root
/
greenlock-hapi.js
spogulis no https://git.coolaj86.com/coolaj86/greenlock-hapi.js.git
2
0
Atdalīts 0
Kods Problēmas Laidieni Vikivietne Aktivitāte
Free SSL and Automatic HTTPS for node.js with hapi and other middleware systems via ACME (Let's Encrypt)
Nevar pievienot vairāk kā 25 tēmas Tēmai ir jāsākas ar burtu vai ciparu, tā var saturēt domu zīmes ('-') un var būt līdz 35 simboliem gara.
23 Revīzijas
2 Atzari
6 Tagi
42 KiB
 
Atzars: master
Atzari Tagi
${ item.name }
Izveidot tagu ${ searchTerm }
Izveidot atzaru ${ searchTerm }
no 'master'
${ noResults }
AJ ONeal 58887c8086
Update '.github/ISSUE_TEMPLATE.md' 		pirms 6 gadiem
.github Update '.github/ISSUE_TEMPLATE.md' pirms 6 gadiem
.gitignore first commit pirms 8 gadiem
LICENSE update for latest greenlock pirms 6 gadiem
README.md update for latest greenlock pirms 6 gadiem
example.js letsencrypt to greenlock pirms 7 gadiem
index.js update for latest greenlock pirms 6 gadiem
package.json add homepage url pirms 6 gadiem

README.md

Greenlock™ for hapi

An Automated HTTPS ACME client (Let's Encrypt v2) for hapi

| Sponsered by ppl | Greenlock™ is for Browsers, Node.js, Commandline, Express.js, Node.js Cluster, hapi, Koa, and rill |

Features

  • Automatic Registration via SNI (httpsOptions.SNICallback)
  • Secure domain approval callback
  • Automatic renewal between 10 and 14 days before expiration
  • Virtual Hosting (vhost) with Multiple Domains & SAN
  • plugins for AWS, redis, etc
  • and more

This module is just an alias for greenlock-express.js, which works with any middleware system.

Install

npm install --save greenlock-hapi@2.x

QuickStart

'use strict';

//////////////////////
// Greenlock Setup  //
//////////////////////

var greenlock = require('greenlock-hapi').create({
  version: 'draft-11' // Let's Encrypt v2
  // You MUST change this to 'https://acme-v02.api.letsencrypt.org/directory' in production
, server: 'https://acme-staging-v02.api.letsencrypt.org/directory'

, email: 'jon@example.com'
, agreeTos: true
, approveDomains: [ 'example.com' ]

  // Join the community to get notified of important updates
  // and help make greenlock better
, communityMember: true

, configDir: require('os').homedir() + '/acme/etc'

//, debug: true
});


///////////////////
// Just add hapi //
///////////////////

var hapi = require('hapi');
var https = require('https');
var server = new hapi.Server();
var acmeResponder = greenlock.middleware();
var httpsServer = https.createServer(greenlock.httpsOptions).listen(443);

server.connection({ listener: httpsServer, autoListen: false, tls: true });

server.route({
  method: 'GET'
, path: '/.well-known/acme-challenge'
, handler: function (request, reply) {
    var req = request.raw.req;
    var res = request.raw.res;

    reply.close(false);
    acmeResponder(req, res);
  }
});

server.route({
  method: 'GET'
, path: '/'
, handler: function (request, reply) {
    reply("Hello, I'm so Hapi!");
  }
});


//
// http redirect to https
//
var http = require('http');
var redirectHttps = require('redirect-https')();

http.createServer(greenlock.middleware(redirectHttps)).listen(80, function () {
  console.log('Listening on port 80 to handle ACME http-01 challenge and redirect to https');
});

Usage & Troubleshooting

See https://git.coolaj86.com/coolaj86/greenlock-express.js

Handling a dynamic list of domains

In the oversimplified exapmple above we handle a static list of domains. If you add domains programmatically you'll want to use the approveDomains callback.

SECURITY: Be careful with this. If you don't check that the domains being requested are the domains you allow an attacker can make you hit your rate limit for failed verification attempts.

We have a vhost example that allows any domain for which there is a folder on the filesystem in a specific location.

See that example for an idea of how this is done.