greenlock-cli.js/index.js

'use strict';

var DAY = 24 * 60 * 60 * 1000;

var Greenlock = require('greenlock');

module.exports.run = function (args) {
  var leChallenge;
  var leStore;
  var servers;
  var USE_DNS = {};
  var challengeType;

  args.acmeUrl = args.server = (args.acmeUrl || args.server);
  args.root = args.webrootPath = (args.root || args.webrootPath);
  if (args.dns01) {
    challengeType = 'dns-01';
    args.webrootPath = '';
    args.standalone = USE_DNS;
  } else /*if (args.http01Port)*/ {
    challengeType = 'http-01';
  }

  if (args.manual) {
    leChallenge = require('le-challenge-manual').create({});
  }
  else if (args.webrootPath) {
    // webrootPath is all that really matters here
    // TODO rename le-challenge-fs to le-challenge-webroot
    leChallenge = require('./lib/webroot').create({ webrootPath: args.webrootPath });
  }
  else if (USE_DNS !== args.standalone) {
    leChallenge = require('le-challenge-standalone').create({});
    servers = require('./lib/servers').create(leChallenge);
  }

  var privkeyPath = args.privkeyPath || args.domainKeyPath || ':configDir/live/:hostname/privkey.pem'; //args.privkeyPath
  leStore = require('le-store-certbot').create({
    configDir: args.configDir
  , privkeyPath: privkeyPath
  , fullchainPath: args.fullchainPath
  , certPath: args.certPath
  , chainPath: args.chainPath
  , bundlePath: args.bundlePath
  , webrootPath: args.root
  , domainKeyPath: args.domainKeyPath
  , accountKeyPath: args.accountKeyPath
  });

  if (!args.acmeUrl) {
    throw new Error("You must specify the ACME server url with --acme-url");
  }
  if (!args.acmeVersion) {
    throw new Error("You must specify the ACME API version with --acme-version");
  }

  // let Greenlock know that we're handling standalone / webroot here
  var leChallenges = {};
  leChallenges[challengeType] = leChallenge;
  var greenlock = Greenlock.create({
    debug: args.debug
  , server: args.acmeUrl
  , version: args.acmeVersion
  , store: leStore
  , challenges: leChallenges
  , renewWithin: args.renewWithin * DAY
  , duplicate: args.duplicate
  });

  if (servers) {
    if (args.tlsSni01Port) {
      servers.startServers(
        [], args.tlsSni01Port
      , { debug: args.debug, tlsOptions: greenlock.tlsOptions }
      );
    }
    else {
      servers.startServers(
        args.http01Port || [80], []
      , { debug: args.debug }
      );
    }
  }

  // Note: can't use args directly as null values will overwrite template values
  return greenlock.register({
    debug: args.debug
  , email: args.email
  , agreeTos: args.agreeTos
  , communityMember: args.communityMember
  , domains: args.domains
  , rsaKeySize: args.rsaKeySize
  , challengeType: challengeType
  }).then(function (certs) {
    if (!certs.renewing) {
      return certs;
    }
    console.log("");
    console.log("Got certificate(s) for " + certs.altnames.join(', '));
    console.log("\tIssued at " + new Date(certs.issuedAt).toISOString() + "");
    console.log("\tValid until " + new Date(certs.expiresAt).toISOString() + "");
    console.log("");
    console.log("Renewing them now");
    return certs.renewing;
  }).then(function (certs) {
    console.log("");
    console.log("Got certificate(s) for " + certs.altnames.join(', '));
    console.log("\tIssued at " + new Date(certs.issuedAt).toISOString() + "");
    console.log("\tValid until " + new Date(certs.expiresAt).toISOString() + "");
    console.log("");
    console.log('Private key installed at:');
    console.log(
      privkeyPath
      .replace(/:configDir/g, args.configDir)
      .replace(/:hostname/g, args.domains[0])
    );
    console.log("");

