dataforge/unibus
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

feat(membershipd): --ws-port wires the embedded NATS WebSocket listener

Browse Source 
Phase 0 left the WebsocketConfig field unwired; add --ws-port so membershipd can
actually expose the browser data-plane transport. It reuses the data-plane TLS
(wss:// when TLS is on, ws:// for a loopback dev stack) and the same
--cors-origins allowlist that gates the control plane, so one flag pair opens
both planes to the browser-native uniweb client (issue uniweb/0001).
This commit is contained in:
Egutierrez
2026-06-13 23:05:33 +02:00
parent 0088fb946b
commit c0216de766
1 changed files with 19 additions and 0 deletions
Download Patch File Download Diff File Expand all files Collapse all files
cmd/membershipd/main.go
+19
View File
@@ -55,6 +55,7 @@ func main() {
dbPath = flag.String("db", "./local_files/unibus.db", "SQLite database path")
storeDir = flag.String("store-dir", "./local_files/blobs", "blob store directory")
natsPort = flag.Int("nats-port", 4250, "embedded NATS listen port (when --nats-url empty)")
wsPort = flag.Int("ws-port", 0, "WebSocket listen port for browser clients (nats.ws); 0 = disabled. Enables the browser-native uniweb client (issue uniweb/0001)")
natsStore = flag.String("nats-store", "./local_files/jetstream", "embedded JetStream store dir")
busAuth = flag.String("bus-auth", "off", "control-plane auth rollout: off|soft|enforce (feature flag bus-auth)")
corsOrigins = flag.String("cors-origins", "", "comma-separated CORS allowlist of browser origins permitted to call the control plane (e.g. http://localhost:5173,https://chat.example.com); empty = CORS off. Enables the browser-native uniweb client (issue uniweb/0001)")
@@ -269,6 +270,24 @@ func main() {
cfg.TLS = tlsCfg
log.Printf("NATS TLS: ON (%s)", *tlsCert)
}
if *wsPort > 0 {
// Expose a WebSocket listener so browser clients (uniweb via nats.ws) reach
// the data plane directly. It reuses the data-plane TLS (wss:// when TLS is
// on, ws:// for a loopback dev stack) and the same browser-origin allowlist
// as the control-plane CORS, so opening the data plane to the browser and
// opening the control plane to it are governed by one --cors-origins list.
scheme := "ws"
if cfg.TLS != nil {
scheme = "wss"
}
cfg.Websocket = &embeddednats.WebsocketConfig{
Host: *bind,
Port: *wsPort,
TLS: cfg.TLS,
AllowedOrigins: splitRoutes(*corsOrigins),
}
log.Printf("NATS WebSocket: ON (%s://%s:%d)", scheme, *bind, *wsPort)
}
ns, err = embeddednats.StartServer(cfg)
if err != nil {
log.Fatalf("start embedded nats: %v", err)