value)
 }
@@ -40,6 +43,14 @@ func GetDatabasePath() string {
 	return viper.GetString(Database)
 }
 
+func GetHost() string {
+	return viper.GetString(Host)
+}
+
+func GetPort() int {
+	return viper.GetInt(Port)
+}
+
 func IsValid() bool {
 	setPaths := viper.IsSet(Stash) && viper.IsSet(Cache) && viper.IsSet(Generated) && viper.IsSet(Metadata)
 	// TODO: check valid paths

pkg/manager/manager.go

@@ -3,12 +3,14 @@ package manager
 import (
 	"fmt"
 	"github.com/fsnotify/fsnotify"
+	"github.com/spf13/pflag"
 	"github.com/spf13/viper"
 	"github.com/stashapp/stash/pkg/ffmpeg"
 	"github.com/stashapp/stash/pkg/logger"
 	"github.com/stashapp/stash/pkg/manager/config"
 	"github.com/stashapp/stash/pkg/manager/paths"
 	"github.com/stashapp/stash/pkg/utils"
+	"net"
 	"sync"
 )
 
@@ -33,6 +35,7 @@ func Initialize() *singleton {
 	once.Do(func() {
 		_ = utils.EnsureDir(paths.GetConfigDirectory())
 		initConfig()
+		initFlags()
 		instance = &singleton{
 			Status: Idle,
 			Paths:  paths.NewPaths(),
@@ -78,6 +81,16 @@ func initConfig() {
 	//viper.WriteConfig()
 }
 
+func initFlags() {
+	pflag.IP("host", net.IPv4(0, 0, 0, 0), "ip address for the host")
+	pflag.Int("port", 9999, "port to serve from")
+
+	pflag.Parse()
+	if err := viper.BindPFlags(pflag.CommandLine); err != nil {
+		logger.Infof("failed to bind flags: %s", err.Error())
+	}
+}
+
 func initFFMPEG() {
 	configDirectory := paths.GetConfigDirectory()
 	ffmpegPath, ffprobePath := ffmpeg.GetPaths(configDirectory)

pkg/manager/paths/paths.go

@@ -36,3 +36,11 @@ func GetDefaultDatabaseFilePath() string {
 func GetDefaultConfigFilePath() string {
 	return filepath.Join(GetConfigDirectory(), "config.yml")
 }
+
+func GetSSLKey() string {
+	return filepath.Join(GetConfigDirectory(), "stash.key")
+}
+
+func GetSSLCert() string {
+	return filepath.Join(GetConfigDirectory(), "stash.crt")
+}

pkg/models/querybuilder_sql.go

@@ -131,9 +131,9 @@ func getCriterionModifierBinding(criterionModifier CriterionModifier, value inte
 		case "NOT_NULL":
 			return "IS NOT NULL", 0
 		case "INCLUDES":
-			return "IN "+getInBinding(length), length // TODO?
+			return "IN " + getInBinding(length), length // TODO?
 		case "EXCLUDES":
-			return "NOT IN "+getInBinding(length), length // TODO?
+			return "NOT IN " + getInBinding(length), length // TODO?
 		default:
 			logger.Errorf("todo")
 			return "= ?", 1 // TODO
@@ -144,7 +144,7 @@ func getCriterionModifierBinding(criterionModifier CriterionModifier, value inte
 
 func getIntCriterionWhereClause(column string, input IntCriterionInput) (string, int) {
 	binding, count := getCriterionModifierBinding(input.Modifier, input.Value)
-	return column+" "+binding, count
+	return column + " " + binding, count
 }
 
 func runIdsQuery(query string, args []interface{}) ([]int, error) {

pkg/utils/float.go

@@ -5,4 +5,4 @@ import "math"
 // IsValidFloat64 ensures the given value is a valid number (not NaN) which is not equal to 0
 func IsValidFloat64(value float64) bool {
 	return !math.IsNaN(value) && value != 0
-}
+}

ui/v2/src/core/StashService.ts

@@ -8,7 +8,13 @@ export class StashService {
 
   public static initialize() {
     const platformUrl = new URL(window.location.origin);
-    platformUrl.port = platformUrl.protocol === "https:" ? "9999" : "9998";
+    if (!process.env.NODE_ENV || process.env.NODE_ENV === "development") {
+      platformUrl.port = "9999"; // TODO: Hack. Development expects port 9999
+
+      if (process.env.REACT_APP_HTTPS === "true") {
+        platformUrl.protocol = "https:";
+      }
+    }
     const url = platformUrl.toString().slice(0, -1);
 
     StashService.client = new ApolloClient({