Need to be in control of the store #13

Closed
opened 2019-11-05 12:51:16 +00:00 by Ghost · 12 comments

At this point I'm struggling a bit.

I managed to get this working

const httpsWorker = (glx) => {
  glx.serveApp(app)
}
require('@root/greenlock-express').init(() => {
  return {
    package: { name: pkg.name, version: pkg.version },
    maintainerEmail: 'toon@appsaloon.be',
    notify: (ev, args) => {
      console.info(ev, args)
    },
    manager: 'greenlock-manager-fs',
    configFile: '/etc/greenlock/manager.json'
  }
}).serve(httpsWorker)

I'm running an express server behind one single domain.
It's auto- deployed as a docker container. I don't want to do CLI commands.
In our docker composer we define a persistent volume /etc/greenlock where we store our key's.
How can I configure this store?

I already tried to add

store: {
  module: "greenlock-store-fs",
  basePath: "/etc/greenlock"
}

I'm one of your backers on indiegogo

At this point I'm struggling a bit. I managed to get this working ``` const httpsWorker = (glx) => { glx.serveApp(app) } require('@root/greenlock-express').init(() => { return { package: { name: pkg.name, version: pkg.version }, maintainerEmail: 'toon@appsaloon.be', notify: (ev, args) => { console.info(ev, args) }, manager: 'greenlock-manager-fs', configFile: '/etc/greenlock/manager.json' } }).serve(httpsWorker) ``` I'm running an express server behind one single domain. It's auto- deployed as a docker container. I don't want to do CLI commands. In our docker composer we define a persistent volume `/etc/greenlock` where we store our key's. How can I configure this store? I already tried to add ``` store: { module: "greenlock-store-fs", basePath: "/etc/greenlock" } ``` I'm one of your backers on indiegogo
Owner

I just updated the docs again last night, and decided to expose the raw greenlock.

See https://git.rootprojects.org/root/greenlock-express.js#4-manage-domains

And https://git.rootprojects.org/root/greenlock-manager.js

Set .greenlockrc

npx greenlock init --manager-config-file '/etc/greenlock/manager.json'

.greenlockrc

{
  "manager": "greenlock-manager-fs",
  "configFile": "/etc/greenlock/manager.json"
}

Set manager.json

npx greenlock defaults --store greenlock-manager-fs --store-base-path /etc/greenlock/manager.json
{
  "store": {
    module: 'greenlock-manager-fs',
    basePath: '/etc/greenlock'
  }
}

In code (not suggested)

require('@root/greenlock-express').init(function () {

  var greenlock = require('@root/greenlock').create({
    packageAgent: pkg.name + '/' + pkg.version,
    maintainerEmail: 'toon@appsaloon.be',
    packageRoot: __dirname,
    notify: (ev, args) => {
      console.info(ev, args)
    },
    //manager: 'greenlock-manager-fs',
    //configFile: '/etc/greenlock/manager.json'
  });

  //greenlock.manager.defaults({
  //  store: {
  //    module: 'greenlock-manager-fs',
  //    basePath: '/etc/greenlock'
  //  }
  //});

  return {
    greenlock
  }
}).ready(httpsWorker = (glx) => {
  glx.serveApp(app)
})

Hopefully I didn't make any typos there.

If you do the npx along your npm install, you don't actually need to save any code or config to your repository.

I'd like to learn more about how you're using Docker so I can adjust my thinking accordingly.

I just updated the docs again last night, and decided to expose the raw greenlock. See https://git.rootprojects.org/root/greenlock-express.js#4-manage-domains And https://git.rootprojects.org/root/greenlock-manager.js # Set .greenlockrc ```bash npx greenlock init --manager-config-file '/etc/greenlock/manager.json' ``` `.greenlockrc` ```json { "manager": "greenlock-manager-fs", "configFile": "/etc/greenlock/manager.json" } ``` # Set manager.json ```bash npx greenlock defaults --store greenlock-manager-fs --store-base-path /etc/greenlock/manager.json ``` ```json { "store": { module: 'greenlock-manager-fs', basePath: '/etc/greenlock' } } ``` # In code (not suggested) ```js require('@root/greenlock-express').init(function () { var greenlock = require('@root/greenlock').create({ packageAgent: pkg.name + '/' + pkg.version, maintainerEmail: 'toon@appsaloon.be', packageRoot: __dirname, notify: (ev, args) => { console.info(ev, args) }, //manager: 'greenlock-manager-fs', //configFile: '/etc/greenlock/manager.json' }); //greenlock.manager.defaults({ // store: { // module: 'greenlock-manager-fs', // basePath: '/etc/greenlock' // } //}); return { greenlock } }).ready(httpsWorker = (glx) => { glx.serveApp(app) }) ``` Hopefully I didn't make any typos there. If you do the `npx` along your `npm install`, you don't actually need to save any code or config to your repository. I'd like to learn more about how you're using Docker so I can adjust my thinking accordingly.
Owner

I'm trying to get all of the config out of code so that it can be managed via CLI and Web management for Greenlock Express, and make it easier for less technical people to start using it, and so that it's easier to manage deployments in addition to one-off sites.

