013: TLS and HTTPS

A Piko server configured to serve HTTPS directly, with an HTTP listener that redirects to HTTPS.

What this demonstrates

• WithTLS with a certificate and key file.
• WithTLSRedirectHTTP to redirect plain-HTTP requests to HTTPS.

Related options

These TLS sub-options are not used by this example, but are available inside WithTLS(...):

• WithTLSHotReload(true) to watch the cert files and reload on change, so letsencrypt renewals land without a restart. Disabled by default.
• WithTLSMinVersion("1.3") to require a newer minimum TLS version. The default minimum is 1.2.

Project structure

src/
  cmd/main/main.go      Bootstraps the server with WithTLS options.
  pages/
    index.pk            A small landing page served only over HTTPS.
  cert.pem              Certificate (generated locally for this example).
  key.pem               Private key.

How to run this example

From the Piko repository root:

cd examples/scenarios/013_tls_https/src/
go mod tidy
air

Visit the configured HTTPS URL. Accept the self-signed certificate in the browser. The example ships a locally generated one.

See also

• Bootstrap options reference: TLS.
• Runnable source.