Make addres at which server listens configurable

server/irmaserver/cmd/main.go

@@ -79,6 +79,7 @@ func setFlags(cmd *cobra.Command) error {
 	flags.StringP("jwtissuer", "j", "irmaserver", "JWT issuer")
 	flags.StringP("jwtprivatekey", "w", "", "JWT private key or path to it")
 	flags.StringP("url", "u", defaulturl, "External URL to server to which the IRMA client connects")
+	flags.StringP("listenaddr", "l", "0.0.0.0", "Address at which to listen")
 	flags.IntP("port", "p", 8088, "Port at which to listen")
 	flags.Bool("noauth", false, "Whether or not to authenticate requestors")
 	flags.String("requestors", "", "Requestor configuration (in JSON)")
@@ -145,7 +146,8 @@ func configure() error {
 			URL:                   viper.GetString("url"),
 			Logger:                logger,
 		},
-		Port: viper.GetInt("port"),
+		ListenAddress: viper.GetString("listenaddr"),
+		Port:          viper.GetInt("port"),
 		DisableRequestorAuthentication: viper.GetBool("noauth"),
 		Requestors:                     make(map[string]irmaserver.Requestor),
 		GlobalPermissions:              irmaserver.Permissions{},

server/irmaserver/conf.go

@@ -2,6 +2,7 @@ package irmaserver
 
 import (
 	"crypto/rsa"
+	"fmt"
 	"io/ioutil"
 	"strings"
 
@@ -19,16 +20,23 @@ type Configuration struct {
 	// can submit session requests. If true, the request is first authenticated against the
 	// server configuration before the server accepts it.
 	DisableRequestorAuthentication bool `json:"noauth" mapstructure:"noauth"`
+
+	// Address to listen at. May include port (e.g. 0.0.0.0:1234) but then Port must be 0.
+	ListenAddress string `json:"listenaddr" mapstructure:"listenaddr"`
 	// Port to listen at
 	Port int `json:"port" mapstructure:"port"`
+
 	// Requestor-specific permission and authentication configuration
 	RequestorsString string               `json:"-" mapstructure:"requestors"`
 	Requestors       map[string]Requestor `json:"requestors"`
+
 	// Disclosing, signing or issuance permissions that apply to all requestors
 	GlobalPermissionsString string      `json:"-" mapstructure:"permissions"`
 	GlobalPermissions       Permissions `json:"permissions" mapstructure:"permissions"`
+
 	// Used in the "iss" field of result JWTs from /result-jwt and /getproof
 	JwtIssuer string `json:"jwtissuer" mapstructure:"jwtissuer"`
+
 	// Private key to sign result JWTs with. If absent, /result-jwt and /getproof are disabled.
 	JwtPrivateKey string `json:"jwtprivatekey" mapstructure:"jwtprivatekey"`
 
@@ -79,6 +87,13 @@ func (conf *Configuration) CanIssue(requestor string, creds []*irma.CredentialRe
 	return true, ""
 }
 
+func (conf *Configuration) listenAddress() string {
+	if conf.Port == 0 {
+		return conf.ListenAddress
+	}
+	return fmt.Sprintf("%s:%d", conf.ListenAddress, conf.Port)
+}
+
 // CanVerifyOrSign returns whether or not the specified requestor may use the selected attributes
 // in any of the supported session types.
 func (conf *Configuration) CanVerifyOrSign(requestor string, action irma.Action, disjunctions irma.AttributeDisjunctionList) (bool, string) {

server/irmaserver/server.go

@@ -2,7 +2,6 @@
 package irmaserver
 
 import (
-	"fmt"
 	"io/ioutil"
 	"net/http"
 	"time"
@@ -28,7 +27,9 @@ func Start(config *Configuration) error {
 	}
 
 	// Start server
-	s = &http.Server{Addr: fmt.Sprintf(":%d", config.Port), Handler: handler}
+	addr := config.listenAddress()
+	config.Logger.Info("Listening at ", addr)
+	s = &http.Server{Addr: addr, Handler: handler}
 	err = s.ListenAndServe()
 	if err == http.ErrServerClosed {
 		return nil // Server was closed normally