greenlock.js/le-standalone.js

'use strict';

var letsencrypt = require('letsencrypt');
var networkInterfaces = require('os').networkInterfaces();
var ipify = require('ipify');

function getSecureContext(le, hostname, cb) {
  hostname = hostname.replace(/^www\./, '');

  function needsRegistration(hostnames, cb) {
    //
    // IMPORTANT
    //
    // Before attempting a dynamic registration you need to validate that
    //
    //   * these are hostnames that you expected to exist on the system
    //   * their A records currently point to this ip
    //   * this system's ip hasn't changed
    //
    //  If you do not check these things, then someone could attack you
    //  and cause you, in return, to have your ip be rate-limit blocked
    //
    le.validate(hostnames, {
      networkInterfaces: networkInterfaces
    , ipify: ipify
    }, function (err) {
      if (err) {
        cb(null, null);
        return;
      }

      // these hostnames need to be registered
      //
      cb(null, {
        email: 'john.doe@gmail.com'
      , agreeTos: true
      , domains: ['www.' + hostname, hostname]
      });
    });
  }

  // secure contexts will be cached
  // renewals will be checked in the background

  le.get(hostname, needsRegistration, function (secureContext) {
    // this will fallback to the localCerts if the domain cannot be registered
    if (!secureContext) {
      var localCerts = require('localhost.daplie.com-certificates');
      secureContext = localCerts;
    }
    cb(null, secureContext);
  }, function (err) {
    cb(err);
  });
}

letsencrypt.create(
  '/home/user/.local/share/letsencrypt/bin/letsencrypt'
  // set some defaults
, { configDir: '/etc/letsencrypt'
  , workDir: '/var/lib/letsencrypt'
  , logsDir: '/var/log/letsencrypt'
  , standalone: true
  //, webroot: true
  //, webrootPath: '/srv/www/acme-challenges/'
  }
, { cacheContextsFor: 1 * 60 * 60 * 1000 // 1 hour
  , cacheRenewChecksFor: 3 * 24 * 60 * 60 * 1000 // 3 days
  }
).then(function (le) {
  getSecureContext(le, 'example.com', function (secureContext) {
    console.log(secureContext);
  });
});
initial commit 2015-12-11 11:23:47 +00:00			`'use strict';`

			`var letsencrypt = require('letsencrypt');`
			`var networkInterfaces = require('os').networkInterfaces();`
			`var ipify = require('ipify');`

			`function getSecureContext(le, hostname, cb) {`
			`hostname = hostname.replace(/^www\./, '');`

			`function needsRegistration(hostnames, cb) {`
			`//`
			`// IMPORTANT`
			`//`
			`// Before attempting a dynamic registration you need to validate that`
			`//`
			`// * these are hostnames that you expected to exist on the system`
			`// * their A records currently point to this ip`
			`// * this system's ip hasn't changed`
			`//`
			`// If you do not check these things, then someone could attack you`
			`// and cause you, in return, to have your ip be rate-limit blocked`
			`//`
			`le.validate(hostnames, {`
			`networkInterfaces: networkInterfaces`
			`, ipify: ipify`
			`}, function (err) {`
			`if (err) {`
			`cb(null, null);`
			`return;`
			`}`

			`// these hostnames need to be registered`
			`//`
			`cb(null, {`
			`email: 'john.doe@gmail.com'`
			`, agreeTos: true`
			`, domains: ['www.' + hostname, hostname]`
			`});`
			`});`
			`}`

			`// secure contexts will be cached`
			`// renewals will be checked in the background`

			`le.get(hostname, needsRegistration, function (secureContext) {`
			`// this will fallback to the localCerts if the domain cannot be registered`
			`if (!secureContext) {`
			`var localCerts = require('localhost.daplie.com-certificates');`
			`secureContext = localCerts;`
			`}`
			`cb(null, secureContext);`
			`}, function (err) {`
			`cb(err);`
			`});`
			`}`

			`letsencrypt.create(`
			`'/home/user/.local/share/letsencrypt/bin/letsencrypt'`
			`// set some defaults`
			`, { configDir: '/etc/letsencrypt'`
			`, workDir: '/var/lib/letsencrypt'`
			`, logsDir: '/var/log/letsencrypt'`
			`, standalone: true`
			`//, webroot: true`
			`//, webrootPath: '/srv/www/acme-challenges/'`
			`}`
			`, { cacheContextsFor: 1 * 60 * 60 * 1000 // 1 hour`
			`, cacheRenewChecksFor: 3 * 24 * 60 * 60 * 1000 // 3 days`
			`}`
			`).then(function (le) {`
			`getSecureContext(le, 'example.com', function (secureContext) {`
			`console.log(secureContext);`
			`});`
			`});`