From 9f65da895f20deef4afb9663b1e40ae2f61dfa78 Mon Sep 17 00:00:00 2001 From: AJ ONeal Date: Thu, 10 May 2018 08:15:17 +0000 Subject: [PATCH 01/17] add _communityPackage --- lex.js | 1 + 1 file changed, 1 insertion(+) diff --git a/lex.js b/lex.js index b50ebb5..c749dc3 100644 --- a/lex.js +++ b/lex.js @@ -3,6 +3,7 @@ // opts.approveDomains(options, certs, cb) module.exports.create = function (opts) { // accept all defaults for le.challenges, le.store, le.middleware + opts._communityPackage = 'greenlock-express.js'; var le = require('greenlock').create(opts); opts.app = opts.app || function (req, res) { From a20f91661f488ef61da20934f59090d223f55fe2 Mon Sep 17 00:00:00 2001 From: AJ ONeal Date: Sat, 12 May 2018 07:46:56 +0000 Subject: [PATCH 02/17] testing with logo --- README.md | 2 ++ 1 file changed, 2 insertions(+) diff --git a/README.md b/README.md index 468c807..6ba1862 100644 --- a/README.md +++ b/README.md @@ -1,3 +1,5 @@ +!["Greenlock Logo"](https://git.coolaj86.com/coolaj86/greenlock.js/raw/branch/master/greenlock-850x200.png) + Greenlock™ for Express.js ================= From 8d89454c0acc768fb2332de34123ba658040ed42 Mon Sep 17 00:00:00 2001 From: AJ ONeal Date: Sat, 12 May 2018 08:02:19 +0000 Subject: [PATCH 03/17] update logo size for gitea --- README.md | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/README.md b/README.md index 6ba1862..828ee73 100644 --- a/README.md +++ b/README.md @@ -1,4 +1,4 @@ -!["Greenlock Logo"](https://git.coolaj86.com/coolaj86/greenlock.js/raw/branch/master/greenlock-850x200.png) +!["Greenlock Logo"](https://git.coolaj86.com/coolaj86/greenlock.js/raw/branch/master/greenlock-1063x250.png) Greenlock™ for Express.js ================= From 238e262f95cd587b5aa7aa4fd21affc7701199b8 Mon Sep 17 00:00:00 2001 From: AJ ONeal Date: Sat, 12 May 2018 08:03:04 +0000 Subject: [PATCH 04/17] fix logo url --- README.md | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/README.md b/README.md index 828ee73..f1b1481 100644 --- a/README.md +++ b/README.md @@ -1,4 +1,4 @@ -!["Greenlock Logo"](https://git.coolaj86.com/coolaj86/greenlock.js/raw/branch/master/greenlock-1063x250.png) +!["Greenlock Logo"](https://git.coolaj86.com/coolaj86/greenlock.js/raw/branch/master/logo/greenlock-1063x250.png) Greenlock™ for Express.js ================= From 32e57aa9cbbb30ba5bed3711af7884c387eda898 Mon Sep 17 00:00:00 2001 From: AJ ONeal Date: Sat, 12 May 2018 16:10:54 +0000 Subject: [PATCH 05/17] update image title and alt text --- README.md | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/README.md b/README.md index f1b1481..5b46817 100644 --- a/README.md +++ b/README.md @@ -1,4 +1,4 @@ -!["Greenlock Logo"](https://git.coolaj86.com/coolaj86/greenlock.js/raw/branch/master/logo/greenlock-1063x250.png) +![Greenlock Logo](https://git.coolaj86.com/coolaj86/greenlock.js/raw/branch/master/logo/greenlock-1063x250.png "Greenlock Logo") Greenlock™ for Express.js ================= From 44983420056bc7cb436ba3c38d41d71d4c646755 Mon Sep 17 00:00:00 2001 From: AJ ONeal Date: Mon, 14 May 2018 23:35:42 +0000 Subject: [PATCH 06/17] Add download count --- README.md | 4 ++++ 1 file changed, 4 insertions(+) diff --git a/README.md b/README.md index 5b46817..f681dcb 100644 --- a/README.md +++ b/README.md @@ -5,6 +5,10 @@ Greenlock™ for Express.js An easy-to-use ACME client for Free SSL and Automated HTTPS. +!["Lifetime Downloads"](https://img.shields.io/npm/dt/greenlock.svg "Lifetime Download Count (can't be shown)") +!["Monthly Downloads"](https://img.shields.io/npm/dm/greenlock.svg "Monthly Download Count (can't be shown)") +!["Weekly Downloads"](https://img.shields.io/npm/dw/greenlock.svg "Weekly Download Count (can't be shown)") + | Sponsored by [ppl](https://ppl.family) | [Greenlock™](https://git.coolaj86.com/coolaj86/greenlock.js) for [cli](https://git.coolaj86.com/coolaj86/greenlock-cli.js), From 462f0bfc2c140ac9823946216c0f3b8e9194b89c Mon Sep 17 00:00:00 2001 From: AJ ONeal Date: Mon, 14 May 2018 23:36:12 +0000 Subject: [PATCH 07/17] fix download count display --- README.md | 6 +++--- 1 file changed, 3 insertions(+), 3 deletions(-) diff --git a/README.md b/README.md index f681dcb..891157a 100644 --- a/README.md +++ b/README.md @@ -5,9 +5,9 @@ Greenlock™ for Express.js An easy-to-use ACME client for Free SSL and Automated HTTPS. -!["Lifetime Downloads"](https://img.shields.io/npm/dt/greenlock.svg "Lifetime Download Count (can't be shown)") -!["Monthly Downloads"](https://img.shields.io/npm/dm/greenlock.svg "Monthly Download Count (can't be shown)") -!["Weekly Downloads"](https://img.shields.io/npm/dw/greenlock.svg "Weekly Download Count (can't be shown)") +!["Lifetime Downloads"](https://img.shields.io/npm/dt/greenlock.svg "Lifetime Download Count can't be shown") +!["Monthly Downloads"](https://img.shields.io/npm/dm/greenlock.svg "Monthly Download Count can't be shown") +!["Weekly Downloads"](https://img.shields.io/npm/dw/greenlock.svg "Weekly Download Count can't be shown") | Sponsored by [ppl](https://ppl.family) | [Greenlock™](https://git.coolaj86.com/coolaj86/greenlock.js) for From a36cdd83c5c638dd0c42f035cb457ca2d425bc7b Mon Sep 17 00:00:00 2001 From: AJ ONeal Date: Mon, 14 May 2018 23:39:59 +0000 Subject: [PATCH 08/17] update style --- README.md | 12 +++++------- 1 file changed, 5 insertions(+), 7 deletions(-) diff --git a/README.md b/README.md index 891157a..acc2ef8 100644 --- a/README.md +++ b/README.md @@ -3,19 +3,17 @@ Greenlock™ for Express.js ================= -An easy-to-use ACME client for Free SSL and Automated HTTPS. +Easy-to-use ACME client for Free SSL and Automated HTTPS. !["Lifetime Downloads"](https://img.shields.io/npm/dt/greenlock.svg "Lifetime Download Count can't be shown") !["Monthly Downloads"](https://img.shields.io/npm/dm/greenlock.svg "Monthly Download Count can't be shown") !["Weekly Downloads"](https://img.shields.io/npm/dw/greenlock.svg "Weekly Download Count can't be shown") | Sponsored by [ppl](https://ppl.family) | -[Greenlock™](https://git.coolaj86.com/coolaj86/greenlock.js) for -[cli](https://git.coolaj86.com/coolaj86/greenlock-cli.js), -[cluster](https://git.coolaj86.com/coolaj86/greenlock-cluster.js), -**Express.js**, -[Koa](https://git.coolaj86.com/coolaj86/greenlock-koa.js), -[hapi](https://git.coolaj86.com/coolaj86/greenlock-hapi.js) +[Greenlock™](https://git.coolaj86.com/coolaj86/greenlock.js) is for +[Web Servers](https://git.coolaj86.com/coolaj86/greenlock-cli.js), +[Web Browsers](https://git.coolaj86.com/coolaj86/greenlock.html), +and **node.js middleware systems**. Features ======== From ff58ff6eb609ea0df262e88c322985f13db515b9 Mon Sep 17 00:00:00 2001 From: AJ ONeal Date: Mon, 14 May 2018 23:42:54 +0000 Subject: [PATCH 09/17] change slogan --- README.md | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/README.md b/README.md index acc2ef8..f908811 100644 --- a/README.md +++ b/README.md @@ -2,8 +2,8 @@ Greenlock™ for Express.js ================= - -Easy-to-use ACME client for Free SSL and Automated HTTPS. +Free SSL, Free Wildcard SSL, and Fully Automated HTTPS made dead simple