    // should get back account, path to certs, pems, etc?
    console.log('Certificates installed at:');
    console.log(
      [
      //  args.privkeyPath
        args.certPath
      , args.chainPath
      , args.fullchainPath
      , args.bundlePath || ''
      ].join('\n').replace(/\n+/g, '\n')
      .replace(/:configDir/g, args.configDir)
      .replace(/:hostname/g, args.domains[0])
    );
    console.log("");

    if (servers) {
      return servers.closeServers({ debug: args.debug }).then(function() {
        return 0;
      });
    }

    return 0;
  }, function (err) {
    console.error('[Error]: greenlock-cli');
    console.error(err.stack || new Error('get stack').stack);

    return 1;
  });

};
use letsencrypt v2 2016-08-10 02:39:39 +00:00			`'use strict';`

fix renewal, add --renew-within, reorganise args 2016-10-09 12:54:27 +00:00			`var DAY = 24 * 60 * 60 * 1000;`

update docs, update to greenlock-v2.2.x 2018-05-16 01:29:58 +00:00			`var Greenlock = require('greenlock');`
use letsencrypt v2 2016-08-10 02:39:39 +00:00
			`module.exports.run = function (args) {`
			`var leChallenge;`
			`var leStore;`
			`var servers;`
			`var USE_DNS = {};`
			`var challengeType;`
update docs, update to greenlock-v2.2.x 2018-05-16 01:29:58 +00:00
			`args.acmeUrl = args.server = (args.acmeUrl \|\| args.server);`
			`args.root = args.webrootPath = (args.root \|\| args.webrootPath);`
use letsencrypt v2 2016-08-10 02:39:39 +00:00			`if (args.dns01) {`
			`challengeType = 'dns-01';`
			`args.webrootPath = '';`
			`args.standalone = USE_DNS;`
			`} else /if (args.http01Port)/ {`
			`challengeType = 'http-01';`
			`}`

add manual mode, move standalone to own module 2016-08-10 03:39:07 +00:00			`if (args.manual) {`
			`leChallenge = require('le-challenge-manual').create({});`
			`}`
			`else if (args.webrootPath) {`
use letsencrypt v2 2016-08-10 02:39:39 +00:00			`// webrootPath is all that really matters here`
add manual mode, move standalone to own module 2016-08-10 03:39:07 +00:00			`// TODO rename le-challenge-fs to le-challenge-webroot`
use letsencrypt v2 2016-08-10 02:39:39 +00:00			`leChallenge = require('./lib/webroot').create({ webrootPath: args.webrootPath });`
			`}`
			`else if (USE_DNS !== args.standalone) {`
add manual mode, move standalone to own module 2016-08-10 03:39:07 +00:00			`leChallenge = require('le-challenge-standalone').create({});`
support tls-sni-01 challenge Previously the http-01 challenge was simply served over SSL. 2016-10-08 04:16:26 +00:00			`servers = require('./lib/servers').create(leChallenge);`
use letsencrypt v2 2016-08-10 02:39:39 +00:00			`}`

update docs, update to greenlock-v2.2.x 2018-05-16 01:29:58 +00:00			`var privkeyPath = args.privkeyPath \|\| args.domainKeyPath \|\| ':configDir/live/:hostname/privkey.pem'; //args.privkeyPath`
use letsencrypt v2 2016-08-10 02:39:39 +00:00			`leStore = require('le-store-certbot').create({`
			`configDir: args.configDir`
replace apache with generic and extensible hooks 2016-10-11 15:22:37 +00:00			`, privkeyPath: privkeyPath`
use letsencrypt v2 2016-08-10 02:39:39 +00:00			`, fullchainPath: args.fullchainPath`
			`, certPath: args.certPath`
			`, chainPath: args.chainPath`
update docs, update to greenlock-v2.2.x 2018-05-16 01:29:58 +00:00			`, bundlePath: args.bundlePath`
			`, webrootPath: args.root`
use letsencrypt v2 2016-08-10 02:39:39 +00:00			`, domainKeyPath: args.domainKeyPath`
			`, accountKeyPath: args.accountKeyPath`
			`});`