I'm trying to get all of the config out of code so that it can be managed via CLI and Web management for Greenlock Express, and make it easier for less technical people to start using it, and so that it's easier to manage deployments in addition to one-off sites.
Owner
What do you think about this? https://git.rootprojects.org/root/greenlock-express.js#serve-your-sites-with-free-ssl
Author

We at Appsaloon serve mainly Progressive Web Apps and they need to be served over https.
These project mostly exist out of an reverse proxy that is also taking care of the SSL certification with greenlock V2.
Behind the reverse proxy we have multiple other services (all small node servers) that serve the PWA, some API's and some data runners.
They all run within a docker container and are orchestrated by a docker stack file.

This setup is created to take down and setup projects within notice. We mitigated manual setup, by configuring some parts.

On a service level we can rapidly release new versions of our services without much hassle, and not have to worry about doing CLI things.
On development level, we can spin up, a more or less complex setup that mimics our production version.
There is one caveat with SSL certificates because in production they need to be persistent. This can be done by declaring a volume that is shared by the docker container even after we spin up a new version of that container.

So in short the in-code configuration setup was and is a big plus for us.

I follow you in getting the config out of the code for the less technical people, but we liked the simple configuration style of V2.

We got most of it working, although struggling with the store which is creating a folder greenlock with all certificates in our packageRoot instead of /etc/greenlock.

require('@root/greenlock-express').init(() => {
    console.log(__dirname)
    const greenlock = require('@root/greenlock').create({
      maintainerEmail: 'toon@appsaloon.be',
      packageAgent: pkg.name + '/' + pkg.version,
      staging: true,
      packageRoot: './',
      notify: (ev, args) => {
        console.info(ev, args)
      },
      manager: 'greenlock-manager-fs',
      configFile: '/etc/greenlock/manager.json'
    })

    greenlock.manager.defaults({
      subscriberEmail: 'toon@appsaloon.be',
      agreeToTerms: true,
      store: {
        module: 'greenlock-store-fs',
        basePath: '/etc/greenlock'
      }
    })

    greenlock.add({
      subject: 'scripts.appsaloon.be',
      altnames: ['scripts.appsaloon.be']
    })
    return {
      greenlock,
      cluster: false
    }
  }).serve((glx) => glx.serveApp(app))
We at Appsaloon serve mainly Progressive Web Apps and they need to be served over https. These project mostly exist out of an reverse proxy that is also taking care of the SSL certification with greenlock V2. Behind the reverse proxy we have multiple other services (all small node servers) that serve the PWA, some API's and some data runners. They all run within a docker container and are orchestrated by a docker stack file. This setup is created to take down and setup projects within notice. We mitigated manual setup, by configuring some parts. On a service level we can rapidly release new versions of our services without much hassle, and not have to worry about doing CLI things. On development level, we can spin up, a more or less complex setup that mimics our production version. There is one caveat with SSL certificates because in production they need to be persistent. This can be done by declaring a volume that is shared by the docker container even after we spin up a new version of that container. So in short the in-code configuration setup was and is a big plus for us. I follow you in getting the config out of the code for the less technical people, but we liked the simple configuration style of V2. We got most of it working, although struggling with the store which is creating a folder `greenlock` with all certificates in our packageRoot instead of `/etc/greenlock`. ``` require('@root/greenlock-express').init(() => { console.log(__dirname) const greenlock = require('@root/greenlock').create({ maintainerEmail: 'toon@appsaloon.be', packageAgent: pkg.name + '/' + pkg.version, staging: true, packageRoot: './', notify: (ev, args) => { console.info(ev, args) }, manager: 'greenlock-manager-fs', configFile: '/etc/greenlock/manager.json' }) greenlock.manager.defaults({ subscriberEmail: 'toon@appsaloon.be', agreeToTerms: true, store: { module: 'greenlock-store-fs', basePath: '/etc/greenlock' } }) greenlock.add({ subject: 'scripts.appsaloon.be', altnames: ['scripts.appsaloon.be'] }) return { greenlock, cluster: false } }).serve((glx) => glx.serveApp(app)) ```
Owner

Thanks for the detailed notes. I'm going to crunch on it a bit later.

As for the config issue, I'm looking into it.

Initially things are looking right on my end, so I'm creating a specific test case based on your example.

In the meantime, be sure to rm -rf node_modules && npm install -u just in case you have a mismatched version.