+certificates issued by Let's Encrypt v2 via [ACME](https://git.coolaj86.com/coolaj86/acme-v2.js) !["Lifetime Downloads"](https://img.shields.io/npm/dt/greenlock.svg "Lifetime Download Count can't be shown") !["Monthly Downloads"](https://img.shields.io/npm/dm/greenlock.svg "Monthly Download Count can't be shown") From 0b2637b8e7fb699206a5775b999176cc5de20c0c Mon Sep 17 00:00:00 2001 From: AJ ONeal Date: Tue, 15 May 2018 18:34:32 +0000 Subject: [PATCH 10/17] add http2 example --- examples/http2.js | 70 +++++++++++++++++++++++++++++++++++++++++++++++ 1 file changed, 70 insertions(+) create mode 100644 examples/http2.js diff --git a/examples/http2.js b/examples/http2.js new file mode 100644 index 0000000..2cc416f --- /dev/null +++ b/examples/http2.js @@ -0,0 +1,70 @@ +'use strict'; + +//var Greenlock = require('greenlock-express') +var Greenlock = require('../'); + +var greenlock = Greenlock.create({ + + // Let's Encrypt v2 is ACME draft 11 + version: 'draft-11' + + // You MUST change 'acme-staging-v02' to 'acme-v02' in production +, server: 'https://acme-staging-v02.api.letsencrypt.org/directory' + + // You MUST change this to a valid email address +, email: 'jon@example.com' + + // You MUST NOT build clients that accept the ToS without asking the user +, agreeTos: true + + // You MUST change these to valid domains + // NOTE: all domains will validated and listed on the certificate +, approveDomains: [ 'example.com', 'www.example.com' ] + + // You MUST have access to write to directory where certs are saved + // ex: /home/foouser/acme/etc +, configDir: require('path').join(require('os').homedir(), 'acme', 'etc') + + // Get notified of important updates and help me make greenlock better +, communityMember: true + +//, debug: true + +}); + + + +//////////////////////// +// http-01 Challenges // +//////////////////////// + +// http-01 challenge happens over http/1.1, not http2 +var redirectHttps = require('redirect-https')(); +var acmeChallengeHandler = greenlock.middleware(redirectHttps); +require('http').createServer(acmeChallengeHandler).listen(80, function () { + console.log("Listening for ACME http-01 challenges on", this.address()); +}); + + + +//////////////////////// +// node.js' http2 api // +//////////////////////// + +// http2 is a new API with which you would use hapi or koa, not express +var server = require('http2').createSecureServer(greenlock.tlsOptions); +server.on('error', function (err) { + console.error(err); +}); +server.on('stream', function (stream, headers) { + console.log(headers); + stream.respond({ + 'content-type': 'text/html' + , ':status': 200 + }); + stream.end('Hello, HTTP2 World!'); +}); +server.on('listening', function () { + console.log("Listening for http2 requests on", this.address()); +}); +server.listen(443); From 2d688f8551971e1982e5605f76c1314add084f7b Mon Sep 17 00:00:00 2001 From: AJ ONeal Date: Tue, 15 May 2018 18:37:25 +0000 Subject: [PATCH 11/17] require acme challenge middleware from https --- README.md | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/README.md b/README.md index f908811..1eb3089 100644 --- a/README.md +++ b/README.md @@ -320,7 +320,7 @@ app.use('/', function (req, res) { }); // handles your app -require('https').createServer(lex.httpsOptions, lex.middleware(app)).listen(443, function () { +require('https').createServer(lex.httpsOptions, app).listen(443, function () { console.log("Listening for ACME tls-sni-01 challenges and serve app on", this.address()); }); ``` From e976a410bf8de36e2b7034873f2f2740a590efac Mon Sep 17 00:00:00 2001 From: AJ ONeal Date: Wed, 16 May 2018 01:13:58 +0000 Subject: [PATCH 12/17] add SO question count --- README.md | 1 + 1 file changed, 1 insertion(+) diff --git a/README.md b/README.md index 1eb3089..6b8e9a1 100644 --- a/README.md +++ b/README.md @@ -8,6 +8,7 @@ Free SSL, Free Wildcard SSL, and Fully Automated HTTPS made dead simple
!["Lifetime Downloads"](https://img.shields.io/npm/dt/greenlock.svg "Lifetime Download Count can't be shown") !["Monthly Downloads"](https://img.shields.io/npm/dm/greenlock.svg "Monthly Download Count can't be shown") !["Weekly Downloads"](https://img.shields.io/npm/dw/greenlock.svg "Weekly Download Count can't be shown") +!["Stackoverflow Questions"](https://img.shields.io/stackexchange/stackoverflow/t/greenlock.svg "S.O. Question count can't be shown") | Sponsored by [ppl](https://ppl.family) | [Greenlock™](https://git.coolaj86.com/coolaj86/greenlock.js) is for From 3ea55fca5ba5c72dc37fb81b2f4087f72250bce3 Mon Sep 17 00:00:00 2001 From: AJ ONeal Date: Wed, 16 May 2018 20:56:52 +0000 Subject: [PATCH 13/17] add visual example --- README.md | 2 ++ 1 file changed, 2 insertions(+) diff --git a/README.md b/README.md index 6b8e9a1..e70af03 100644 --- a/README.md +++ b/README.md @@ -1,5 +1,7 @@ ![Greenlock Logo](https://git.coolaj86.com/coolaj86/greenlock.js/raw/branch/master/logo/greenlock-1063x250.png "Greenlock Logo") +!["Greenlock Function"](https://git.coolaj86.com/coolaj86/greenlock.js/raw/branch/master/logo/from-not-secure-to-secure-url-bar.png "from url bar showing not secure to url bar showing secure") + Greenlock™ for Express.js ================= Free SSL, Free Wildcard SSL, and Fully Automated HTTPS made dead simple
From b5c47c8d7c271165cde0acee1ad35476ff17cbb6 Mon Sep 17 00:00:00 2001 From: AJ ONeal Date: Thu, 17 May 2018 19:38:11 +0000 Subject: [PATCH 14/17] add example for http2 via SPDY h2 --- examples/spdy.js | 69 ++++++++++++++++++++++++++++++++++++++++++++++++ 1 file changed, 69 insertions(+) create mode 100644 examples/spdy.js diff --git a/examples/spdy.js b/examples/spdy.js new file mode 100644 index 0000000..e289817 --- /dev/null +++ b/examples/spdy.js @@ -0,0 +1,69 @@ +'use strict'; + +// npm install spdy@3.x + +//var Greenlock = require('greenlock-express') +var Greenlock = require('../'); + +var greenlock = Greenlock.create({ + + // Let's Encrypt v2 is ACME draft 11 + version: 'draft-11' + + // You MUST change 'acme-staging-v02' to 'acme-v02' in production +, server: 'https://acme-staging-v02.api.letsencrypt.org/directory' + + // You MUST change this to a valid email address +, email: 'jon@example.com' + + // You MUST NOT build clients that accept the ToS without asking the user +, agreeTos: true + + // You MUST change these to valid domains + // NOTE: all domains will validated and listed on the certificate +, approveDomains: [ 'example.com', 'www.example.com' ] + + // You MUST have access to write to directory where certs are saved + // ex: /home/foouser/acme/etc +, configDir: require('path').join(require('os').homedir(), 'acme', 'etc') + + // Get notified of important updates and help me make greenlock better +, communityMember: true + +//, debug: true + +}); + + + +//////////////////////// +// http-01 Challenges // +//////////////////////// + +// http-01 challenge happens over http/1.1, not http2 +var redirectHttps = require('redirect-https')(); +var acmeChallengeHandler = greenlock.middleware(redirectHttps); +require('http').createServer(acmeChallengeHandler).listen(80, function () { + console.log("Listening for ACME http-01 challenges on", this.address()); +}); + + + +//////////////////////// +// http2 via SPDY h2 // +//////////////////////// + +// spdy is a drop-in replacement for the https API +var spdyOptions = Object.assign({}, greenlock.tlsOptions); +spdyOptions.spdy = { protocols: [ 'h2', 'http/1.1' ], plain: false }; +var server = require('spdy').createServer(spdyOptions, require('express')().use('/', function (req, res) { + res.setHeader('Content-Type', 'text/html; charset=utf-8'); + res.end('Hello, SPDY World!