From 985a8b3395bb467ceabd7877cf8a8e480b60dae3 Mon Sep 17 00:00:00 2001 From: aniongithub Date: Mon, 11 May 2026 22:32:30 -0700 Subject: [PATCH] fix: derive TLS path from wiki dir, not user home When running as a Windows service (SYSTEM account) or via sudo, os.UserHomeDir() returns the wrong home directory. The server couldn't find the certs generated by the user. Fix: derive TLS dir as a sibling of the wiki dir (e.g. ~/.mind-map/wiki -> ~/.mind-map/tls). The wiki dir is always passed correctly via --dir. --- cmd/mind-map/main.go | 6 ++++-- cmd/mind-map/service.go | 2 +- internal/tls/tls.go | 8 ++++++++ 3 files changed, 13 insertions(+), 3 deletions(-) diff --git a/cmd/mind-map/main.go b/cmd/mind-map/main.go index 1517fdf..761277b 100644 --- a/cmd/mind-map/main.go +++ b/cmd/mind-map/main.go @@ -394,8 +394,10 @@ func runHTTPServer(addr, dir, webuiDir string, idleTimeout time.Duration, stopCh IdleTimeout: idleTimeout, } - // Serve HTTPS if TLS certs are available, otherwise HTTP - tlsDir := mindtls.DefaultDir() + // Serve HTTPS if TLS certs are available, otherwise HTTP. + // Derive TLS dir from the wiki dir (sibling directory) so it works + // correctly when running as a system service with a different home. + tlsDir := mindtls.DirFromWikiDir(dir) useTLS := mindtls.HasCerts(tlsDir) if useTLS { diff --git a/cmd/mind-map/service.go b/cmd/mind-map/service.go index 562247d..58f1502 100644 --- a/cmd/mind-map/service.go +++ b/cmd/mind-map/service.go @@ -172,7 +172,7 @@ var serviceStartCmd = &cobra.Command{ } fmt.Println("Service started.") scheme := "http" - if mindtls.HasCerts(mindtls.DefaultDir()) { + if mindtls.HasCerts(mindtls.DirFromWikiDir(dir)) { scheme = "https" } fmt.Printf(" Web UI: %s://%s\n", scheme, addr) diff --git a/internal/tls/tls.go b/internal/tls/tls.go index f986546..d2586c1 100644 --- a/internal/tls/tls.go +++ b/internal/tls/tls.go @@ -34,6 +34,14 @@ func DefaultDir() string { return filepath.Join(home, ".mind-map", "tls") } +// DirFromWikiDir derives the TLS directory from the wiki directory. +// The wiki dir is typically ~/.mind-map/wiki, so TLS is the sibling +// ~/.mind-map/tls. This is more reliable than DefaultDir() when +// running as a system service (where os.UserHomeDir() may differ). +func DirFromWikiDir(wikiDir string) string { + return filepath.Join(filepath.Dir(wikiDir), "tls") +} + // CertPaths returns the paths to the server cert and key. func CertPaths(dir string) (certFile, keyFile string) { return filepath.Join(dir, "server.crt"), filepath.Join(dir, "server.key")