update docs, update to greenlock-v2.2.x 2018-05-16 01:29:58 +00:00			`if (!args.acmeUrl) {`
			`throw new Error("You must specify the ACME server url with --acme-url");`
			`}`
			`if (!args.acmeVersion) {`
			`throw new Error("You must specify the ACME API version with --acme-version");`
require --server 2016-08-11 17:39:10 +00:00			`}`

update docs, update to greenlock-v2.2.x 2018-05-16 01:29:58 +00:00			`// let Greenlock know that we're handling standalone / webroot here`
support tls-sni-01 challenge Previously the http-01 challenge was simply served over SSL. 2016-10-08 04:16:26 +00:00			`var leChallenges = {};`
			`leChallenges[challengeType] = leChallenge;`
update docs, update to greenlock-v2.2.x 2018-05-16 01:29:58 +00:00			`var greenlock = Greenlock.create({`
use letsencrypt v2 2016-08-10 02:39:39 +00:00			`debug: args.debug`
update docs, update to greenlock-v2.2.x 2018-05-16 01:29:58 +00:00			`, server: args.acmeUrl`
			`, version: args.acmeVersion`
use letsencrypt v2 2016-08-10 02:39:39 +00:00			`, store: leStore`
support tls-sni-01 challenge Previously the http-01 challenge was simply served over SSL. 2016-10-08 04:16:26 +00:00			`, challenges: leChallenges`
fix renewal, add --renew-within, reorganise args 2016-10-09 12:54:27 +00:00			`, renewWithin: args.renewWithin * DAY`
use letsencrypt v2 2016-08-10 02:39:39 +00:00			`, duplicate: args.duplicate`
			`});`

support tls-sni-01 challenge Previously the http-01 challenge was simply served over SSL. 2016-10-08 04:16:26 +00:00			`if (servers) {`
			`if (args.tlsSni01Port) {`
Fixed standalone server closing, and made the index.js promise resolve only after the standalone server has closed. 2017-05-17 15:20:36 +00:00			`servers.startServers(`
support tls-sni-01 challenge Previously the http-01 challenge was simply served over SSL. 2016-10-08 04:16:26 +00:00			`[], args.tlsSni01Port`
update docs, update to greenlock-v2.2.x 2018-05-16 01:29:58 +00:00			`, { debug: args.debug, tlsOptions: greenlock.tlsOptions }`
support tls-sni-01 challenge Previously the http-01 challenge was simply served over SSL. 2016-10-08 04:16:26 +00:00			`);`
			`}`
			`else {`
Fixed standalone server closing, and made the index.js promise resolve only after the standalone server has closed. 2017-05-17 15:20:36 +00:00			`servers.startServers(`
support tls-sni-01 challenge Previously the http-01 challenge was simply served over SSL. 2016-10-08 04:16:26 +00:00			`args.http01Port \|\| [80], []`
			`, { debug: args.debug }`
			`);`
			`}`
			`}`

