whitespace
This commit is contained in:
parent
b80537f07b
commit
61fb942dda
|
@ -1,7 +1,7 @@
|
|||
{
|
||||
"bracketSpacing": true,
|
||||
"printWidth": 120,
|
||||
"tabWidth": 2,
|
||||
"tabWidth": 4,
|
||||
"trailingComma": "none",
|
||||
"useTabs": true
|
||||
"useTabs": false
|
||||
}
|
||||
|
|
182
README.md
182
README.md
|
@ -22,26 +22,26 @@ Greenlock Express is a **Web Server** with **Fully Automated HTTPS** and renewal
|
|||
"use strict";
|
||||
|
||||
function httpsWorker(glx) {
|
||||
// Serves on 80 and 443
|
||||
// Get's SSL certificates magically!
|
||||
// Serves on 80 and 443
|
||||
// Get's SSL certificates magically!
|
||||
|
||||
glx.serveApp(function(req, res) {
|
||||
res.end("Hello, Encrypted World!");
|
||||
});
|
||||
glx.serveApp(function(req, res) {
|
||||
res.end("Hello, Encrypted World!");
|
||||
});
|
||||
}
|
||||
|
||||
var pkg = require("./package.json");
|
||||
require("greenlock-express")
|
||||
.init(function getConfig() {
|
||||
// Greenlock Config
|
||||
.init(function getConfig() {
|
||||
// Greenlock Config
|
||||
|
||||
return {
|
||||
package: { name: pkg.name, version: pkg.version },
|
||||
maintainerEmail: pkg.author,
|
||||
cluster: false
|
||||
};
|
||||
})
|
||||
.serve(httpsWorker);
|
||||
return {
|
||||
package: { name: pkg.name, version: pkg.version },
|
||||
maintainerEmail: pkg.author,
|
||||
cluster: false
|
||||
};
|
||||
})
|
||||
.serve(httpsWorker);
|
||||
```
|
||||
|
||||
Manage via API or the config file:
|
||||
|
@ -50,44 +50,44 @@ Manage via API or the config file:
|
|||
|
||||
```json
|
||||
{
|
||||
"subscriberEmail": "letsencrypt-test@therootcompany.com",
|
||||
"agreeToTerms": true,
|
||||
"sites": {
|
||||
"example.com": {
|
||||
"subject": "example.com",
|
||||
"altnames": ["example.com", "www.example.com"]
|
||||
}
|
||||
}
|
||||
"subscriberEmail": "letsencrypt-test@therootcompany.com",
|
||||
"agreeToTerms": true,
|
||||
"sites": {
|
||||
"example.com": {
|
||||
"subject": "example.com",
|
||||
"altnames": ["example.com", "www.example.com"]
|
||||
}
|
||||
}
|
||||
}
|
||||
```
|
||||
|
||||
# Let's Encrypt for...
|
||||
|
||||
- IoT
|
||||
- Enterprise On-Prem
|
||||
- Local Development
|
||||
- Home Servers
|
||||
- Quitting Heroku
|
||||
- IoT
|
||||
- Enterprise On-Prem
|
||||
- Local Development
|
||||
- Home Servers
|
||||
- Quitting Heroku
|
||||
|
||||
# Features
|
||||
|
||||
- [x] Let's Encrypt v2 (November 2019)
|
||||
- [x] ACME Protocol (RFC 8555)
|
||||
- [x] HTTP Validation (HTTP-01)
|
||||
- [x] DNS Validation (DNS-01)
|
||||
- [ ] ALPN Validation (TLS-ALPN-01)
|
||||
- Need ALPN validation? [contact us](mailto:greenlock-support@therootcompany.com)
|
||||
- [x] Automated HTTPS
|
||||
- [x] Fully Automatic Renewals every 45 days
|
||||
- [x] Free SSL
|
||||
- [x] **Wildcard** SSL
|
||||
- [x] **Localhost** certificates
|
||||
- [x] HTTPS-enabled Secure **WebSockets** (`wss://`)
|
||||
- [x] Fully customizable
|
||||
- [x] **Reasonable defaults**
|
||||
- [x] Domain Management
|
||||
- [x] Key and Certificate Management
|
||||
- [x] ACME Challenge Plugins
|
||||
- [x] Let's Encrypt v2 (November 2019)
|
||||
- [x] ACME Protocol (RFC 8555)
|
||||
- [x] HTTP Validation (HTTP-01)
|
||||
- [x] DNS Validation (DNS-01)
|
||||
- [ ] ALPN Validation (TLS-ALPN-01)
|
||||
- Need ALPN validation? [contact us](mailto:greenlock-support@therootcompany.com)
|
||||
- [x] Automated HTTPS
|
||||
- [x] Fully Automatic Renewals every 45 days
|
||||
- [x] Free SSL
|
||||
- [x] **Wildcard** SSL
|
||||
- [x] **Localhost** certificates
|
||||
- [x] HTTPS-enabled Secure **WebSockets** (`wss://`)
|
||||
- [x] Fully customizable
|
||||
- [x] **Reasonable defaults**
|
||||
- [x] Domain Management
|
||||
- [x] Key and Certificate Management
|
||||
- [x] ACME Challenge Plugins
|
||||
|
||||
# QuickStart Guide
|
||||
|
||||
|
@ -127,7 +127,7 @@ works with everything.
|
|||
// A plain, node-style app
|
||||
|
||||
function myPlainNodeHttpApp(req, res) {
|
||||
res.end("Hello, Encrypted World!");
|
||||
res.end("Hello, Encrypted World!");
|
||||
}
|
||||
|
||||
// Wrap that plain app in express,
|
||||
|
@ -152,9 +152,9 @@ module.exports = app;
|
|||
|
||||
Greenlock Express is designed with these goals in mind:
|
||||
|
||||
- Simplicity and ease-of-use
|
||||
- Performance and scalability
|
||||
- Configurability and control
|
||||
- Simplicity and ease-of-use
|
||||
- Performance and scalability
|
||||
- Configurability and control
|
||||
|
||||
You can start with **near-zero configuration** and
|
||||
slowly add options for greater performance and customization
|
||||
|
@ -164,21 +164,21 @@ later, if you need them.
|
|||
|
||||
```js
|
||||
require("greenlock-express")
|
||||
.init(getConfig)
|
||||
.serve(worker);
|
||||
.init(getConfig)
|
||||
.serve(worker);
|
||||
|
||||
function getConfig() {
|
||||
return {
|
||||
// uses name and version as part of the ACME client user-agent
|
||||
// uses author as the contact for support notices
|
||||
package: require("./package.json")
|
||||
};
|
||||
return {
|
||||
// uses name and version as part of the ACME client user-agent
|
||||
// uses author as the contact for support notices
|
||||
package: require("./package.json")
|
||||
};
|
||||
}
|
||||
|
||||
function worker(server) {
|
||||
// Works with any Node app (Express, etc)
|
||||
var app = require("my-express-app.js");
|
||||
server.serveApp(app);
|
||||
// Works with any Node app (Express, etc)
|
||||
var app = require("my-express-app.js");
|
||||
server.serveApp(app);
|
||||
}
|
||||
```
|
||||
|
||||
|
@ -222,14 +222,14 @@ This will update the config file (assuming the default fs-based management plugi
|
|||
|
||||
```json
|
||||
{
|
||||
"subscriberEmail": "letsencrypt-test@therootcompany.com",
|
||||
"agreeToTerms": true,
|
||||
"sites": {
|
||||
"example.com": {
|
||||
"subject": "example.com",
|
||||
"altnames": ["example.com", "www.example.com"]
|
||||
}
|
||||
}
|
||||
"subscriberEmail": "letsencrypt-test@therootcompany.com",
|
||||
"agreeToTerms": true,
|
||||
"sites": {
|
||||
"example.com": {
|
||||
"subject": "example.com",
|
||||
"altnames": ["example.com", "www.example.com"]
|
||||
}
|
||||
}
|
||||
}
|
||||
```
|
||||
|
||||
|
@ -269,10 +269,10 @@ npx greenlock add --subject example.com --altnames example.com,www.example.com
|
|||
Note: **Localhost**, **Wildcard**, and Certificates for Private Networks require
|
||||
[**DNS validation**](https://git.rootprojects.org/root/greenlock-exp).
|
||||
|
||||
- DNS Validation
|
||||
- [**Wildcards**](https://git.rootprojects.org/root/greenlock-express.js/src/branch/master/examples/wildcards/) (coming soon)
|
||||
- [**Localhost**](https://git.rootprojects.org/root/greenlock-express.js/src/branch/master/examples/localhost/) (coming soon)
|
||||
- [**CI/CD**](https://git.rootprojects.org/root/greenlock-express.js/src/branch/master/examples/ci-cd/) (coming soon)
|
||||
- DNS Validation
|
||||
- [**Wildcards**](https://git.rootprojects.org/root/greenlock-express.js/src/branch/master/examples/wildcards/) (coming soon)
|
||||
- [**Localhost**](https://git.rootprojects.org/root/greenlock-express.js/src/branch/master/examples/localhost/) (coming soon)
|
||||
- [**CI/CD**](https://git.rootprojects.org/root/greenlock-express.js/src/branch/master/examples/ci-cd/) (coming soon)
|
||||
|
||||
</details>
|
||||
|
||||
|
@ -280,17 +280,17 @@ Note: **Localhost**, **Wildcard**, and Certificates for Private Networks require
|
|||
|
||||
**These are in-progress** Check back tomorrow (Nov 2nd, 2019).
|
||||
|
||||
- [greenlock-express.js/examples/](https://git.rootprojects.org/root/greenlock-express.js/src/branch/master/examples)
|
||||
- [Express](https://git.rootprojects.org/root/greenlock-express.js/src/branch/master/examples/express/)
|
||||
- [Node's **http2**](https://git.rootprojects.org/root/greenlock-express.js/src/branch/master/examples/http2/)
|
||||
- [Node's https](https://git.rootprojects.org/root/greenlock-express.js/src/branch/master/examples/https/)
|
||||
- [**WebSockets**](https://git.rootprojects.org/root/greenlock-express.js/src/branch/master/examples/websockets/)
|
||||
- [Socket.IO](https://git.rootprojects.org/root/greenlock-express.js/src/branch/master/examples/socket-io/)
|
||||
- [Cluster](https://git.rootprojects.org/root/greenlock-express.js/src/branch/master/examples/cluster/)
|
||||
- [**Wildcards**](https://git.rootprojects.org/root/greenlock-express.js/src/branch/master/examples/wildcards/) (coming soon)
|
||||
- [**Localhost**](https://git.rootprojects.org/root/greenlock-express.js/src/branch/master/examples/localhost/) (coming soon)
|
||||
- [**CI/CD**](https://git.rootprojects.org/root/greenlock-express.js/src/branch/master/examples/ci-cd/) (coming soon)
|
||||
- [HTTP Proxy](https://git.rootprojects.org/root/greenlock-express.js/src/branch/master/examples/http-proxy/)
|
||||
- [greenlock-express.js/examples/](https://git.rootprojects.org/root/greenlock-express.js/src/branch/master/examples)
|
||||
- [Express](https://git.rootprojects.org/root/greenlock-express.js/src/branch/master/examples/express/)
|
||||
- [Node's **http2**](https://git.rootprojects.org/root/greenlock-express.js/src/branch/master/examples/http2/)
|
||||
- [Node's https](https://git.rootprojects.org/root/greenlock-express.js/src/branch/master/examples/https/)
|
||||
- [**WebSockets**](https://git.rootprojects.org/root/greenlock-express.js/src/branch/master/examples/websockets/)
|
||||
- [Socket.IO](https://git.rootprojects.org/root/greenlock-express.js/src/branch/master/examples/socket-io/)
|
||||
- [Cluster](https://git.rootprojects.org/root/greenlock-express.js/src/branch/master/examples/cluster/)
|
||||
- [**Wildcards**](https://git.rootprojects.org/root/greenlock-express.js/src/branch/master/examples/wildcards/) (coming soon)
|
||||
- [**Localhost**](https://git.rootprojects.org/root/greenlock-express.js/src/branch/master/examples/localhost/) (coming soon)
|
||||
- [**CI/CD**](https://git.rootprojects.org/root/greenlock-express.js/src/branch/master/examples/ci-cd/) (coming soon)
|
||||
- [HTTP Proxy](https://git.rootprojects.org/root/greenlock-express.js/src/branch/master/examples/http-proxy/)
|
||||
|
||||
# Easy to Customize
|
||||
|
||||
|
@ -300,10 +300,10 @@ Note: **Localhost**, **Wildcard**, and Certificates for Private Networks require
|
|||
- [greenlock.js/examples/](https://git.rootprojects.org/root/greenlock.js/src/branch/master/examples)
|
||||
-->
|
||||
|
||||
- [Custom Domain Management](https://git.rootprojects.org/root/greenlock-manager-test.js)
|
||||
- [Custom Key & Cert Storage](https://git.rootprojects.org/root/greenlock-store-test.js)
|
||||
- [Custom ACME HTTP-01 Challenges](https://git.rootprojects.org/root/acme-http-01-test.js)
|
||||
- [Custom ACME DNS-01 Challenges](https://git.rootprojects.org/root/acme-dns-01-test.js)
|
||||
- [Custom Domain Management](https://git.rootprojects.org/root/greenlock-manager-test.js)
|
||||
- [Custom Key & Cert Storage](https://git.rootprojects.org/root/greenlock-store-test.js)
|
||||
- [Custom ACME HTTP-01 Challenges](https://git.rootprojects.org/root/acme-http-01-test.js)
|
||||
- [Custom ACME DNS-01 Challenges](https://git.rootprojects.org/root/acme-dns-01-test.js)
|
||||
|
||||
# Ready-made Integrations
|
||||
|
||||
|
@ -345,12 +345,12 @@ We're working on more comprehensive documentation for this newly released versio
|
|||
|
||||
Do you need...
|
||||
|
||||
- training?
|
||||
- specific features?
|
||||
- different integrations?
|
||||
- bugfixes, on _your_ timeline?
|
||||
- custom code, built by experts?
|
||||
- commercial support and licensing?
|
||||
- training?
|
||||
- specific features?
|
||||
- different integrations?
|
||||
- bugfixes, on _your_ timeline?
|
||||
- custom code, built by experts?
|
||||
- commercial support and licensing?
|
||||
|
||||
You're welcome to [contact us](mailto:aj@therootcompany.com) in regards to IoT, On-Prem,
|
||||
Enterprise, and Internal installations, integrations, and deployments.
