make ACME / greenlock optional
このコミットが含まれているのは:
AJ ONeal
コミット
714377bbf9
|
|
@ -164,30 +164,31 @@ if (!program.email || !program.agreeTos) {
|
|||
console.error("You didn't specify --email <EMAIL> and --agree-tos");
|
||||
console.error("(required for ACME / Let's Encrypt / Greenlock TLS/SSL certs)");
|
||||
console.error("");
|
||||
process.exit(1);
|
||||
}
|
||||
program.greenlock = greenlock.create({
|
||||
else {
|
||||
program.greenlock = greenlock.create({
|
||||
|
||||
//server: 'staging'
|
||||
server: 'https://acme-v01.api.letsencrypt.org/directory'
|
||||
//server: 'staging'
|
||||
server: 'https://acme-v01.api.letsencrypt.org/directory'
|
||||
|
||||
, challenges: {
|
||||
// TODO dns-01
|
||||
'http-01': require('le-challenge-fs').create({ webrootPath: '/tmp/acme-challenges' })
|
||||
}
|
||||
, challenges: {
|
||||
// TODO dns-01
|
||||
'http-01': require('le-challenge-fs').create({ webrootPath: '/tmp/acme-challenges' })
|
||||
}
|
||||
|
||||
, store: require('le-store-certbot').create({ webrootPath: '/tmp/acme-challenges' })
|
||||
, store: require('le-store-certbot').create({ webrootPath: '/tmp/acme-challenges' })
|
||||
|
||||
, email: program.email
|
||||
, email: program.email
|
||||
|
||||
, agreeTos: program.agreeTos
|
||||
, agreeTos: program.agreeTos
|
||||
|
||||
, approveDomains: approveDomains
|
||||
, approveDomains: approveDomains
|
||||
|
||||
//, approvedDomains: program.servernames
|
||||
//, approvedDomains: program.servernames
|
||||
|
||||
});
|
||||
//program.tlsOptions.SNICallback = program.greenlock.SNICallback;
|
||||
});
|
||||
}
|
||||
//program.tlsOptions.SNICallback = program.greenlock.httpsOptions.SNICallback;
|
||||
/*
|
||||
program.middleware = program.greenlock.middleware(function (req, res) {
|
||||
res.end('Hello, World!');
|
||||
|
|
|
|||
18
handlers.js
18
handlers.js
|
|
@ -8,12 +8,16 @@ var redirectHttps = require('redirect-https')();
|
|||
module.exports.create = function (program) {
|
||||
var tunnelAdminTlsOpts = {};
|
||||
|
||||
// Probably a reverse proxy on an internal network
|
||||
program.httpServer = http.createServer(program.greenlock.middleware(function (req, res) {
|
||||
// Probably a reverse proxy on an internal network (or ACME challenge)
|
||||
function notFound(req, res) {
|
||||
console.log('req.socket.encrypted', req.socket.encrypted);
|
||||
res.statusCode = 404;
|
||||
res.end("File not found.\n");
|
||||
}));
|
||||
}
|
||||
program.httpServer = http.createServer(
|
||||
program.greenlock && program.greenlock.middleware(notFound)
|
||||
|| notFound
|
||||
);
|
||||
program.handleHttp = function (servername, socket) {
|
||||
console.log("handleHttp('" + servername + "', socket)");
|
||||
socket.__my_servername = servername;
|
||||
|
|
@ -21,10 +25,14 @@ module.exports.create = function (program) {
|
|||
};
|
||||
|
||||
// Probably something that needs to be redirected to https
|
||||
program.httpInsecureServer = http.createServer(program.greenlock.middleware(function (req, res) {
|
||||
function redirectHttpsAndClose(req, res) {
|
||||
res.setHeader('Connection', 'close');
|
||||
redirectHttps(req, res);
|
||||
}));
|
||||
}
|
||||
program.httpInsecureServer = http.createServer(
|
||||
program.greenlock && program.greenlock.middleware(redirectHttpsAndClose)
|
||||
|| redirectHttpsAndClose
|
||||
);
|
||||
program.handleInsecureHttp = function (servername, socket) {
|
||||
console.log("handleInsecureHttp('" + servername + "', socket)");
|
||||
socket.__my_servername = servername;
|
||||
|
|
|
|||
読み込み中…
新しいイシューから参照