func httpServer()

in server/cmd/harp-server/internal/dispatchers/vault/wire_gen.go [86:130]

• 36 lines of code
• 5 McCabe index (conditional complexity)

func httpServer(ctx context.Context, cfg *config.Configuration, bm manager.Backend, tm transformerMap) (*http.Server, error) {
	r := chi.NewRouter()

	r.Use(middleware.RequestID)
	r.Use(middleware.RealIP)
	r.Use(middleware.Recoverer)

	r.Use(middleware.Timeout(60 * time.Second))
	routes.RootHandler(r)
	routes.KVHandler(r, bm)

	for name, t := range tm {
		routes.TransitHandler(r, name, t)
	}
	container.SetKeyring(cfg.Keyring)

	server := &http.Server{
		Handler: r,
	}

	if cfg.Vault.UseTLS {

		clientAuth := tls.VerifyClientCertIfGiven
		if cfg.Vault.TLS.ClientAuthenticationRequired {
			clientAuth = tls.RequireAndVerifyClientCert
		}

		tlsConfig, err := tlsconfig.Server(&tlsconfig.Options{
			KeyFile:    cfg.Vault.TLS.PrivateKeyPath,
			CertFile:   cfg.Vault.TLS.CertificatePath,
			CAFile:     cfg.Vault.TLS.CACertificatePath,
			ClientAuth: clientAuth,
		})
		if err != nil {
			log.For(ctx).Error("Unable to build TLS configuration from settings", zap.Error(err))
			return nil, err
		}

		server.TLSConfig = tlsConfig
	} else {
		log.For(ctx).Info("No transport encryption enabled for fake Vault server")
	}

	return server, nil
}