Verified Commit 3a282b49 authored by Aral Balkan's avatar Aral Balkan
Browse files

Update command-line app with globally-trusted certificate support

  - Untested
parent 04be0936
......@@ -9,20 +9,16 @@ if (arguments._.length > 1 || arguments.help === true) {
const usageFolderToServe = clr('folder-to-serve', 'green')
const usagePortOption = `${clr('--port', 'yellow')} ${clr('N', 'cyan')}`
// For when Express static gets HTTP2 support:
// ===================================================================================
// const usageHttp2Option = clr('--http2', 'yellow')
// • ${usageHttp2Option}\t\t${clr('flag', 'italic')}\tRequests an HTTP2 server (optional; defaults to HTTP1).
// ===================================================================================
const usageGlobalOption = `${clr('--global', 'yellow')} ${clr('you@your.site', 'cyan')}`
const usage = `
${clr('Usage:', 'underline')}
${clr('https-server', 'bold')} [${usageFolderToServe}] [${usagePortOption}]
${clr('https-server', 'bold')} [${usageFolderToServe}] [${usagePortOption}] [${usageGlobalOption}]
${usageFolderToServe}\t${clr('string', 'italic')}\tPath to the folder to serve (optional; defaults to current folder).
${usagePortOption}\t\t${clr('number', 'italic')}\tThe port to start the server on (optional; defaults to 443).
${usageFolderToServe}\t\tPath to the folder to serve (optional; defaults to current folder).
${usagePortOption}\t\t\tThe port to start the server on (optional; defaults to 443).
${usageGlobalOption}\tUse globally-trusted certificates. The email address is required by Let’s Encrypt.
`.replace(/\n$/, '').replace(/^\n/, '')
console.log(usage)
......@@ -42,16 +38,19 @@ if (arguments.port !== undefined) {
port = parseInt(arguments.port)
}
// If an email is passed, use it.
let email = undefined
if (arguments.email !== undefined) {
email = arguments.email
}
if (!fs.existsSync(pathToServe)) {
console.log(` 🤔 Error: could not find path ${pathToServe}\n`)
process.exit(1)
}
// For when Express static gets HTTP2 support:
// const http2 = (arguments.http2 === true)
// Start the server.
httpsServer.serve(pathToServe, port)
httpsServer.serve(pathToServe, port, email)
// Helpers.
......
......@@ -27,13 +27,17 @@ class HttpsServer {
//
// Returns an https server instance – the same as you’d get with
// require('https').createServer – configured with your nodecert certificates.
// If you do pass a key and cert, they will be overwritten.
// require('https').createServer – configured with your locally-trusted nodecert
// certificates by default. If you pass in an email address, globally-trusted
// are obtained from Let’s Encrypt.
//
// Note: if you pass in a key and cert in the options object, they will not be
// ===== used and will be overwritten.
createServer (options = {}, requestListener = undefined) {
// TODO: Create local certificate authority and certificates if on development
// ===== or use Greenlock on production to ensure that we have Let’s Encrypt
// certificates set up.
if (options.certificateType === 'global') {
if (options.email !== undefined) {
return this._createTLSServerWithGloballyTrustedCertificate (options, requestListener)
} else {
// Default to using local certificates.
......@@ -43,8 +47,9 @@ class HttpsServer {
// Starts a static server serving the contents of the passed path at the passed port
// and returns the server.
serve (pathToServe = '.', callback = null, port = 443) {
// and returns the server. If an email address is provided, then global certificates
// are obtained and used from Let’s Encrypt.
serve (pathToServe = '.', callback = null, port = 443, email = undefined) {
// Can also be called as serve(pathToServe, port)
if (typeof callback === 'number') {
......@@ -73,7 +78,7 @@ class HttpsServer {
let server
try {
server = this.createServer({}, app).listen(port, callback)
server = this.createServer({certificateType, email}, app).listen(port, callback)
} catch (error) {
console.log('\nError: could not start server', error)
throw error
......@@ -103,10 +108,6 @@ class HttpsServer {
_createTLSServerWithGloballyTrustedCertificate (options, requestListener = undefined) {
console.log('[https-server] Using globally-trusted certificates.')
if (options.email === undefined) {
throw new Error('Globally-trusted certificates require a valid email value in the options object. This is a Let’s Encrypt requirement.')
}
const email = options.email
delete options.email // Let’s be nice and not pollute that object.
......@@ -125,7 +126,6 @@ class HttpsServer {
agreeTos: true,
telemetry: false,
communityMember: false,
app,
email,
})
......
Markdown is supported
0% or .
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment