Secure Socket Server

[kdubuc]

It would be great to setup a secure socket server (https://github.com/reactphp/socket/blob/master/src/SecureServer.php). It could be easily implemented :

After initialization of web server :

php-pm/src/ProcessManager.php

Line 499 in 23dffd0

$this->web = new Server(sprintf('%s:%d', $this->host, $this->port), $this->loop);

We could adding :

$socket = new \React\Socket\SecureServer($socket, $loop, array(
    'local_cert' => $this->cert
));

ProcessManager constructor will gain one tls_options array parameter to provide TLS context (cert, etc ..).

What do you think ?

[jkrzefski]

I would prefer a more versatile approach to this. Something like this would be better:

$this->web = new Server(sprintf('%s:%d', $this->host, $this->port), $this->loop, ['tls' => [
    'local_cert' => '/etc/letsencrypt/live/<hostname>/fullchain.pem',
    'local_pk' => '/etc/letsencrypt/live/<hostname>/privkey.pem',
    'cafile' => '/etc/letsencrypt/live/<hostname>/cert.pem',
    'CN_match' => '<hostname>',
    'crypto_method' => STREAM_CRYPTO_METHOD_TLSv1_2_SERVER,
]]);

If possible, this should be configurable through the config-command. Of course these hardcoded values should be variables.

[kdubuc]

Exactly, good point.

So, ProcessManager constructor will have one (array) context option (CLI too with a --context arg), which will be used by Server bootstraping.

If maintainers are okay, I can work on a PR.

[jkrzefski]

Please include in your PR a way to dump this context into the configuration json file.