README.md 15.6 KB
Newer Older
Aral Balkan's avatar
Aral Balkan committed
1
# Indie Web Server
Aral Balkan's avatar
Aral Balkan committed
2

Aral Balkan's avatar
Aral Balkan committed
3
![Screenshot of Indie Web Server in use](images/indie-web-server-8.0.0.jpeg)
4

5
__Indie Web Server is a secure and seamless [Small Tech](https://ar.al/2019/03/04/small-technology/) personal web server.__
Aral Balkan's avatar
Aral Balkan committed
6

Aral Balkan's avatar
Aral Balkan committed
7
8
  - Zero-configuration – It Just Works 🤞™.

Aral Balkan's avatar
Aral Balkan committed
9
  - Develop with automatically-provisioned locally-trusted TLS courtesy of [mkcert](https://github.com/FiloSottile/mkcert) seamlessly integrated via [Nodecert](https://source.ind.ie/hypha/tools/nodecert).
Aral Balkan's avatar
Aral Balkan committed
10

Aral Balkan's avatar
Aral Balkan committed
11
12
  - Test and deploy with automatically-provisioned globally-trusted TLS courtesy of [Let’s Encrypt](https://letsencrypt.org/) seamlessly integrated via [ACME TLS](https://source.ind.ie/hypha/tools/acme-tls) and [systemd](https://freedesktop.org/wiki/Software/systemd/). Your server will score an A on the [SSL Labs SSL Server Test](https://www.ssllabs.com/ssltest).

Aral Balkan's avatar
Aral Balkan committed
13
  <ins>Note:</ins> Live deployments via startup daemons are only supported on Linux distributions with systemd.
Aral Balkan's avatar
Aral Balkan committed
14

15
## Install
Aral Balkan's avatar
Aral Balkan committed
16

Aral Balkan's avatar
Aral Balkan committed
17
18
Copy and paste the following commands into your terminal:

19
### Linux and macOS
Aral Balkan's avatar
Aral Balkan committed
20

21
Install the native binaries:
Aral Balkan's avatar
Aral Balkan committed
22

23
__Before you pipe any script into your computer, always [view the source code](https://ind.ie/web-server/install.sh) and make sure you understand what it does.__
Aral Balkan's avatar
Aral Balkan committed
24
25

```
26
wget -qO- https://ind.ie/web-server/install.sh | bash
Aral Balkan's avatar
Aral Balkan committed
27
28
29
30
```

### Node.js

Aral Balkan's avatar
Aral Balkan committed
31
```sh
Aral Balkan's avatar
Aral Balkan committed
32
npm i -g @ind.ie/web-server
Aral Balkan's avatar
Aral Balkan committed
33
34
```

35
36
There is currently no native binary support for Windows. Please use the npm installation method on that platform.

37
## Use
38

39
### Local
40

41
Start serving the current directory at https://localhost as a regular process using locally-trusted certificates:
42
43

```shell
Aral Balkan's avatar
Aral Balkan committed
44
$ web-server
45
46
```

47
48
### Proxy server (local)

Aral Balkan's avatar
Aral Balkan committed
49
You can also use Indie Web Server as a development-time reverse proxy for HTTP and WebSocket connections. For example, if you use [Hugo](https://gohugo.io/) and you’re running `hugo server` on the default HTTP port 1313. You can run a HTTPS reverse proxy at https://localhost [with LiveReload support](https://source.ind.ie/hypha/tools/web-server/blob/master/bin/web-server.js#L237) using:
50
51

```shell
52
$ web-server proxy localhost:1313
53
54
```

55
56
57
58
This will create and serve the following proxies:

  * http://localhost:1313 → https://localhost
  * ws://localhost:1313 → wss://localhost
59

60
61
62
### Global (ephemeral)

__Available on Linux and macOS only*__
63

Aral Balkan's avatar
Aral Balkan committed
64
Start serving the _site_ directory at your _hostname_ as a regular process using globally-trusted Let’s Encrypt certificates:
65
66

```shell
67
$ web-server global site
68
69
```

70
Then use, for example, [ngrok](https://ngrok.com/) (Pro+) to point a custom domain name to your temporary staging server. Make sure you set your `hostname` file (e.g., in `/etc/hostname` or via `hostnamectl set-hostname <hostname>` or the equivalent for your platform) to match your domain name. The first time you hit your server via your hostname it will take a little longer to load as your Let’s Encrypt certificates are being automatically provisioned by ACME TLS.
71

