updates
This commit is contained in:
AJ ONeal
parent
73ed1ad7a9
commit
2be48af0d7
19
README.md
19
README.md
|
|
@ -51,6 +51,25 @@ than what makes sense to show in a minimal snippet.
|
|||
* [commandline (standalone with "webroot")](https://github.com/Daplie/node-letsencrypt/blob/master/examples/commandline.js)
|
||||
* [expressjs (fully automatic https)](https://github.com/Daplie/node-letsencrypt/blob/master/examples/express.js)
|
||||
|
||||
### non-root
|
||||
|
||||
If you want to run this as non-root, you can.
|
||||
|
||||
You just have to set node to be allowed to use root ports
|
||||
|
||||
```
|
||||
# node
|
||||
sudo setcap cap_net_bind_service=+ep /usr/local/bin/node
|
||||
```
|
||||
|
||||
and then make sure to set all of of the following to a directory that your user is permitted to write to
|
||||
|
||||
* `webrootPath`
|
||||
* `configDir`
|
||||
* `workDir` (python backend only)
|
||||
* `logsDir` (python backend only)
|
||||
|
||||
|
||||
See Also
|
||||
========
|
||||
|
||||
|
|
|
|||
12
index.js
12
index.js
|
|
@ -95,6 +95,18 @@ LE.create = function (backend, defaults, handlers) {
|
|||
return;
|
||||
}
|
||||
|
||||
//
|
||||
// IMPORTANT
|
||||
//
|
||||
// Before attempting a dynamic registration you need to validate that
|
||||
//
|
||||
// * these are hostnames that you expected to exist on the system
|
||||
// * their A records currently point to this ip
|
||||
// * this system's ip hasn't changed
|
||||
//
|
||||
// If you do not check these things, then someone could attack you
|
||||
// and cause you, in return, to have your ip be rate-limit blocked
|
||||
//
|
||||
console.warn("[SECURITY WARNING]: node-letsencrypt: validate(hostnames, cb) NOT IMPLEMENTED");
|
||||
cb(null, true);
|
||||
}
|
||||
|
|
|
|||
Loading…
Reference in New Issue