|
||||
|
|
28
config.js
28
config.js
|
@ -2,19 +2,19 @@
|
|||
|
||||
var path = require("path");
|
||||
module.exports = {
|
||||
email: "jon.doe@example.com",
|
||||
configDir: path.join(__dirname, "acme"),
|
||||
srv: "/srv/www/",
|
||||
api: "/srv/api/",
|
||||
proxy: {
|
||||
"example.com": "http://localhost:4080",
|
||||
"*.example.com": "http://localhost:4080"
|
||||
},
|
||||
email: "jon.doe@example.com",
|
||||
configDir: path.join(__dirname, "acme"),
|
||||
srv: "/srv/www/",
|
||||
api: "/srv/api/",
|
||||
proxy: {
|
||||
"example.com": "http://localhost:4080",
|
||||
"*.example.com": "http://localhost:4080"
|
||||
},
|
||||
|
||||
// DNS-01 challenges only
|
||||
challenges: {
|
||||
"*.example.com": require("acme-dns-01-YOUR_DNS_HOST").create({
|
||||
token: "xxxx"
|
||||
})
|
||||
}
|
||||
// DNS-01 challenges only
|
||||
challenges: {
|
||||
"*.example.com": require("acme-dns-01-YOUR_DNS_HOST").create({
|
||||
token: "xxxx"
|
||||
})
|
||||
}
|
||||
};
|
||||
|
|
48
demo.js
48
demo.js
|
@ -1,35 +1,35 @@
|
|||
"use strict";
|
||||
|
||||
require("./")
|
||||
.init(initialize)
|
||||
.serve(worker)
|
||||
.master(function() {
|
||||
console.log("Hello from master");
|
||||
});
|
||||
.init(initialize)
|
||||
.serve(worker)
|
||||
.master(function() {
|
||||
console.log("Hello from master");
|
||||
});
|
||||
|
||||
function initialize() {
|
||||
var pkg = require("./package.json");
|
||||
var config = {
|
||||
package: {
|
||||
name: "Greenlock_Express_Demo",
|
||||
version: pkg.version,
|
||||
author: pkg.author
|
||||
},
|
||||
staging: true,
|
||||
cluster: true,
|
||||
var pkg = require("./package.json");
|
||||
var config = {
|
||||
package: {
|
||||
name: "Greenlock_Express_Demo",
|
||||
version: pkg.version,
|
||||
author: pkg.author
|
||||
},
|
||||
staging: true,
|
||||
cluster: true,
|
||||
|
||||
notify: function(ev, params) {
|
||||
console.info(ev, params);
|
||||
}
|
||||
};
|
||||
return config;
|
||||
notify: function(ev, params) {
|
||||
console.info(ev, params);
|
||||
}
|
||||
};
|
||||
return config;
|
||||
}
|
||||
|
||||
function worker(glx) {
|
||||
console.info();
|
||||
console.info("Hello from worker #" + glx.id());
|
||||
console.info();
|
||||
console.info("Hello from worker #" + glx.id());
|
||||
|
||||
glx.serveApp(function(req, res) {
|
||||
res.end("Hello, Encrypted World!");
|
||||
});
|
||||
glx.serveApp(function(req, res) {
|
||||
res.end("Hello, Encrypted World!");
|
||||
});
|
||||
}
|
||||
|
|
|
@ -3,37 +3,37 @@
|
|||
var pkg = require("../../package.json");
|
||||
//require("greenlock-express")
|
||||
require("../../")
|
||||
.init(function getConfig() {
|
||||
// Greenlock Config
|
||||
.init(function getConfig() {
|
||||
// Greenlock Config
|
||||
|
||||
return {
|
||||
package: { name: "websocket-example", version: pkg.version },
|
||||
maintainerEmail: "jon@example.com",
|
||||
return {
|
||||
package: { name: "websocket-example", version: pkg.version },
|
||||
maintainerEmail: "jon@example.com",
|
||||
|
||||
// When you're ready to go full cloud scale, you just change this to true:
|
||||
// Note: in cluster you CANNOT use in-memory state (see below)
|
||||
cluster: true,
|
||||
// When you're ready to go full cloud scale, you just change this to true:
|
||||
// Note: in cluster you CANNOT use in-memory state (see below)
|
||||
cluster: true,
|
||||
|
||||
// This will default to the number of workers being equal to
|
||||
// n-1 cpus, with a minimum of 2
|
||||
workers: 4
|
||||
};
|
||||
})
|
||||
.serve(httpsWorker);
|
||||
// This will default to the number of workers being equal to
|
||||
// n-1 cpus, with a minimum of 2
|
||||
workers: 4
|
||||
};
|
||||
})
|
||||
.serve(httpsWorker);
|
||||
|
||||
function httpsWorker(glx) {
|
||||
// WRONG
|
||||
// This won't work like you
|
||||
// think because EACH worker
|
||||
// has ITS OWN `count`.
|
||||
var count = 0;
|
||||
// WRONG
|
||||
// This won't work like you
|
||||
// think because EACH worker
|
||||
// has ITS OWN `count`.
|
||||
var count = 0;
|
||||
|
||||
var app = function(req, res) {
|
||||
res.end("Hello... how many times now? Oh, " + count + " times");
|
||||
count += 1;
|
||||
};
|
||||
var app = function(req, res) {
|
||||
res.end("Hello... how many times now? Oh, " + count + " times");
|
||||
count += 1;
|
||||
};
|
||||
|
||||
// Serves on 80 and 443... for each worker
|
||||
// Get's SSL certificates magically!
|
||||
glx.serveApp(app);
|
||||
// Serves on 80 and 443... for each worker
|
||||
// Get's SSL certificates magically!
|
||||
glx.serveApp(app);
|
||||
}
|
||||
|
|
|
@ -4,13 +4,13 @@ var express = require("express");
|
|||
var app = express();
|
||||
|
||||
app.use("/", function(req, res) {
|
||||
res.setHeader("Content-Type", "text/html; charset=utf-8");
|
||||
res.end("Hello, World!\n\n๐ ๐.js");
|
||||
res.setHeader("Content-Type", "text/html; charset=utf-8");
|
||||
res.end("Hello, World!\n\n๐ ๐.js");
|
||||
});
|
||||
|
||||
// DO NOT DO app.listen() unless we're testing this directly
|
||||
if (require.main === module) {
|
||||
app.listen(3000);
|
||||
app.listen(3000);
|
||||
}
|
||||
|
||||
// Instead do export the app:
|
||||
|
|
|
@ -1,27 +1,27 @@
|
|||
"use strict";
|
||||
|
||||
function httpsWorker(glx) {
|
||||
var app = require("./my-express-app.js");
|
||||
var app = require("./my-express-app.js");
|
||||
|
||||
app.get("/hello", function(req, res) {
|
||||
res.end("Hello, Encrypted World!");
|
||||
});
|
||||
app.get("/hello", function(req, res) {
|
||||
res.end("Hello, Encrypted World!");
|
||||
});
|
||||
|
||||
// Serves on 80 and 443
|
||||
// Get's SSL certificates magically!
|
||||
glx.serveApp(app);
|
||||
// Serves on 80 and 443
|
||||
// Get's SSL certificates magically!
