package main

import (
	"crypto/tls"
	"fmt"
	"log"
	"net/http"
)

func main() {
	as := config()
	httpsServer := &http.Server{
		Addr:    fmt.Sprintf(":%d", as.GetInt("p")),
		Handler: New(),
		TLSConfig: &tls.Config{
			MinVersion:               tls.VersionTLS12,
			CurvePreferences:         []tls.CurveID{tls.CurveP521, tls.CurveP384, tls.CurveP256},
			PreferServerCipherSuites: true,
			CipherSuites: []uint16{
				tls.TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384,
				tls.TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA,
				tls.TLS_RSA_WITH_AES_256_GCM_SHA384,
				tls.TLS_RSA_WITH_AES_256_CBC_SHA,
			},
		},
		TLSNextProto: make(map[string]func(*http.Server, *tls.Conn, http.Handler), 0),
	}
	c := as.GetString("crt")
	k := as.GetString("key")
	log.Printf("listening on %q", httpsServer.Addr)
	if c == "" && k == "" {
		if err := httpsServer.ListenAndServe(); err != nil {
			panic(err)
		}
	} else {
		if err := httpsServer.ListenAndServeTLS(c, k); err != nil {
			panic(err)
		}
	}
}