Aral Balkan's avatar
Aral Balkan committed
72
When you start your server using the `global` command, it will run as a regular process. It will not be restarted if it crashes or if you exit the foreground process or restart the computer.
73
74

\* Automatic hostname detection has not been implemented for Windows and so globally-trusted certificates will fail on that platform.
75

76
77
### Global (persistent)

78
__Available on Linux distributions with systemd (most Linux distributions, but [not these ones](https://sysdfree.wordpress.com/2019/03/09/135/) or on macOS/Windows).__
79

Aral Balkan's avatar
Aral Balkan committed
80
Start serving the _site_ directory at your _hostname_ as a daemon that is automatically run at system startup and restarted if it crashes:
81
82

```shell
83
$ web-server enable site
84
85
```

86
The `enable` command sets up your server to start automatically when your server starts and restart automatically if it crashes. Requires superuser privileges on first run to set up the launch item.
87

88
For example, if you run the command on a connected server that has the ar.al domain pointing to it and `ar.al` set in _/etc/hostname_, you will be able to access the site at https://ar.al. The first time you hit it, it will take a little longer to load as your Let’s Encrypt certificates are being automatically provisioned by ACME TLS.
89

90
When the server is enabled, you can also use:
Aral Balkan's avatar
Aral Balkan committed
91

92
  - `disable`: Stop server and remove from startup.
93
  - `logs`: Display and tail server logs.
94
  - `status`: Display detailed server information (press ‘q’ to exit).
Aral Balkan's avatar
Aral Balkan committed
95

96
Indie Web Server uses the [systemd](https://freedesktop.org/wiki/Software/systemd/) to start and manage the daemon. Beyond the commands listed above that Indie Web Server supports natively (and proxies to systemd), you can make use of all systemd functionality via the `systemctl` and `journalctl` commands.
Aral Balkan's avatar
Aral Balkan committed
97

98
99
## Build and test from source

Aral Balkan's avatar
Aral Balkan committed
100
101
### Global Node.js module

102
103
104
105
```shell
# Clone and install.
git clone https://source.ind.ie/hypha/tools/web-server.git
cd web-server
106
107
npm i         # Install modules and development dependencies.
npm i -g .    # Install globally for access to the binary.
108
109
110
111
112
113
114
115

# Run unit tests.
npm test

# Serve the test site (visit https://localhost to view).
web-server test/site
```

116
117
118
119
120
121
122
123
__Note:__ for commands that require root privileges (i.e., `enable` and `disable`), Indie Web Server will automatically restart itself using sudo and Node must be available for the root account. If you’re using [nvm](https://github.com/creationix/nvm), you can enable this via:

```shell
# Replace v10.15.3 with the version of node you want to make available globally.
sudo ln -s "$NVM_DIR/versions/node/v10.15.3/bin/node" "/usr/local/bin/node"
sudo ln -s "$NVM_DIR/versions/node/v10.15.3/bin/npm" "/usr/local/bin/npm"
```

Aral Balkan's avatar
Aral Balkan committed
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
### Native binaries

```shell
# Clone and install.
git clone https://source.ind.ie/hypha/tools/web-server.git
cd web-server
npm i         # Install modules and development dependencies.

# Run unit tests.
npm test

# Build the native binaries
npm run build

# Serve the test site (visit https://localhost to view).
139
140
# e.g., To run the version 9.0.0 Linux binary:
dist/linux/9.0.0/web-server test/site
Aral Balkan's avatar
Aral Balkan committed
141
142
```

143
## Syntax
144

Aral Balkan's avatar
Aral Balkan committed
145
```shell
146
web-server [command] [folder|url] [options]
Aral Balkan's avatar
Aral Balkan committed
147
```
148

149
  * `command`: version | help | dev | test | enable | disable | logs | status
150
151
  * `folder`: Path of folder to serve (defaults to current folder).
  * `options`: Settings that alter server characteristics.
Aral Balkan's avatar
Aral Balkan committed
152

153
154
155
156
### Commands:

  * `version`: Display version and exit.
  * `help`: Display help screen and exit.
157
158
  * `local`: Start server as regular process with locally-trusted certificates.
  * `global`: Start server as regular process with globally-trusted certificates.
Aral Balkan's avatar
Aral Balkan committed
159

160
On Linux distributions with systemd, you can also use:
Aral Balkan's avatar
Aral Balkan committed
161

162
163
  * `enable`: Start server as daemon with globally-trusted certificates and add to startup.
  * `disable`: Stop server daemon and remove from startup.
164
  * `logs`: Display and tail server logs.
165
  * `status`: Display detailed server information.
Aral Balkan's avatar
Aral Balkan committed
166