Thanks for the detailed notes. I'm going to crunch on it a bit later. As for the config issue, I'm looking into it. Initially things are looking right on my end, so I'm creating a specific test case based on your example. In the meantime, be sure to `rm -rf node_modules && npm install -u` just in case you have a mismatched version.
Owner

It wasn't a problem in the manager, it was a bug in Greenlock.

v3.1.5 has your fix.

Note: packageRoot must be an absolute path, not a relative path.

It wasn't a problem in the manager, it was a bug in Greenlock. v3.1.5 has your fix. Note: `packageRoot` must be an _absolute_ path, not a relative path.
Owner

What do you think about this?

Option A

require('@root/greenlock-express')
    .init({
        packageRoot: __dirname,
        maintainerEmail: 'toon@appsaloon.be',
        configFile: '/etc/greenlock/greenlock.json',

        staging: true,
        notify: (ev, args) => {
            console.info(ev, args);
        }
    })
    .serve(app);

/etc/greenlock/greenlock.json:

{
    "defaults": {
        "subscriberEmail": "toon@appsaloon.be",
        "agreeToTerms": true,
        "store": {
            "module": "greenlock-store-fs",
            "basePath": "/etc/greenlock"
        }
    },
    "sites": [
        {
            "subject": "scripts.appsaloon.be",
            "altnames": ["scripts.appsaloon.be"]
        }
    ]
}

Option B

require('greenlock-express')
    .init(function() {
        var greenlock = require('greenlock').create({
            packageRoot: __dirname,
            maintainerEmail: 'toon@appsaloon.be',
            configFile: '/etc/greenlock/greenlock.json',

            staging: true,
            notify: (ev, args) => {
                console.info(ev, args);
            }
        });

        greenlock.sites.add({
            subject: 'example.com',
            altnames: ['example.com']
        });

        return { greenlock };
    })
    .serve(app);

/etc/greenlock/greenlock.json:

{
    "defaults": {
        "subscriberEmail": "toon@appsaloon.be",
        "agreeToTerms": true,
        "store": {
            "module": "greenlock-store-fs",
            "basePath": "/etc/greenlock"
        }
    }
}

Works?

Is there anything about that doesn't work for or is cumbersome in your scenario?

What do you think about this? # Option A ```js require('@root/greenlock-express') .init({ packageRoot: __dirname, maintainerEmail: 'toon@appsaloon.be', configFile: '/etc/greenlock/greenlock.json', staging: true, notify: (ev, args) => { console.info(ev, args); } }) .serve(app); ``` `/etc/greenlock/greenlock.json`: ``` { "defaults": { "subscriberEmail": "toon@appsaloon.be", "agreeToTerms": true, "store": { "module": "greenlock-store-fs", "basePath": "/etc/greenlock" } }, "sites": [ { "subject": "scripts.appsaloon.be", "altnames": ["scripts.appsaloon.be"] } ] } ``` # Option B ```js require('greenlock-express') .init(function() { var greenlock = require('greenlock').create({ packageRoot: __dirname, maintainerEmail: 'toon@appsaloon.be', configFile: '/etc/greenlock/greenlock.json', staging: true, notify: (ev, args) => { console.info(ev, args); } }); greenlock.sites.add({ subject: 'example.com', altnames: ['example.com'] }); return { greenlock }; }) .serve(app); ``` `/etc/greenlock/greenlock.json`: ``` { "defaults": { "subscriberEmail": "toon@appsaloon.be", "agreeToTerms": true, "store": { "module": "greenlock-store-fs", "basePath": "/etc/greenlock" } } } ``` # Works? Is there anything about that _doesn't_ work for or is cumbersome in your scenario?
Owner

The CLI is something I created in particular to ease some of the Docker frustrations - so that you can just put a line right after npm install, perhaps with an environment variables and, boom, be done.

If you'd care to email me ( coolaj86@gmail.com ) your Dockerfile (or a portion of it), I'm really curious as to how you're using it because I think this is a use case I've never seen before.

The CLI is something I created in particular to ease some of the Docker frustrations - so that you can just put a line right after `npm install`, perhaps with an environment variables and, boom, be done. If you'd care to email me ( coolaj86@gmail.com ) your Dockerfile (or a portion of it), I'm really curious as to how you're using it because I think this is a use case I've never seen before.
Author

Hi, I tried option A, it doesn't work.