use letsencrypt v2 2016-08-10 02:39:39 +00:00			`// Note: can't use args directly as null values will overwrite template values`
update docs, update to greenlock-v2.2.x 2018-05-16 01:29:58 +00:00			`return greenlock.register({`
fix renewal, add --renew-within, reorganise args 2016-10-09 12:54:27 +00:00			`debug: args.debug`
use letsencrypt v2 2016-08-10 02:39:39 +00:00			`, email: args.email`
			`, agreeTos: args.agreeTos`
update docs, update to greenlock-v2.2.x 2018-05-16 01:29:58 +00:00			`, communityMember: args.communityMember`
fix renewal, add --renew-within, reorganise args 2016-10-09 12:54:27 +00:00			`, domains: args.domains`
use letsencrypt v2 2016-08-10 02:39:39 +00:00			`, rsaKeySize: args.rsaKeySize`
fix renewal, add --renew-within, reorganise args 2016-10-09 12:54:27 +00:00			`, challengeType: challengeType`
			`}).then(function (certs) {`
Fix renewal again. A similar fix to 69f5fc9c450a45620fdc9c1a91d4d656efea8a27, but using a public property exposed by an updated version of greenlock. 2017-08-25 06:56:19 +00:00			`if (!certs.renewing) {`
fix renewal, add --renew-within, reorganise args 2016-10-09 12:54:27 +00:00			`return certs;`
			`}`
			`console.log("");`
			`console.log("Got certificate(s) for " + certs.altnames.join(', '));`
			`console.log("\tIssued at " + new Date(certs.issuedAt).toISOString() + "");`
			`console.log("\tValid until " + new Date(certs.expiresAt).toISOString() + "");`
			`console.log("");`
			`console.log("Renewing them now");`
Fix renewal again. A similar fix to 69f5fc9c450a45620fdc9c1a91d4d656efea8a27, but using a public property exposed by an updated version of greenlock. 2017-08-25 06:56:19 +00:00			`return certs.renewing;`
use letsencrypt v2 2016-08-10 02:39:39 +00:00			`}).then(function (certs) {`
fix renewal, add --renew-within, reorganise args 2016-10-09 12:54:27 +00:00			`console.log("");`
			`console.log("Got certificate(s) for " + certs.altnames.join(', '));`
			`console.log("\tIssued at " + new Date(certs.issuedAt).toISOString() + "");`
			`console.log("\tValid until " + new Date(certs.expiresAt).toISOString() + "");`
			`console.log("");`
replace apache with generic and extensible hooks 2016-10-11 15:22:37 +00:00			`console.log('Private key installed at:');`
			`console.log(`
			`privkeyPath`
			`.replace(/:configDir/g, args.configDir)`
			`.replace(/:hostname/g, args.domains[0])`
			`);`
			`console.log("");`
fix renewal, add --renew-within, reorganise args 2016-10-09 12:54:27 +00:00
use letsencrypt v2 2016-08-10 02:39:39 +00:00			`// should get back account, path to certs, pems, etc?`
replace apache with generic and extensible hooks 2016-10-11 15:22:37 +00:00			`console.log('Certificates installed at:');`
			`console.log(`
			`[`
update docs, update to greenlock-v2.2.x 2018-05-16 01:29:58 +00:00			`// args.privkeyPath`
replace apache with generic and extensible hooks 2016-10-11 15:22:37 +00:00			`args.certPath`
			`, args.chainPath`
			`, args.fullchainPath`
update docs, update to greenlock-v2.2.x 2018-05-16 01:29:58 +00:00			`, args.bundlePath \|\| ''`
			`].join('\n').replace(/\n+/g, '\n')`
replace apache with generic and extensible hooks 2016-10-11 15:22:37 +00:00			`.replace(/:configDir/g, args.configDir)`
			`.replace(/:hostname/g, args.domains[0])`
			`);`
			`console.log("");`
use letsencrypt v2 2016-08-10 02:39:39 +00:00
Fixed standalone server closing, and made the index.js promise resolve only after the standalone server has closed. 2017-05-17 15:20:36 +00:00			`if (servers) {`
			`return servers.closeServers({ debug: args.debug }).then(function() {`
			`return 0;`
			`});`
			`}`

Changed index.js to return a Promise that resolves to the status to return on the command line, which greenlock.js now uses when closing the process. 2017-04-16 21:09:23 +00:00			`return 0;`
use letsencrypt v2 2016-08-10 02:39:39 +00:00			`}, function (err) {`
letsencrypt to greenlock 2017-01-25 21:42:01 +00:00			`console.error('[Error]: greenlock-cli');`
use letsencrypt v2 2016-08-10 02:39:39 +00:00			`console.error(err.stack \|\| new Error('get stack').stack);`

Changed index.js to return a Promise that resolves to the status to return on the command line, which greenlock.js now uses when closing the process. 2017-04-16 21:09:23 +00:00			`return 1;`
use letsencrypt v2 2016-08-10 02:39:39 +00:00			`});`

			`};`