|
||||
glx.serveApp(app);
|
||||
}
|
||||
|
||||
var pkg = require("../../package.json");
|
||||
//require("greenlock-express")
|
||||
require("../../")
|
||||
.init(function getConfig() {
|
||||
// Greenlock Config
|
||||
.init(function getConfig() {
|
||||
// Greenlock Config
|
||||
|
||||
return {
|
||||
package: { name: "http2-example", version: pkg.version },
|
||||
maintainerEmail: "jon@example.com",
|
||||
cluster: false
|
||||
};
|
||||
})
|
||||
.serve(httpsWorker);
|
||||
return {
|
||||
package: { name: "http2-example", version: pkg.version },
|
||||
maintainerEmail: "jon@example.com",
|
||||
cluster: false
|
||||
};
|
||||
})
|
||||
.serve(httpsWorker);
|
||||
|
|
|
@ -1,44 +1,44 @@
|
|||
"use strict";
|
||||
|
||||
function httpsWorker(glx) {
|
||||
// we need the raw https server
|
||||
var server = glx.httpsServer();
|
||||
var proxy = require("http-proxy").createProxyServer({ xfwd: true });
|
||||
// we need the raw https server
|
||||
var server = glx.httpsServer();
|
||||
var proxy = require("http-proxy").createProxyServer({ xfwd: true });
|
||||
|
||||
// catches error events during proxying
|
||||
proxy.on("error", function(err, req, res) {
|
||||
console.error(err);
|
||||
res.statusCode = 500;
|
||||
res.end();
|
||||
return;
|
||||
});
|
||||
// catches error events during proxying
|
||||
proxy.on("error", function(err, req, res) {
|
||||
console.error(err);
|
||||
res.statusCode = 500;
|
||||
res.end();
|
||||
return;
|
||||
});
|
||||
|
||||
// We'll proxy websockets too
|
||||
server.on("upgrade", function(req, socket, head) {
|
||||
proxy.ws(req, socket, head, {
|
||||
ws: true,
|
||||
target: "ws://localhost:3000"
|
||||
});
|
||||
});
|
||||
// We'll proxy websockets too
|
||||
server.on("upgrade", function(req, socket, head) {
|
||||
proxy.ws(req, socket, head, {
|
||||
ws: true,
|
||||
target: "ws://localhost:3000"
|
||||
});
|
||||
});
|
||||
|
||||
// servers a node app that proxies requests to a localhost
|
||||
glx.serveApp(function(req, res) {
|
||||
proxy.web(req, res, {
|
||||
target: "http://localhost:3000"
|
||||
});
|
||||
});
|
||||
// servers a node app that proxies requests to a localhost
|
||||
glx.serveApp(function(req, res) {
|
||||
proxy.web(req, res, {
|
||||
target: "http://localhost:3000"
|
||||
});
|
||||
});
|
||||
}
|
||||
|
||||
var pkg = require("../../package.json");
|
||||
//require("greenlock-express")
|
||||
require("../../")
|
||||
.init(function getConfig() {
|
||||
// Greenlock Config
|
||||
.init(function getConfig() {
|
||||
// Greenlock Config
|
||||
|
||||
return {
|
||||
package: { name: "http-proxy-example", version: pkg.version },
|
||||
maintainerEmail: "jon@example.com",
|
||||
cluster: false
|
||||
};
|
||||
})
|
||||
.serve(httpsWorker);
|
||||
return {
|
||||
package: { name: "http-proxy-example", version: pkg.version },
|
||||
maintainerEmail: "jon@example.com",
|
||||
cluster: false
|
||||
};
|
||||
})
|
||||
.serve(httpsWorker);
|
||||
|
|
|
@ -11,32 +11,32 @@ var pkg = require("../../package.json");
|
|||
// Use glx.httpServer(redirectToHttps) instead.
|
||||
|
||||
function httpsWorker(glx) {
|
||||
//
|
||||
// HTTP can only be used for ACME HTTP-01 Challenges
|
||||
// (and it is not required for DNS-01 challenges)
|
||||
//
|
||||
//
|
||||
// HTTP can only be used for ACME HTTP-01 Challenges
|
||||
// (and it is not required for DNS-01 challenges)
|
||||
//
|
||||
|
||||
// Get the raw http server:
|
||||
var httpServer = glx.httpServer(function(req, res) {
|
||||
res.statusCode = 301;
|
||||
res.setHeader("Location", "https://" + req.headers.host + req.path);
|
||||
res.end("Insecure connections are not allowed. Redirecting...");
|
||||
});
|
||||
// Get the raw http server:
|
||||
var httpServer = glx.httpServer(function(req, res) {
|
||||
res.statusCode = 301;
|
||||
res.setHeader("Location", "https://" + req.headers.host + req.path);
|
||||
res.end("Insecure connections are not allowed. Redirecting...");
|
||||
});
|
||||
|
||||
httpServer.listen(80, "0.0.0.0", function() {
|
||||
console.info("Listening on ", httpServer.address());
|
||||
});
|
||||
httpServer.listen(80, "0.0.0.0", function() {
|
||||
console.info("Listening on ", httpServer.address());
|
||||
});
|
||||
}
|
||||
|
||||
//require("greenlock-express")
|
||||
require("../../")
|
||||
.init(function getConfig() {
|
||||
// Greenlock Config
|
||||
.init(function getConfig() {
|
||||
// Greenlock Config
|
||||
|
||||
return {
|
||||
package: { name: "plain-http-example", version: pkg.version },
|
||||
maintainerEmail: "jon@example.com",
|
||||
cluster: false
|
||||
};
|
||||
})
|
||||
.serve(httpsWorker);
|
||||
return {
|
||||
package: { name: "plain-http-example", version: pkg.version },
|
||||
maintainerEmail: "jon@example.com",
|
||||
cluster: false
|
||||
};
|
||||
})
|
||||
.serve(httpsWorker);
|
||||
|
|
|
@ -11,38 +11,38 @@ var pkg = require("../../package.json");
|
|||
// Use glx.httpsServer(tlsOptions, app) instead.
|
||||
|
||||
function httpsWorker(glx) {
|
||||
//
|
||||
// HTTP2 would have been the default httpsServer for node v12+
|
||||
// However... https://github.com/expressjs/express/issues/3388
|
||||
//
|
||||
//
|
||||
// HTTP2 would have been the default httpsServer for node v12+
|
||||
// However... https://github.com/expressjs/express/issues/3388
|
||||
//
|
||||
|
||||
// Get the raw http2 server:
|
||||
var http2Server = glx.http2Server(function(req, res) {
|
||||
res.end("Hello, Encrypted World!");
|
||||
});
|
||||
// Get the raw http2 server:
|
||||
var http2Server = glx.http2Server(function(req, res) {
|
||||
res.end("Hello, Encrypted World!");
|
||||
});
|
||||
|
||||
http2Server.listen(443, "0.0.0.0", function() {
|
||||
console.info("Listening on ", http2Server.address());
|
||||
});
|
||||
http2Server.listen(443, "0.0.0.0", function() {
|
||||
console.info("Listening on ", http2Server.address());
|
||||
});
|
||||
|
||||
// Note:
|
||||
// You must ALSO listen on port 80 for ACME HTTP-01 Challenges
|
||||
// (the ACME and http->https middleware are loaded by glx.httpServer)
|
||||
var httpServer = glx.httpServer();
|
||||
httpServer.listen(80, "0.0.0.0", function() {
|
||||
console.info("Listening on ", httpServer.address());
|
||||
});
|
||||
// Note:
|
||||
// You must ALSO listen on port 80 for ACME HTTP-01 Challenges
|
||||
// (the ACME and http->https middleware are loaded by glx.httpServer)
|
||||
var httpServer = glx.httpServer();
|
||||
httpServer.listen(80, "0.0.0.0", function() {
|
||||
console.info("Listening on ", httpServer.address());
|
||||
});
|
||||
}
|
||||
|
||||
//require("greenlock-express")
|
||||
require("../../")
|
||||
.init(function getConfig() {
|
||||
// Greenlock Config
|
||||
.init(function getConfig() {
|
||||
// Greenlock Config
|
||||
|
||||
return {
|
||||
package: { name: "http2-example", version: pkg.version },
|
||||
maintainerEmail: "jon@example.com",
|
||||
cluster: false
|
||||
};
|
||||
})
|
||||
.serve(httpsWorker);
|
||||
return {
|
||||
package: { name: "http2-example", version: pkg.version },
|
||||
maintainerEmail: "jon@example.com",
|
||||
cluster: false
|
||||
};
|
||||
})
|
||||
.serve(httpsWorker);
|
||||
|
|
|
@ -11,38 +11,38 @@ var pkg = require("../../package.json");
|
|||
// Use glx.httpsServer(tlsOptions, app) instead.
