make ACME / greenlock optional

This commit is contained in:
AJ ONeal 2017-04-05 04:18:35 -04:00
parent 81dce2f0a1
commit 714377bbf9
2 changed files with 29 additions and 20 deletions

View File

@ -164,30 +164,31 @@ if (!program.email || !program.agreeTos) {
console.error("You didn't specify --email <EMAIL> and --agree-tos");
console.error("(required for ACME / Let's Encrypt / Greenlock TLS/SSL certs)");
console.error("");
process.exit(1);
}
program.greenlock = greenlock.create({
else {
program.greenlock = greenlock.create({
//server: 'staging'
server: 'https://acme-v01.api.letsencrypt.org/directory'
, challenges: {
, challenges: {
// TODO dns-01
'http-01': require('le-challenge-fs').create({ webrootPath: '/tmp/acme-challenges' })
}
, store: require('le-store-certbot').create({ webrootPath: '/tmp/acme-challenges' })
, store: require('le-store-certbot').create({ webrootPath: '/tmp/acme-challenges' })
, email: program.email
, email: program.email
, agreeTos: program.agreeTos
, agreeTos: program.agreeTos
, approveDomains: approveDomains
, approveDomains: approveDomains
//, approvedDomains: program.servernames
//, approvedDomains: program.servernames
});
//program.tlsOptions.SNICallback = program.greenlock.SNICallback;
});
}
//program.tlsOptions.SNICallback = program.greenlock.httpsOptions.SNICallback;
/*
program.middleware = program.greenlock.middleware(function (req, res) {
res.end('Hello, World!');

View File

@ -8,12 +8,16 @@ var redirectHttps = require('redirect-https')();
module.exports.create = function (program) {
var tunnelAdminTlsOpts = {};
// Probably a reverse proxy on an internal network
program.httpServer = http.createServer(program.greenlock.middleware(function (req, res) {
// Probably a reverse proxy on an internal network (or ACME challenge)
function notFound(req, res) {
console.log('req.socket.encrypted', req.socket.encrypted);
res.statusCode = 404;
res.end("File not found.\n");
}));
}
program.httpServer = http.createServer(
program.greenlock && program.greenlock.middleware(notFound)
|| notFound
);
program.handleHttp = function (servername, socket) {
console.log("handleHttp('" + servername + "', socket)");
socket.__my_servername = servername;
@ -21,10 +25,14 @@ module.exports.create = function (program) {
};
// Probably something that needs to be redirected to https
program.httpInsecureServer = http.createServer(program.greenlock.middleware(function (req, res) {
function redirectHttpsAndClose(req, res) {
res.setHeader('Connection', 'close');
redirectHttps(req, res);
}));
}
program.httpInsecureServer = http.createServer(
program.greenlock && program.greenlock.middleware(redirectHttpsAndClose)
|| redirectHttpsAndClose
);
program.handleInsecureHttp = function (servername, socket) {
console.log("handleInsecureHttp('" + servername + "', socket)");
socket.__my_servername = servername;