lex v2.x
This commit is contained in:
parent
26eb38fb25
commit
86d0f7c4b8
|
@ -1,12 +0,0 @@
|
|||
letsencrypt cluster examples
|
||||
-------------------
|
||||
|
||||
First you need to change the email address in `examples/worker.js`.
|
||||
|
||||
Then you can run the example like so:
|
||||
|
||||
```
|
||||
node examples/serve.js
|
||||
```
|
||||
|
||||
That will put certificates in `~/letsencrypt.test` by default.
|
|
@ -1,35 +0,0 @@
|
|||
'use strict';
|
||||
|
||||
var cluster = require('cluster');
|
||||
|
||||
module.exports.init = function (sharedOpts) {
|
||||
var numCores = 2; // // Math.max(2, require('os').cpus().length)
|
||||
var i;
|
||||
var master = require('../master').create({
|
||||
debug: true
|
||||
|
||||
|
||||
|
||||
, server: 'staging'
|
||||
, webrootPath: sharedOpts.webrootPath
|
||||
|
||||
|
||||
|
||||
, approveDomains: function (masterOptions, certs, cb) {
|
||||
// Depending on your setup it may be more efficient
|
||||
// for you to implement the approveDomains function
|
||||
// in your master or in your workers.
|
||||
//
|
||||
// Since we implement it in the worker (below) in this example
|
||||
// we'll give it an immediate approval here in the master
|
||||
var results = { domain: masterOptions.domain, options: masterOptions, certs: certs };
|
||||
cb(null, results);
|
||||
}
|
||||
});
|
||||
|
||||
|
||||
|
||||
for (i = 0; i < numCores; i += 1) {
|
||||
master.addWorker(cluster.fork());
|
||||
}
|
||||
};
|
|
@ -1,33 +0,0 @@
|
|||
'use strict';
|
||||
|
||||
var cluster = require('cluster');
|
||||
var main;
|
||||
|
||||
|
||||
|
||||
// You'll often see examples where people use cluster
|
||||
// master and worker all in the same file, which is fine,
|
||||
// but in order to conserve memory and especially to be
|
||||
// less confusing, I'm splitting the code into two files
|
||||
if (cluster.isMaster) {
|
||||
main = require('./master');
|
||||
}
|
||||
else {
|
||||
main = require('./worker');
|
||||
}
|
||||
|
||||
|
||||
|
||||
// this is nothing letsencrypt-cluster specific
|
||||
// I'm just arbitrarily choosing to share some configuration
|
||||
// that I know I'm going to use in both places
|
||||
main.init({
|
||||
|
||||
// Depending on the strategy, the whole le-challenge-<<strategy>>
|
||||
// could be shared between worker and server, but since I'm just
|
||||
// using using le-challenge-fs (as you'll see), I'm only sharing the webrootPath
|
||||
webrootPath: require('os').tmpdir() + require('path').sep + 'acme-challenge'
|
||||
|
||||
// this is used both by node-letsencrypt (master) and le-sni-auto (worker)
|
||||
, renewWithin: 15 * 24 * 60 * 60 * 1000
|
||||
});
|
|
@ -1,87 +0,0 @@
|
|||
'use strict';
|
||||
|
||||
module.exports.init = function (sharedOpts) {
|
||||
var worker = require('../worker').create({
|
||||
debug: true
|
||||
|
||||
|
||||
|
||||
// We want both to renew well before the expiration date
|
||||
// and also to stagger the renewals, just a touch
|
||||
// here we specify to renew between 10 and 15 days
|
||||
, renewWithin: sharedOpts.renewWithin
|
||||
, renewBy: 10 * 24 * 60 * 60 * 1000 // optional
|
||||
|
||||
|
||||
|
||||
, webrootPath: sharedOpts.webrootPath
|
||||
|
||||
|
||||
|
||||
/*
|
||||
challenge: {
|
||||
get: function (ignored, domain, token, cb) {
|
||||
cb(null, keyAuthorization);
|
||||
}
|
||||
}
|
||||
, getChallenge: function (domain, token, cb) {
|
||||
// the default behavior is to use le-challenge-fs
|
||||
// TODO maybe provide a built-in option to pass a message to master to use its
|
||||
// but you could overwrite that with a function to pass a message to master or,
|
||||
// but if needed for performance, that can be overwritten here
|
||||
cb(null, );
|
||||
}
|
||||
*/
|
||||
|
||||
|
||||
// There are two approval processes:
|
||||
// 1. emails are tied to private keys (accounts) which must agree to the tos url
|
||||
// 2. domains are tied to accounts (and should be verifiable via loopback)
|
||||
, approveDomains: function (workerOptions, certs, cb) {
|
||||
// opts = { domains, email, agreeTos, tosUrl }
|
||||
// certs = { subject, altnames, expiresAt, issuedAt }
|
||||
var results = {
|
||||
domain: workerOptions.domains[0]
|
||||
, options: {
|
||||
domains: certs && certs.altnames || workerOptions.domains
|
||||
, email: 'john.doe@example.com'
|
||||
, agreeTos: true
|
||||
}
|
||||
, certs: certs
|
||||
};
|
||||
|
||||
|
||||
|
||||
// We might want to do a check to make sure that all of the domains
|
||||
// specified in altnames are still approved to be renewed and have
|
||||
// the correct dns entries, but generally speaking it's probably okay
|
||||
// for renewals to be automatic
|
||||
if (certs) {
|
||||
// modify opts.domains to overwrite certs.altnames in renewal
|
||||
cb(null, results);
|
||||
return;
|
||||
}
|
||||
|
||||
|
||||
|
||||
|
||||
// This is where we would check our database to make sure that
|
||||
// this user (specified by email address) has agreed to the terms
|
||||
// and do some check that they have access to this domain
|
||||
cb(null, results);
|
||||
}
|
||||
});
|
||||
|
||||
function app(req, res) {
|
||||
res.end("Hello, World!");
|
||||
}
|
||||
|
||||
|
||||
// worker.handleAcmeOrRedirectToHttps()
|
||||
// worker.handleAcmeOrUse(app)
|
||||
var redirectHttps = require('redirect-https')();
|
||||
var plainServer = require('http').createServer(worker.middleware(redirectHttps));
|
||||
var server = require('https').createServer(worker.httpsOptions, worker.middleware(app));
|
||||
plainServer.listen(80);
|
||||
server.listen(443);
|
||||
};
|
|
@ -1,13 +1,15 @@
|
|||
{
|
||||
"name": "letsencrypt-cluster",
|
||||
"name": "letsencrypt-encrypt",
|
||||
"version": "2.0.0",
|
||||
"description": "Use automatic letsencrypt (free ssl certs) on multiple cores or even multiple machines",
|
||||
"main": "index.js",
|
||||
"description": "Free SSL and managed or automatic HTTPS for node.js with Express, Koa, Connect, Hapi, and all other middleware systems.",
|
||||
"main": "lex.js",
|
||||
"directories": {
|
||||
"example": "examples"
|
||||
},
|
||||
"dependencies": {
|
||||
"le-challenge-fs": "^2.0.4",
|
||||
"le-sni-auto": "^2.0.1",
|
||||
"le-store-certbot": "^2.0.3",
|
||||
"letsencrypt": "^2.0.4",
|
||||
"localhost.daplie.com-certificates": "^1.2.3",
|
||||
"redirect-https": "^1.1.0"
|
||||
|
|
Loading…
Reference in New Issue