Merge branch 'master' of ssh://git.coolaj86.com:22042/coolaj86/greenlock-express.js

This commit is contained in:
AJ ONeal 2018-05-19 17:54:16 -06:00
commit 4744f4050e
5 changed files with 234 additions and 10 deletions

View File

@ -1,15 +1,22 @@
![Greenlock Logo](https://git.coolaj86.com/coolaj86/greenlock.js/raw/branch/master/logo/greenlock-1063x250.png "Greenlock Logo")
!["Greenlock Function"](https://git.coolaj86.com/coolaj86/greenlock.js/raw/branch/master/logo/from-not-secure-to-secure-url-bar.png "from url bar showing not secure to url bar showing secure")
Greenlock™ for Express.js Greenlock™ for Express.js
================= =================
Free SSL, Free Wildcard SSL, and Fully Automated HTTPS made dead simple<br>
<small>certificates issued by Let's Encrypt v2 via [ACME](https://git.coolaj86.com/coolaj86/acme-v2.js)</small>
An easy-to-use ACME client for Free SSL and Automated HTTPS. !["Lifetime Downloads"](https://img.shields.io/npm/dt/greenlock.svg "Lifetime Download Count can't be shown")
!["Monthly Downloads"](https://img.shields.io/npm/dm/greenlock.svg "Monthly Download Count can't be shown")
!["Weekly Downloads"](https://img.shields.io/npm/dw/greenlock.svg "Weekly Download Count can't be shown")
!["Stackoverflow Questions"](https://img.shields.io/stackexchange/stackoverflow/t/greenlock.svg "S.O. Question count can't be shown")
| Sponsored by [ppl](https://ppl.family) | | Sponsored by [ppl](https://ppl.family) |
[Greenlock&trade;](https://git.coolaj86.com/coolaj86/greenlock.js) for [Greenlock&trade;](https://git.coolaj86.com/coolaj86/greenlock.js) is for
[cli](https://git.coolaj86.com/coolaj86/greenlock-cli.js), [Web Servers](https://git.coolaj86.com/coolaj86/greenlock-cli.js),
[cluster](https://git.coolaj86.com/coolaj86/greenlock-cluster.js), [Web Browsers](https://git.coolaj86.com/coolaj86/greenlock.html),
**Express.js**, and **node.js middleware systems**.
[Koa](https://git.coolaj86.com/coolaj86/greenlock-koa.js),
[hapi](https://git.coolaj86.com/coolaj86/greenlock-hapi.js)
Features Features
======== ========
@ -327,7 +334,7 @@ app.use('/', function (req, res) {
}); });
// handles your app // handles your app
require('https').createServer(lex.httpsOptions, lex.middleware(app)).listen(443, function () { require('https').createServer(lex.httpsOptions, app).listen(443, function () {
console.log("Listening for ACME tls-sni-01 challenges and serve app on", this.address()); console.log("Listening for ACME tls-sni-01 challenges and serve app on", this.address());
}); });
``` ```

74
examples/demo.js Normal file
View File

@ -0,0 +1,74 @@
'use strict';
// npm install spdy@3.x
//var Greenlock = require('greenlock-express')
var Greenlock = require('../');
var greenlock = Greenlock.create({
// Let's Encrypt v2 is ACME draft 11
version: 'draft-11'
// You MUST change 'acme-staging-v02' to 'acme-v02' in production
, server: 'https://acme-v02.api.letsencrypt.org/directory'
// You MUST change this to a valid email address
, email: 'jon@example.com'
// You MUST NOT build clients that accept the ToS without asking the user
, agreeTos: true
// You MUST change these to valid domains
// NOTE: all domains will validated and listed on the certificate
, approveDomains: [ 'example.com', 'www.example.com' ]
// You MUST have access to write to directory where certs are saved
// ex: /home/foouser/acme/etc
, configDir: require('path').join(require('os').homedir(), 'acme', 'etc')
// Get notified of important updates and help me make greenlock better
, communityMember: true
//, debug: true
});
////////////////////////
// http-01 Challenges //
////////////////////////
// http-01 challenge happens over http/1.1, not http2
var redirectHttps = require('redirect-https')();
var acmeChallengeHandler = greenlock.middleware(function (req, res) {
res.setHeader('Content-Type', 'text/html; charset=utf-8');
res.end('<h1>Hello, ⚠️ Insecure World!</h1><a>Visit Secure Site</a>'
+ '<script>document.querySelector("a").href=window.location.href.replace(/^http/i, "https");</script>'
);
});
require('http').createServer(acmeChallengeHandler).listen(80, function () {
console.log("Listening for ACME http-01 challenges on", this.address());
});
////////////////////////
// http2 via SPDY h2 //
////////////////////////
// spdy is a drop-in replacement for the https API
var spdyOptions = Object.assign({}, greenlock.tlsOptions);
spdyOptions.spdy = { protocols: [ 'h2', 'http/1.1' ], plain: false };
var server = require('spdy').createServer(spdyOptions, require('express')().use('/', function (req, res) {
res.setHeader('Content-Type', 'text/html; charset=utf-8');
res.end('<h1>Hello, 🔐 Secure World!</h1>');
}));
server.on('error', function (err) {
console.error(err);
});
server.on('listening', function () {
