make ACME / greenlock optional

This commit is contained in:
AJ ONeal 2017-04-05 04:18:35 -04:00
parent 81dce2f0a1
commit 714377bbf9
2 changed files with 29 additions and 20 deletions

View File

@ -164,30 +164,31 @@ if (!program.email || !program.agreeTos) {
console.error("You didn't specify --email <EMAIL> and --agree-tos"); console.error("You didn't specify --email <EMAIL> and --agree-tos");
console.error("(required for ACME / Let's Encrypt / Greenlock TLS/SSL certs)"); console.error("(required for ACME / Let's Encrypt / Greenlock TLS/SSL certs)");
console.error(""); console.error("");
process.exit(1);
} }
program.greenlock = greenlock.create({ else {
program.greenlock = greenlock.create({
//server: 'staging' //server: 'staging'
server: 'https://acme-v01.api.letsencrypt.org/directory' server: 'https://acme-v01.api.letsencrypt.org/directory'
, challenges: { , challenges: {
// TODO dns-01 // TODO dns-01
'http-01': require('le-challenge-fs').create({ webrootPath: '/tmp/acme-challenges' }) 'http-01': require('le-challenge-fs').create({ webrootPath: '/tmp/acme-challenges' })
} }
, store: require('le-store-certbot').create({ webrootPath: '/tmp/acme-challenges' }) , store: require('le-store-certbot').create({ webrootPath: '/tmp/acme-challenges' })
, email: program.email , email: program.email
, agreeTos: program.agreeTos , agreeTos: program.agreeTos
, approveDomains: approveDomains , approveDomains: approveDomains
//, approvedDomains: program.servernames //, approvedDomains: program.servernames
}); });
//program.tlsOptions.SNICallback = program.greenlock.SNICallback; }
//program.tlsOptions.SNICallback = program.greenlock.httpsOptions.SNICallback;
/* /*
program.middleware = program.greenlock.middleware(function (req, res) { program.middleware = program.greenlock.middleware(function (req, res) {
res.end('Hello, World!'); res.end('Hello, World!');

View File

@ -8,12 +8,16 @@ var redirectHttps = require('redirect-https')();
module.exports.create = function (program) { module.exports.create = function (program) {
var tunnelAdminTlsOpts = {}; var tunnelAdminTlsOpts = {};
// Probably a reverse proxy on an internal network // Probably a reverse proxy on an internal network (or ACME challenge)
program.httpServer = http.createServer(program.greenlock.middleware(function (req, res) { function notFound(req, res) {
console.log('req.socket.encrypted', req.socket.encrypted); console.log('req.socket.encrypted', req.socket.encrypted);
res.statusCode = 404; res.statusCode = 404;
res.end("File not found.\n"); res.end("File not found.\n");
})); }
program.httpServer = http.createServer(
program.greenlock && program.greenlock.middleware(notFound)
|| notFound
);
program.handleHttp = function (servername, socket) { program.handleHttp = function (servername, socket) {
console.log("handleHttp('" + servername + "', socket)"); console.log("handleHttp('" + servername + "', socket)");
socket.__my_servername = servername; socket.__my_servername = servername;
@ -21,10 +25,14 @@ module.exports.create = function (program) {
}; };
// Probably something that needs to be redirected to https // Probably something that needs to be redirected to https
program.httpInsecureServer = http.createServer(program.greenlock.middleware(function (req, res) { function redirectHttpsAndClose(req, res) {
res.setHeader('Connection', 'close'); res.setHeader('Connection', 'close');
redirectHttps(req, res); redirectHttps(req, res);
})); }
program.httpInsecureServer = http.createServer(
program.greenlock && program.greenlock.middleware(redirectHttpsAndClose)
|| redirectHttpsAndClose
);
program.handleInsecureHttp = function (servername, socket) { program.handleInsecureHttp = function (servername, socket) {
console.log("handleInsecureHttp('" + servername + "', socket)"); console.log("handleInsecureHttp('" + servername + "', socket)");
socket.__my_servername = servername; socket.__my_servername = servername;