|
||||
|
||||
function httpsWorker(glx) {
|
||||
//
|
||||
// HTTPS 1.1 is the default
|
||||
// (HTTP2 would be the default but... https://github.com/expressjs/express/issues/3388)
|
||||
//
|
||||
//
|
||||
// HTTPS 1.1 is the default
|
||||
// (HTTP2 would be the default but... https://github.com/expressjs/express/issues/3388)
|
||||
//
|
||||
|
||||
// Get the raw https server:
|
||||
var httpsServer = glx.httpsServer(null, function(req, res) {
|
||||
res.end("Hello, Encrypted World!");
|
||||
});
|
||||
// Get the raw https server:
|
||||
var httpsServer = glx.httpsServer(null, function(req, res) {
|
||||
res.end("Hello, Encrypted World!");
|
||||
});
|
||||
|
||||
httpsServer.listen(443, "0.0.0.0", function() {
|
||||
console.info("Listening on ", httpsServer.address());
|
||||
});
|
||||
httpsServer.listen(443, "0.0.0.0", function() {
|
||||
console.info("Listening on ", httpsServer.address());
|
||||
});
|
||||
|
||||
// Note:
|
||||
// You must ALSO listen on port 80 for ACME HTTP-01 Challenges
|
||||
// (the ACME and http->https middleware are loaded by glx.httpServer)
|
||||
var httpServer = glx.httpServer();
|
||||
httpServer.listen(80, "0.0.0.0", function() {
|
||||
console.info("Listening on ", httpServer.address());
|
||||
});
|
||||
// Note:
|
||||
// You must ALSO listen on port 80 for ACME HTTP-01 Challenges
|
||||
// (the ACME and http->https middleware are loaded by glx.httpServer)
|
||||
var httpServer = glx.httpServer();
|
||||
httpServer.listen(80, "0.0.0.0", function() {
|
||||
console.info("Listening on ", httpServer.address());
|
||||
});
|
||||
}
|
||||
|
||||
//require("greenlock-express")
|
||||
require("../../")
|
||||
.init(function getConfig() {
|
||||
// Greenlock Config
|
||||
.init(function getConfig() {
|
||||
// Greenlock Config
|
||||
|
||||
return {
|
||||
package: { name: "https1-example", version: pkg.version },
|
||||
maintainerEmail: "jon@example.com",
|
||||
cluster: false
|
||||
};
|
||||
})
|
||||
.serve(httpsWorker);
|
||||
return {
|
||||
package: { name: "https1-example", version: pkg.version },
|
||||
maintainerEmail: "jon@example.com",
|
||||
cluster: false
|
||||
};
|
||||
})
|
||||
.serve(httpsWorker);
|
||||
|
|
|
@ -0,0 +1,75 @@
|
|||
"use strict";
|
||||
|
||||
// npm install spdy@3.x
|
||||
|
||||
//var Greenlock = require('greenlock-express')
|
||||
var Greenlock = require("../");
|
||||
|
||||
var greenlock = Greenlock.create({
|
||||
// Let's Encrypt v2 is ACME draft 11
|
||||
version: "draft-11",
|
||||
|
||||
server: "https://acme-v02.api.letsencrypt.org/directory",
|
||||
// Note: If at first you don't succeed, stop and switch to staging
|
||||
// https://acme-staging-v02.api.letsencrypt.org/directory
|
||||
|
||||
// You MUST change this to a valid email address
|
||||
email: "jon@example.com",
|
||||
|
||||
// You MUST NOT build clients that accept the ToS without asking the user
|
||||
agreeTos: true,
|
||||
|
||||
// You MUST change these to valid domains
|
||||
// NOTE: all domains will validated and listed on the certificate
|
||||
approvedDomains: ["example.com", "www.example.com"],
|
||||
|
||||
// You MUST have access to write to directory where certs are saved
|
||||
// ex: /home/foouser/acme/etc
|
||||
configDir: "~/.config/acme/",
|
||||
|
||||
// Get notified of important updates and help me make greenlock better
|
||||
communityMember: true
|
||||
|
||||
//, debug: true
|
||||
});
|
||||
|
||||
////////////////////////
|
||||
// http-01 Challenges //
|
||||
////////////////////////
|
||||
|
||||
// http-01 challenge happens over http/1.1, not http2
|
||||
var redirectHttps = require("redirect-https")();
|
||||
var acmeChallengeHandler = greenlock.middleware(function(req, res) {
|
||||
res.setHeader("Content-Type", "text/html; charset=utf-8");
|
||||
res.end(
|
||||
"<h1>Hello, โ ๏ธ Insecure World!</h1><a>Visit Secure Site</a>" +
|
||||
'<script>document.querySelector("a").href=window.location.href.replace(/^http/i, "https");</script>'
|
||||
);
|
||||
});
|
||||
require("http")
|
||||
.createServer(acmeChallengeHandler)
|
||||
.listen(80, function() {
|
||||
console.log("Listening for ACME http-01 challenges on", this.address());
|
||||
});
|
||||
|
||||
////////////////////////
|
||||
// http2 via SPDY h2 //
|
||||
////////////////////////
|
||||
|
||||
// spdy is a drop-in replacement for the https API
|
||||
var spdyOptions = Object.assign({}, greenlock.tlsOptions);
|
||||
spdyOptions.spdy = { protocols: ["h2", "http/1.1"], plain: false };
|
||||
var server = require("spdy").createServer(
|
||||
spdyOptions,
|
||||
require("express")().use("/", function(req, res) {
|
||||
res.setHeader("Content-Type", "text/html; charset=utf-8");
|
||||
res.end("<h1>Hello, ๐ Secure World!</h1>");
|
||||
})
|
||||
);
|
||||
server.on("error", function(err) {
|
||||
console.error(err);
|
||||
});
|
||||
server.on("listening", function() {
|
||||
console.log("Listening for SPDY/http2/https requests on", this.address());
|
||||
});
|
||||
server.listen(443);
|
|
@ -0,0 +1,30 @@
|
|||
"use strict";
|
||||
|
||||
//require('greenlock-express')
|
||||
require("../")
|
||||
.create({
|
||||
// Let's Encrypt v2 is ACME draft 11
|
||||
version: "draft-11",
|
||||
|
||||
server: "https://acme-v02.api.letsencrypt.org/directory",
|
||||
// Note: If at first you don't succeed, stop and switch to staging
|
||||
// https://acme-staging-v02.api.letsencrypt.org/directory
|
||||
|
||||
email: "john.doe@example.com",
|
||||
|
||||
agreeTos: true,
|
||||
|
||||
approvedDomains: ["example.com", "www.example.com"],
|
||||
|
||||
app: require("express")().use("/", function(req, res) {
|
||||
res.end("Hello, World!");
|
||||
}),
|
||||
|
||||
renewWithin: 91 * 24 * 60 * 60 * 1000,
|
||||
renewBy: 90 * 24 * 60 * 60 * 1000,
|
||||
|
||||
// Get notified of important updates and help me make greenlock better
|
||||
communityMember: true,
|
||||
debug: true
|
||||
})
|
||||
.listen(80, 443);
|
|
@ -0,0 +1,104 @@
|
|||
"use strict";
|
||||
|
||||
//
|
||||
// WARNING: Not for noobs
|
||||
// Try the simple example first
|
||||
//
|
||||
|
||||
//
|
||||
// This demo is used with tunnel-server.js and tunnel-client.js
|
||||
//
|
||||
|
||||
var email = "john.doe@gmail.com";
|
||||
var domains = ["example.com"];
|
||||
var agreeLeTos = true;
|
||||
//var secret = "My Little Brony";
|
