added SSL port support

conf/default.yaml

@@ -46,18 +46,18 @@ server:
         # for details.
 
         # The standard SSL/TLS port for IRC is 6697. This will listen on all interfaces:
-        #":6697":
+        ":__SECURE_PORT__":
             # this is a standard TLS configuration with a single certificate;
             # see the manual for instructions on how to configure SNI
-        #    tls:
+            tls:
-        #        cert: "/etc/yunohost/certs/__DOMAIN__/crt.pem"
+                cert: "/etc/yunohost/certs/__DOMAIN__/crt.pem"
-        #        key: "/etc/yunohost/certs/__DOMAIN__/key.pem"
+                key: "/etc/yunohost/certs/__DOMAIN__/key.pem"
             # 'proxy' should typically be false. It's for cloud load balancers that
             # always send a PROXY protocol header ahead of the connection. See the
             # manual ("Reverse proxies") for more details.
-        #    proxy: false
+            proxy: false
             # set the minimum TLS version:
-        #    min-tls-version: 1.2
+            min-tls-version: 1.2
 
         # Example of a Unix domain socket for proxying:
         # "/tmp/ergo_sock":

scripts/install

@@ -61,9 +61,14 @@ ynh_script_progression --message="Finding an available port..." --time --weight=
 
 # Find an available port
 port=$(ynh_find_port --port=6667) # Plaintext Port
+secure_port=$(ynh_find_port --port=6697) # Secure Port
+
 ynh_app_setting_set --app=$app --key=port --value=$port
+ynh_app_setting_set --app=$app --key=secure_port --value=$secure_port
+
 ynh_script_progression --message="Configuring firewall..." --time --weight=1
 ynh_exec_warn_less yunohost firewall allow --no-upnp TCP $port
+ynh_exec_warn_less yunohost firewall allow --no-upnp TCP $secure_port
 
 #=================================================
 # INSTALL DEPENDENCIES

scripts/remove

@@ -20,6 +20,7 @@ db_name=$(ynh_sanitize_dbid --db_name=$app)
 db_user=$db_name
 domain=$(ynh_app_setting_get --app=$app --key=domain)
 port=$(ynh_app_setting_get --app=$app --key=port)
+secure_port=$(ynh_app_setting_get --app=$app --key=secure_port)
 final_path=$(ynh_app_setting_get --app=$app --key=final_path)
 
 #=================================================
@@ -93,6 +94,12 @@ then
 	ynh_exec_warn_less yunohost firewall disallow TCP $port
 fi
 
+if yunohost firewall list | grep -q "\- $secure_port$"
+then
+	ynh_script_progression --message="Closing port $secure_port..." --time --weight=1
+	ynh_exec_warn_less yunohost firewall disallow TCP $secure_port
+fi
+
 #=================================================
 # GENERIC FINALIZATION
 #=================================================

scripts/upgrade

@@ -20,6 +20,7 @@ domain=$(ynh_app_setting_get --app=$app --key=domain)
 path_url=$(ynh_app_setting_get --app=$app --key=path)
 final_path=$(ynh_app_setting_get --app=$app --key=final_path)
 port=$(ynh_app_setting_get --app=$app --key=port)
+secure_port=$(ynh_app_setting_get --app=$app --key=secure_port)
 
 #=================================================
 # CHECK VERSION