console.log("Listening for SPDY/http2/https requests on", this.address());
});
server.listen(443);

70
examples/http2.js Normal file
View File

@ -0,0 +1,70 @@
'use strict';
//var Greenlock = require('greenlock-express')
var Greenlock = require('../');
var greenlock = Greenlock.create({
// Let's Encrypt v2 is ACME draft 11
version: 'draft-11'
// You MUST change 'acme-staging-v02' to 'acme-v02' in production
, server: 'https://acme-staging-v02.api.letsencrypt.org/directory'
// You MUST change this to a valid email address
, email: 'jon@example.com'
// You MUST NOT build clients that accept the ToS without asking the user
, agreeTos: true
// You MUST change these to valid domains
// NOTE: all domains will validated and listed on the certificate
, approveDomains: [ 'example.com', 'www.example.com' ]
// You MUST have access to write to directory where certs are saved
// ex: /home/foouser/acme/etc
, configDir: require('path').join(require('os').homedir(), 'acme', 'etc')
// Get notified of important updates and help me make greenlock better
, communityMember: true
//, debug: true
});
////////////////////////
// http-01 Challenges //
////////////////////////
// http-01 challenge happens over http/1.1, not http2
var redirectHttps = require('redirect-https')();
var acmeChallengeHandler = greenlock.middleware(redirectHttps);
require('http').createServer(acmeChallengeHandler).listen(80, function () {
console.log("Listening for ACME http-01 challenges on", this.address());
});
////////////////////////
// node.js' http2 api //
////////////////////////
// http2 is a new API with which you would use hapi or koa, not express
var server = require('http2').createSecureServer(greenlock.tlsOptions);
server.on('error', function (err) {
console.error(err);
});
server.on('stream', function (stream, headers) {
console.log(headers);
stream.respond({
'content-type': 'text/html'
, ':status': 200
});
stream.end('Hello, HTTP2 World!');
});
server.on('listening', function () {
console.log("Listening for http2 requests on", this.address());
});
server.listen(443);

69
examples/spdy.js Normal file
View File

@ -0,0 +1,69 @@
'use strict';
// npm install spdy@3.x
//var Greenlock = require('greenlock-express')
var Greenlock = require('../');
var greenlock = Greenlock.create({
// Let's Encrypt v2 is ACME draft 11
version: 'draft-11'
// You MUST change 'acme-staging-v02' to 'acme-v02' in production
, server: 'https://acme-staging-v02.api.letsencrypt.org/directory'
// You MUST change this to a valid email address
, email: 'jon@example.com'
// You MUST NOT build clients that accept the ToS without asking the user
, agreeTos: true
// You MUST change these to valid domains
// NOTE: all domains will validated and listed on the certificate
, approveDomains: [ 'example.com', 'www.example.com' ]
// You MUST have access to write to directory where certs are saved
// ex: /home/foouser/acme/etc
, configDir: require('path').join(require('os').homedir(), 'acme', 'etc')
// Get notified of important updates and help me make greenlock better
, communityMember: true
//, debug: true
});
////////////////////////
// http-01 Challenges //
////////////////////////
// http-01 challenge happens over http/1.1, not http2
var redirectHttps = require('redirect-https')();
var acmeChallengeHandler = greenlock.middleware(redirectHttps);
require('http').createServer(acmeChallengeHandler).listen(80, function () {
console.log("Listening for ACME http-01 challenges on", this.address());
});
////////////////////////
// http2 via SPDY h2 //
////////////////////////
// spdy is a drop-in replacement for the https API
var spdyOptions = Object.assign({}, greenlock.tlsOptions);
spdyOptions.spdy = { protocols: [ 'h2', 'http/1.1' ], plain: false };
var server = require('spdy').createServer(spdyOptions, require('express')().use('/', function (req, res) {
res.setHeader('Content-Type', 'text/html; charset=utf-8');
res.end('Hello, SPDY World!\n\n💚 🔒.js');
}));
server.on('error', function (err) {
console.error(err);
});
server.on('listening', function () {
console.log("Listening for SPDY/http2/https requests on", this.address());
});
server.listen(443);

View File

@ -8,12 +8,16 @@
"example": "examples" "example": "examples"
}, },
"dependencies": { "dependencies": {
"greenlock": "^2.2.8", "acme-v2": "^1.0.7",
"greenlock": "^2.2.16",
"le-challenge-fs": "^2.0.8", "le-challenge-fs": "^2.0.8",
"le-sni-auto": "^2.1.4", "le-sni-auto": "^2.1.4",
"le-store-certbot": "^2.0.5", "le-store-certbot": "^2.1.0",
"redirect-https": "^1.1.5" "redirect-https": "^1.1.5"
}, },
"optionalDependencies": {
"spdy": "^3.4.7"
},
"devDependencies": { "devDependencies": {
"express": "^4.16.3", "express": "^4.16.3",
"express-basic-auth": "^1.1.5", "express-basic-auth": "^1.1.5",