||||
var secret = require("crypto")
|
||||
.randomBytes(16)
|
||||
.toString("hex");
|
||||
|
||||
require("../")
|
||||
.create({
|
||||
version: "draft-11",
|
||||
|
||||
server: "https://acme-v02.api.letsencrypt.org/directory",
|
||||
// Note: If at first you don't succeed, stop and switch to staging
|
||||
// https://acme-staging-v02.api.letsencrypt.org/directory
|
||||
|
||||
email: email,
|
||||
agreeTos: agreeLeTos,
|
||||
approveDomains: domains,
|
||||
configDir: "~/.config/acme/",
|
||||
app: remoteAccess(secret),
|
||||
// Get notified of important updates and help me make greenlock better
|
||||
communityMember: true
|
||||
//, debug: true
|
||||
})
|
||||
.listen(3000, 8443);
|
||||
|
||||
function remoteAccess(secret) {
|
||||
var express = require("express");
|
||||
var basicAuth = require("express-basic-auth");
|
||||
var serveIndex = require("serve-index");
|
||||
|
||||
var rootIndex = serveIndex("/", { hidden: true, icons: true, view: "details" });
|
||||
var rootFs = express.static("/", { dotfiles: "allow", redirect: true, index: false });
|
||||
|
||||
var userIndex = serveIndex(require("os").homedir(), { hidden: true, icons: true, view: "details" });
|
||||
var userFs = express.static(require("os").homedir(), { dotfiles: "allow", redirect: true, index: false });
|
||||
|
||||
var app = express();
|
||||
var realm = "Login Required";
|
||||
|
||||
var myAuth = basicAuth({
|
||||
users: { root: secret, user: secret },
|
||||
challenge: true,
|
||||
realm: realm,
|
||||
unauthorizedResponse: function(/*req*/) {
|
||||
return 'Unauthorized <a href="/">Home</a>';
|
||||
}
|
||||
});
|
||||
|
||||
app.get("/", function(req, res) {
|
||||
res.setHeader("Content-Type", "text/html; charset=utf-8");
|
||||
res.end('<a href="/browse/">View Files</a>' + " | " + '<a href="/logout/">Logout</a>');
|
||||
});
|
||||
app.use("/logout", function(req, res) {
|
||||
res.setHeader("Content-Type", "text/html; charset=utf-8");
|
||||
res.setHeader("WWW-Authenticate", 'Basic realm="' + realm + '"');
|
||||
res.statusCode = 401;
|
||||
//res.setHeader('Location', '/');
|
||||
res.end('Logged out | <a href="/">Home</a>');
|
||||
});
|
||||
app.use("/browse", myAuth);
|
||||
app.use("/browse", function(req, res, next) {
|
||||
if ("root" === req.auth.user) {
|
||||
rootFs(req, res, function() {
|
||||
rootIndex(req, res, next);
|
||||
});
|
||||
return;
|
||||
}
|
||||
if ("user" === req.auth.user) {
|
||||
userFs(req, res, function() {
|
||||
userIndex(req, res, next);
|
||||
});
|
||||
return;
|
||||
}
|
||||
res.end("Sad Panda");
|
||||
});
|
||||
|
||||
console.log("");
|
||||
console.log("");
|
||||
console.log("Usernames are\n");
|
||||
console.log("\troot");
|
||||
console.log("\tuser");
|
||||
console.log("");
|
||||
console.log("Password (for both) is\n");
|
||||
console.log("\t" + secret);
|
||||
console.log("");
|
||||
console.log("Shhhh... It's a secret to everybody!");
|
||||
console.log("");
|
||||
console.log("");
|
||||
|
||||
return app;
|
||||
}
|
|
@ -0,0 +1,134 @@
|
|||
#!/usr/bin/env node
|
||||
"use strict";
|
||||
|
||||
///////////////////
|
||||
// vhost example //
|
||||
///////////////////
|
||||
|
||||
//
|
||||
// virtual hosting example
|
||||
//
|
||||
|
||||
// The prefix where sites go by name.
|
||||
// For example: whatever.com may live in /srv/www/whatever.com, thus /srv/www is our path
|
||||
var srv = process.argv[3] || "/srv/www/";
|
||||
|
||||
var path = require("path");
|
||||
var fs = require("fs").promises;
|
||||
var finalhandler = require("finalhandler");
|
||||
var serveStatic = require("serve-static");
|
||||
|
||||
//var glx = require('greenlock-express')
|
||||
var glx = require("./").create({
|
||||
version: "draft-11", // Let's Encrypt v2 is ACME draft 11
|
||||
|
||||
server: "https://acme-v02.api.letsencrypt.org/directory", // If at first you don't succeed, stop and switch to staging
|
||||
// https://acme-staging-v02.api.letsencrypt.org/directory
|
||||
|
||||
configDir: process.argv[4] || "~/.config/acme/", // You MUST have access to write to directory where certs
|
||||
// are saved. ex: /home/foouser/.config/acme
|
||||
|
||||
approveDomains: myApproveDomains, // Greenlock's wraps around tls.SNICallback. Check the
|
||||
// domain name here and reject invalid ones
|
||||
|
||||
app: myVhostApp, // Any node-style http app (i.e. express, koa, hapi, rill)
|
||||
|
||||
/* CHANGE TO A VALID EMAIL */
|
||||
email: process.argv[2] || "jon.doe@example.com", // Email for Let's Encrypt account and Greenlock Security
|
||||
agreeTos: true // Accept Let's Encrypt ToS
|
||||
//, communityMember: true // Join Greenlock to get important updates, no spam
|
||||
|
||||
//, debug: true
|
||||
});
|
||||
|
||||
var server = glx.listen(80, 443);
|
||||
server.on("listening", function() {
|
||||
console.info(server.type + " listening on", server.address());
|
||||
});
|
||||
|
||||
function myApproveDomains(opts, certs, cb) {
|
||||
console.log("sni:", opts.domain);
|
||||
// In this example the filesystem is our "database".
|
||||
// We check in /srv/www for whatever.com and if it exists, it's allowed
|
||||
|
||||
// SECURITY Greenlock validates opts.domains ahead-of-time so you don't have to
|
||||
return checkWwws(opts.domains[0])
|
||||
.then(function() {
|
||||
//opts.email = email;
|
||||
opts.agreeTos = true;
|
||||
cb(null, { options: opts, certs: certs });
|
||||
})
|
||||
.catch(cb);
|
||||
}
|
||||
|
||||
function checkWwws(_hostname) {
|
||||
if (!_hostname) {
|
||||
// SECURITY, don't allow access to the 'srv' root
|
||||
// (greenlock-express uses middleware to check '..', etc)
|
||||
return "";
|
||||
}
|
||||
var hostname = _hostname;
|
||||
var _hostdir = path.join(srv, hostname);
|
||||
var hostdir = _hostdir;
|
||||
// TODO could test for www/no-www both in directory
|
||||
return fs
|
||||
.readdir(hostdir)
|
||||
.then(function() {
|
||||
// TODO check for some sort of htaccess.json and use email in that
|
||||
// NOTE: you can also change other options such as `challengeType` and `challenge`
|
||||
// opts.challengeType = 'http-01';
|
||||
// opts.challenge = require('le-challenge-fs').create({});
|
||||
return hostname;
|
||||
})
|
||||
.catch(function() {
|
||||
if ("www." === hostname.slice(0, 4)) {
|
||||
// Assume we'll redirect to non-www if it's available.