--message-- fn is not a function
--stack--     at Object.GLE.init (/server/node_modules/@root/greenlock-express/greenlock-express.js:25:16)
    at Object.<anonymous> (/server/index.js:16:6)
    at Module._compile (internal/modules/cjs/loader.js:1063:30)
    at Object.Module._extensions..js (internal/modules/cjs/loader.js:1103:10)
    at Module.load (internal/modules/cjs/loader.js:914:32)
    at Function.Module._load (internal/modules/cjs/loader.js:822:14)
    at Function.Module.runMain (internal/modules/cjs/loader.js:1143:12)
    at internal/main/run_main_module.js:16:11

I fixed this by wrapping the init config in a function

require('@root/greenlock-express')
    .init(() => {
        return {
           packageRoot: __dirname,
           maintainerEmail: 'toon@appsaloon.be',
           configFile: '/etc/greenlock/greenlock.json',
           staging: true,
           notify: (ev, args) => {
              console.info(ev, args);
           }
        }
    })
    .serve(app);

But then I get the same issue as in option B

/server/node_modules/finalhandler/index.js:256
  return typeof res.headersSent !== 'boolean'
                    ^

TypeError: Cannot read property 'headersSent' of undefined
    at headersSent (/server/node_modules/finalhandler/index.js:256:21)
    at /server/node_modules/finalhandler/index.js:92:17
    at /server/node_modules/express/lib/router/index.js:635:15
    at next (/server/node_modules/express/lib/router/index.js:210:14)
    at Function.handle (/server/node_modules/express/lib/router/index.js:174:3)
    at Function.handle (/server/node_modules/express/lib/application.js:174:10)
    at app (/server/node_modules/express/lib/express.js:39:9)
    at Object.ready (/server/node_modules/@root/greenlock-express/single.js:15:13)
    at Object.<anonymous> (/server/index.js:27:6)
    at Module._compile (internal/modules/cjs/loader.js:1063:30)
Hi, I tried option A, it doesn't work. ``` --message-- fn is not a function --stack-- at Object.GLE.init (/server/node_modules/@root/greenlock-express/greenlock-express.js:25:16) at Object.<anonymous> (/server/index.js:16:6) at Module._compile (internal/modules/cjs/loader.js:1063:30) at Object.Module._extensions..js (internal/modules/cjs/loader.js:1103:10) at Module.load (internal/modules/cjs/loader.js:914:32) at Function.Module._load (internal/modules/cjs/loader.js:822:14) at Function.Module.runMain (internal/modules/cjs/loader.js:1143:12) at internal/main/run_main_module.js:16:11 ``` I fixed this by wrapping the init config in a function ``` require('@root/greenlock-express') .init(() => { return { packageRoot: __dirname, maintainerEmail: 'toon@appsaloon.be', configFile: '/etc/greenlock/greenlock.json', staging: true, notify: (ev, args) => { console.info(ev, args); } } }) .serve(app); ``` But then I get the same issue as in option B ``` /server/node_modules/finalhandler/index.js:256 return typeof res.headersSent !== 'boolean' ^ TypeError: Cannot read property 'headersSent' of undefined at headersSent (/server/node_modules/finalhandler/index.js:256:21) at /server/node_modules/finalhandler/index.js:92:17 at /server/node_modules/express/lib/router/index.js:635:15 at next (/server/node_modules/express/lib/router/index.js:210:14) at Function.handle (/server/node_modules/express/lib/router/index.js:174:3) at Function.handle (/server/node_modules/express/lib/application.js:174:10) at app (/server/node_modules/express/lib/express.js:39:9) at Object.ready (/server/node_modules/@root/greenlock-express/single.js:15:13) at Object.<anonymous> (/server/index.js:27:6) at Module._compile (internal/modules/cjs/loader.js:1063:30) ```
Owner

Sorry, I was unclear.

I was asking for feedback: if that were the API, would it suit your needs.

That’s not the API, but I think I could reasonably make those changes.

Sorry, I was unclear. I was asking for feedback: _if_ that were the API, would it suit your needs. That’s _not_ the API, but I think I could reasonably make those changes.
Author

Sorry, found it.

require('@root/greenlock-express')
    .init(() => {
        return {
           packageRoot: __dirname,
           maintainerEmail: 'toon@appsaloon.be',
           configFile: '/etc/greenlock/greenlock.json',
           staging: true,
           notify: (ev, args) => {
              console.info(ev, args);
           }
        }
    })
    .serve((glx) => glx.serveApp(app))

Fixed it with the last line

Sorry, found it. ``` require('@root/greenlock-express') .init(() => { return { packageRoot: __dirname, maintainerEmail: 'toon@appsaloon.be', configFile: '/etc/greenlock/greenlock.json', staging: true, notify: (ev, args) => { console.info(ev, args); } } }) .serve((glx) => glx.serveApp(app)) ``` Fixed it with the last line
Author

Okay, I would prefer option A.

Okay, I would prefer option A.
Ghost closed this issue 2019-11-13 14:56:31 +00:00
Sign in to join this conversation.
No Label
No Milestone
No Assignees
2 Participants
Notifications
Due Date
The due date is invalid or out of range. Please use the format 'yyyy-mm-dd'.

No due date set.

Dependencies

No dependencies set.

Reference: root/greenlock-express.js#13
No description provided.