\n\nšŸ’š šŸ”’.js'); +})); +server.on('error', function (err) { + console.error(err); +}); +server.on('listening', function () { + console.log("Listening for SPDY/http2/https requests on", this.address()); +}); +server.listen(443); From ef78971ba555e96d2f09bca2aa48fa67b7835d07 Mon Sep 17 00:00:00 2001 From: AJ ONeal Date: Thu, 17 May 2018 19:38:54 +0000 Subject: [PATCH 15/17] add spdy as optional --- package.json | 5 ++++- 1 file changed, 4 insertions(+), 1 deletion(-) diff --git a/package.json b/package.json index 5ea741b..19aa071 100644 --- a/package.json +++ b/package.json @@ -11,9 +11,12 @@ "greenlock": "^2.2.8", "le-challenge-fs": "^2.0.8", "le-sni-auto": "^2.1.4", - "le-store-certbot": "^2.0.5", + "le-store-certbot": "^2.1.0", "redirect-https": "^1.1.5" }, + "optionalDependencies": { + "spdy": "^3.4.7" + }, "devDependencies": { "express": "^4.16.3", "express-basic-auth": "^1.1.5", From caf804cc41c1ff2dc75d2ce34be0ba5532e9afa5 Mon Sep 17 00:00:00 2001 From: AJ ONeal Date: Fri, 18 May 2018 07:46:45 +0000 Subject: [PATCH 16/17] bettor error handling in greenlock and acme --- package.json | 3 ++- 1 file changed, 2 insertions(+), 1 deletion(-) diff --git a/package.json b/package.json index 19aa071..d738447 100644 --- a/package.json +++ b/package.json @@ -8,7 +8,8 @@ "example": "examples" }, "dependencies": { - "greenlock": "^2.2.8", + "acme-v2": "^1.0.7", + "greenlock": "^2.2.16", "le-challenge-fs": "^2.0.8", "le-sni-auto": "^2.1.4", "le-store-certbot": "^2.1.0", From 4e9db5781a58e6d16ffccee11001385ac6f6601d Mon Sep 17 00:00:00 2001 From: AJ ONeal Date: Sat, 19 May 2018 23:27:30 +0000 Subject: [PATCH 17/17] add demo --- examples/demo.js | 74 ++++++++++++++++++++++++++++++++++++++++++++++++ 1 file changed, 74 insertions(+) create mode 100644 examples/demo.js diff --git a/examples/demo.js b/examples/demo.js new file mode 100644 index 0000000..fc9b2ba --- /dev/null +++ b/examples/demo.js @@ -0,0 +1,74 @@ +'use strict'; + +// npm install spdy@3.x + +//var Greenlock = require('greenlock-express') +var Greenlock = require('../'); + +var greenlock = Greenlock.create({ + + // Let's Encrypt v2 is ACME draft 11 + version: 'draft-11' + + // You MUST change 'acme-staging-v02' to 'acme-v02' in production +, server: 'https://acme-v02.api.letsencrypt.org/directory' + + // You MUST change this to a valid email address +, email: 'jon@example.com' + + // You MUST NOT build clients that accept the ToS without asking the user +, agreeTos: true + + // You MUST change these to valid domains + // NOTE: all domains will validated and listed on the certificate +, approveDomains: [ 'example.com', 'www.example.com' ] + + // You MUST have access to write to directory where certs are saved + // ex: /home/foouser/acme/etc +, configDir: require('path').join(require('os').homedir(), 'acme', 'etc') + + // Get notified of important updates and help me make greenlock better +, communityMember: true + +//, debug: true + +}); + + + +//////////////////////// +// http-01 Challenges // +//////////////////////// + +// http-01 challenge happens over http/1.1, not http2 +var redirectHttps = require('redirect-https')(); +var acmeChallengeHandler = greenlock.middleware(function (req, res) { + res.setHeader('Content-Type', 'text/html; charset=utf-8'); + res.end('

Hello, āš ļø Insecure World!

Visit Secure Site' + + '' + ); +}); +require('http').createServer(acmeChallengeHandler).listen(80, function () { + console.log("Listening for ACME http-01 challenges on", this.address()); +}); + + + +//////////////////////// +// http2 via SPDY h2 // +//////////////////////// + +// spdy is a drop-in replacement for the https API +var spdyOptions = Object.assign({}, greenlock.tlsOptions); +spdyOptions.spdy = { protocols: [ 'h2', 'http/1.1' ], plain: false }; +var server = require('spdy').createServer(spdyOptions, require('express')().use('/', function (req, res) { + res.setHeader('Content-Type', 'text/html; charset=utf-8'); + res.end('

Hello, šŸ” Secure World!

'); +})); +server.on('error', function (err) { + console.error(err); +}); +server.on('listening', function () { + console.log("Listening for SPDY/http2/https requests on", this.address()); +}); +server.listen(443);