|
||||
hostname = hostname.slice(4);
|
||||
hostdir = path.join(srv, hostname);
|
||||
return fs.readdir(hostdir).then(function() {
|
||||
// TODO list both domains?
|
||||
return hostname;
|
||||
});
|
||||
} else {
|
||||
// Or check and see if perhaps we should redirect non-www to www
|
||||
hostname = "www." + hostname;
|
||||
hostdir = path.join(srv, hostname);
|
||||
return fs.readdir(hostdir).then(function() {
|
||||
// TODO list both domains?
|
||||
return hostname;
|
||||
});
|
||||
}
|
||||
})
|
||||
.catch(function() {
|
||||
throw new Error("rejecting '" + _hostname + "' because '" + _hostdir + "' could not be read");
|
||||
});
|
||||
}
|
||||
|
||||
function myVhostApp(req, res) {
|
||||
// SECURITY greenlock pre-sanitizes hostnames to prevent unauthorized fs access so you don't have to
|
||||
// (also: only domains approved above will get here)
|
||||
console.log("vhost:", req.headers.host);
|
||||
if (!req.headers.host) {
|
||||
// SECURITY, don't allow access to the 'srv' root
|
||||
// (greenlock-express uses middleware to check '..', etc)
|
||||
return res.end();
|
||||
}
|
||||
|
||||
// We could cache wether or not a host exists for some amount of time
|
||||
var fin = finalhandler(req, res);
|
||||
return checkWwws(req.headers.host)
|
||||
.then(function(hostname) {
|
||||
if (hostname !== req.headers.host) {
|
||||
res.statusCode = 302;
|
||||
res.setHeader("Location", "https://" + hostname);
|
||||
// SECURITY this is safe only because greenlock disallows invalid hostnames
|
||||
res.end("<!-- redirecting to https://" + hostname + "-->");
|
||||
return;
|
||||
}
|
||||
var serve = serveStatic(path.join(srv, hostname), { redirect: true });
|
||||
serve(req, res, fin);
|
||||
})
|
||||
.catch(function() {
|
||||
fin();
|
||||
});
|
||||
}
|
|
@ -0,0 +1,77 @@
|
|||
#!/usr/bin/env node
|
||||
"use strict";
|
||||
/*global Promise*/
|
||||
|
||||
///////////////////////
|
||||
// wildcard example //
|
||||
//////////////////////
|
||||
|
||||
//
|
||||
// wildcard example
|
||||
//
|
||||
|
||||
//var glx = require('greenlock-express')
|
||||
var glx = require("../").create({
|
||||
version: "draft-11", // Let's Encrypt v2 is ACME draft 11
|
||||
|
||||
server: "https://acme-staging-v02.api.letsencrypt.org/directory",
|
||||
//, server: 'https://acme-v02.api.letsencrypt.org/directory' // If at first you don't succeed, stop and switch to staging
|
||||
// https://acme-staging-v02.api.letsencrypt.org/directory
|
||||
|
||||
configDir: "~/acme/", // You MUST have access to write to directory where certs
|
||||
// are saved. ex: /home/foouser/.config/acme
|
||||
|
||||
approveDomains: myApproveDomains, // Greenlock's wraps around tls.SNICallback. Check the
|
||||
// domain name here and reject invalid ones
|
||||
|
||||
app: require("./my-express-app.js"), // Any node-style http app (i.e. express, koa, hapi, rill)
|
||||
|
||||
/* CHANGE TO A VALID EMAIL */
|
||||
email: "jon.doe@example.com", // Email for Let's Encrypt account and Greenlock Security
|
||||
agreeTos: true, // Accept Let's Encrypt ToS
|
||||
communityMember: true, // Join Greenlock to (very rarely) get important updates
|
||||
|
||||
//, debug: true
|
||||
store: require("le-store-fs")
|
||||
});
|
||||
|
||||
var server = glx.listen(80, 443);
|
||||
server.on("listening", function() {
|
||||
console.info(server.type + " listening on", server.address());
|
||||
});
|
||||
|
||||
function myApproveDomains(opts) {
|
||||
console.log("sni:", opts.domain);
|
||||
|
||||
// must be 'example.com' or start with 'example.com'
|
||||
if (
|
||||
"example.com" !== opts.domain &&
|
||||
"example.com" !==
|
||||
opts.domain
|
||||
.split(".")
|
||||
.slice(1)
|
||||
.join(".")
|
||||
) {
|
||||
return Promise.reject(new Error("we don't serve your kind here: " + opts.domain));
|
||||
}
|
||||
|
||||
// the primary domain for the cert
|
||||
opts.subject = "example.com";
|
||||
// the altnames (including the primary)
|
||||
opts.domains = [opts.subject, "*.example.com"];
|
||||
|
||||
if (!opts.challenges) {
|
||||
opts.challenges = {};
|
||||
}
|
||||
opts.challenges["http-01"] = require("le-challenge-fs").create({});
|
||||
// Note: When implementing a dns-01 plugin you should make it check in a loop
|
||||
// until it can positively confirm that the DNS changes have propagated.
|
||||
// That could take several seconds to a few minutes.
|
||||
opts.challenges["dns-01"] = require("le-challenge-dns").create({});
|
||||
|
||||
// explicitly set account id and certificate.id
|
||||
opts.account = { id: opts.email };
|
||||
opts.certificate = { id: opts.subject };
|
||||
|
||||
return Promise.resolve(opts);
|
||||
}
|
|
@ -10,13 +10,13 @@ Manage via API or the config file:
|
|||
|
||||
```json
|
||||
{
|
||||
"subscriberEmail": "letsencrypt-test@therootcompany.com",
|
||||
"agreeToTerms": true,
|
||||
"sites": {
|
||||
"example.com": {
|
||||
"subject": "example.com",
|
||||
"altnames": ["example.com", "www.example.com"]
|
||||
}
|
||||
}
|
||||
"subscriberEmail": "letsencrypt-test@therootcompany.com",
|
||||
"agreeToTerms": true,
|
||||
"sites": {
|
||||
"example.com": {
|
||||
"subject": "example.com",
|
||||
"altnames": ["example.com", "www.example.com"]
|
||||
}
|
||||
}
|
||||
}
|
||||
```
|
||||
|
|
|
@ -1,32 +1,32 @@
|
|||
"use strict";
|
||||
|
||||
function httpsWorker(glx) {
|
||||
// This can be a node http app (shown),
|
||||
// an Express app, or Hapi, Koa, Rill, etc
|
||||
var app = function(req, res) {
|
||||
res.end("Hello, Encrypted World!");
|
||||
};
|
||||
// This can be a node http app (shown),
|
||||
// an Express app, or Hapi, Koa, Rill, etc
|
||||
var app = function(req, res) {
|
||||
res.end("Hello, Encrypted World!");
|
||||
};
|
||||
|
||||
// Serves on 80 and 443
|
||||
// Get's SSL certificates magically!
|
||||
glx.serveApp(app);
|
||||
// Serves on 80 and 443
|
||||
// Get's SSL certificates magically!
|
||||
glx.serveApp(app);
|
||||
}
|
||||
|
||||
var pkg = require("../../package.json");
|
||||
//require("greenlock-express")
|
||||
require("../../")
|
||||
.init(function getConfig() {
|
||||
// Greenlock Config
|
||||
.init(function getConfig() {
|
||||
// Greenlock Config
|
||||
|
||||
return {
|
||||
// Package name+version is used for ACME client user agent
|
||||
package: { name: "websocket-example", version: pkg.version },
|
||||
return {
|
||||
// Package name+version is used for ACME client user agent
|
||||
package: { name: "websocket-example", version: pkg.version },
|
||||
|
||||
// Maintainer email is the contact for critical bug and security notices
|
||||
maintainerEmail: "jon@example.com",
|
||||
// Maintainer email is the contact for critical bug and security notices
|
||||
maintainerEmail: "jon@example.com",
|
||||
|
||||
// Change to true when you're ready to make your app cloud-scale
|
||||
cluster: false
|
||||
};
|
||||
})
|
||||
.serve(httpsWorker);
|
||||
// Change to true when you're ready to make your app cloud-scale
|
||||
cluster: false
|
||||
};
|
||||
})
|
||||
.serve(httpsWorker);
|
||||
|
|
|
@ -9,41 +9,41 @@
|
|||
// (see the websocket example)
|
||||
|
||||
function httpsWorker(glx) {
|
||||
var socketio = require("socket.io");
|
||||
var io;
|
||||
var socketio = require("socket.io");
|
||||
var io;
|
||||
|
||||
// we need the raw https server
|
||||
var server = glx.httpsServer();
|
||||
// we need the raw https server
|
||||
var server = glx.httpsServer();
|
||||
|
||||
io = socketio(server);
|
||||
io = socketio(server);
|
||||
|
||||
// Then you do your socket.io stuff
|
||||
io.on("connection", function(socket) {
|
||||
console.log("a user connected");
|
||||
socket.emit("Welcome");
|
||||
// Then you do your socket.io stuff
|
||||
io.on("connection", function(socket) {
|
||||
console.log("a user connected");
|
||||
socket.emit("Welcome");
|
||||
|
||||
socket.on("chat message", function(msg) {
|
||||
socket.broadcast.emit("chat message", msg);
|
||||
});
|
||||
});
|
||||
socket.on("chat message", function(msg) {
|
||||
socket.broadcast.emit("chat message", msg);
|
||||
});
|
||||
});
|
||||
|
||||
// servers a node app that proxies requests to a localhost
|
||||
glx.serveApp(function(req, res) {
|
||||
res.setHeader("Content-Type", "text/html; charset=utf-8");
|
||||
res.end("Hello, World!\n\n๐ ๐.js");
|
||||
});
|
||||
// servers a node app that proxies requests to a localhost
|
||||
glx.serveApp(function(req, res) {
|
||||
res.setHeader("Content-Type", "text/html; charset=utf-8");
|
||||
res.end("Hello, World!\n\n๐ ๐.js");
|
||||
});
|
||||
}
|
||||
|
||||
var pkg = require("../../package.json");
|
||||
//require("greenlock-express")
|
||||
require("../../")
|
||||
.init(function getConfig() {
|
||||
// Greenlock Config
|
||||
.init(function getConfig() {
|
||||
// Greenlock Config
|
||||
|
||||
return {
|
||||
package: { name: "socket-io-example", version: pkg.version },
|
||||
maintainerEmail: "jon@example.com",
|
||||
cluster: false
|
||||
};
|
||||
})
|
||||
.serve(httpsWorker);
|
||||
return {
|
||||
package: { name: "socket-io-example", version: pkg.version },
|
||||
maintainerEmail: "jon@example.com",
|
||||
cluster: false
|
||||
};
|
||||
})
|
||||
.serve(httpsWorker);
|
||||
|
|
|
@ -1,42 +1,42 @@
|
|||
"use strict";
|
||||
|
||||
function httpsWorker(glx) {
|
||||
// we need the raw https server
|
||||
var server = glx.httpsServer();
|
||||
var WebSocket = require("ws");
|
||||
var ws = new WebSocket.Server({ server: server });
|
||||
ws.on("connection", function(ws, req) {
|
||||
// inspect req.headers.authorization (or cookies) for session info
|
||||
ws.send(
|
||||
"[Secure Echo Server] Hello!\nAuth: '" +
|
||||
(req.headers.authorization || "none") +
|
||||
"'\n" +
|
||||
"Cookie: '" +
|
||||
(req.headers.cookie || "none") +
|
||||
"'\n"
|
||||
);
|
||||
ws.on("message", function(data) {
|
||||
ws.send(data);
|
||||
});
|
||||
});
|
||||
// we need the raw https server
|
||||
var server = glx.httpsServer();
|
||||
var WebSocket = require("ws");
|
||||
var ws = new WebSocket.Server({ server: server });
|
||||
ws.on("connection", function(ws, req) {
|
||||
// inspect req.headers.authorization (or cookies) for session info
|
||||
ws.send(
|
||||
"[Secure Echo Server] Hello!\nAuth: '" +
|
||||
(req.headers.authorization || "none") +
|
||||
"'\n" +
|
||||
"Cookie: '" +
|
||||
(req.headers.cookie || "none") +
|
||||
"'\n"
|
||||
);
|
||||
ws.on("message", function(data) {
|
||||
ws.send(data);
|
||||
});
|
||||
});
|
||||
|
||||
// servers a node app that proxies requests to a localhost
|
||||
glx.serveApp(function(req, res) {
|
||||
res.setHeader("Content-Type", "text/html; charset=utf-8");
|
||||
res.end("Hello, World!\n\n๐ ๐.js");
|
||||
});
|
||||
// servers a node app that proxies requests to a localhost
|
||||
glx.serveApp(function(req, res) {
|
||||
res.setHeader("Content-Type", "text/html; charset=utf-8");
|
||||
res.end("Hello, World!\n\n๐ ๐.js");
|
||||
});
|
||||
}
|
||||
|
||||
var pkg = require("../../package.json");
|
||||
//require("greenlock-express")
|
||||
require("../../")
|
||||
.init(function getConfig() {
|
||||
// Greenlock Config
|
||||
.init(function getConfig() {
|
||||
// Greenlock Config
|
||||
|
||||
return {
|
||||
package: { name: "websocket-example", version: pkg.version },
|
||||
maintainerEmail: "jon@example.com",
|
||||
cluster: false
|
||||
};
|
||||
})
|
||||
.serve(httpsWorker);
|
||||
return {
|
||||
package: { name: "websocket-example", version: pkg.version },
|
||||
maintainerEmail: "jon@example.com",
|
||||
cluster: false
|
||||
};
|
||||
})
|
||||
.serve(httpsWorker);
|
||||
|
|
|
@ -17,28 +17,28 @@ var GLE = module.exports;
|
|||
// under the hood. That's the hope, anyway.
|
||||
|
||||
GLE.init = function(fn) {
|
||||
if (cluster.isWorker) {
|
||||
// ignore the init function and launch the worker
|
||||
return require("./worker.js").create();
|
||||
}
|
||||
if (cluster.isWorker) {
|
||||
// ignore the init function and launch the worker
|
||||
return require("./worker.js").create();
|
||||
}
|
||||
|
||||
var opts = fn();
|
||||
if (!opts || "object" !== typeof opts) {
|
||||
throw new Error(
|
||||
"the `Greenlock.init(fn)` function should return an object `{ maintainerEmail, packageAgent, notify }`"
|
||||
);
|
||||
}
|
||||
var opts = fn();
|
||||
if (!opts || "object" !== typeof opts) {
|
||||
throw new Error(
|
||||
"the `Greenlock.init(fn)` function should return an object `{ maintainerEmail, packageAgent, notify }`"
|
||||
);
|
||||
}
|
||||
|
||||
// just for ironic humor
|
||||