167
If `command` is omitted, behaviour defaults to `local`.
168
169

### Options:
Aral Balkan's avatar
Aral Balkan committed
170

171
  * `--port=N`: Port to start the server on (defaults to 443).
Aral Balkan's avatar
Aral Balkan committed
172

173
All command-line arguments are optional. By default, Indie Web Server will serve your current working folder over port 443 with locally-trusted certificates.
Aral Balkan's avatar
Aral Balkan committed
174

175
If you want to serve a directory that has the same name as a command, you can specify the command in _options_ format. e.g., `web-server --enable logs` will start Indie Web Server as a startup daemon to serve the _logs_ folder.
176

177
When you use the `global` or `enable` commands, globally-trusted Let’s Encrypt TLS certificates are automatically provisioned for you using ACME TLS the first time you hit your hostname. The hostname for the certificates is automatically set from the hostname of your system (and the _www._ subdomain is also automatically provisioned).
178

179
## Native support for an Evergreen Web
180

181
182
What if links never died? What if we never broke the Web? What if it didn’t involve any extra work? It’s possible. And, with Indie Web Server, it’s easy.

Aral Balkan's avatar
Aral Balkan committed
183
### Native cascading archives support
184
185
186
187
188
189
190
191
192
193
194
195
196
197
198
199
200
201
202

If you have a static archive of the previous version of your site, you can have Indie Web Server automatically serve it for you. For example, if your site is being served from the `my-site` folder, just put the archive of your site into a folder named `my-site-archive-1`:

```
|- my-site
|- my-site-archive-1
```

If a path cannot be found in `my-site`, it will be served from `my-site-archive-1`.

And you’re not limited to a single archive (and hence the “cascade” bit in the name of the feature). As you have multiple older versions of your site, just add them to new folders and increment the archive index in the name. e.g., `my-site-archive-2`, `my-site-archive-3`, etc.

Paths in `my-site` will override those in `my-site-archive-3` and those in `my-site-archive-3` will, similarly, override those in `my-site-archive-2` and so on.

What this means that your old links will never die but if you do replace them with never content in never versions, those will take precedence.

### Native 404 → 302 support

But what if the previous version of your site is a dynamic site and you either don’t want to lose the dynamic functionality or you simply cannot take a static backup. No worries. Just move it to a different subdomain or domain and make your 404s into 302s.
203

Aral Balkan's avatar
Aral Balkan committed
204
Indie Web Server has native support for [the 404 to 302 technique](https://4042302.org) to ensure an evergreen web. Just serve the old version of your site (e.g., your WordPress site, etc.) from a different subdomain and tell Indie Web Server to forward any unknown requests on your new static site to that subdomain so that all your existing links magically work.
205
206
207

To do so, create a simple file called `4042302` in the root directory of your web content and add the URL of the server that is hosting your older content. e.g.,

208
### /4042302
209
```
Aral Balkan's avatar
Aral Balkan committed
210
https://the-previous-version-of.my.site
211
```
212
213
214
215
216
217

You can chain the 404 → 302 method any number of times to ensure that none of your links ever break without expending any additional effort to migrate your content.

For more information and examples, see [4042302.org](https://4042302.org).

## Custom error pages
218

219
220
![Screenshot of the custom 404 error page included in the unit tests](images/custom-404.png)

221
222
223
224
You can specify a custom error page for 404 (not found) and 500 (internal server error) errors. To do so, create a folder with the status code you want off of the root of your web content (i.e., `/404` and/or `/500`) and place at least an `index.html` file in the folder. You can also, optionally, put any assets you want to display on your error pages into those folders and load them in via relative URLs. Your custom error pages will be served with the proper error code and at the URL that was being accessed.

If you do not create custom error pages, the built-in default error pages will be displayed for 404 and 500 errors.

225
226
When creating your own servers (see [API](#API)), you can generate the default error pages programmatically using the static methods `WebServer.default404ErrorPage()` and `WebServer.default500ErrorPage()`, passing in the missing path and the error message as the argument, respectively to get the HTML string of the error page returned.

227
## API
228

229
Indie Web Server’s `createServer` method behaves like the built-in _https_ module’s `createServer` function. Anywhere you use `require('https').createServer`, you can simply replace it with `require('@ind.ie/web-server').createServer`.
230

231

232
### createServer([options], [requestListener])
233

234
  - __options__ _(object)_: see [https.createServer](https://nodejs.org/api/https.html#https_https_createserver_options_requestlistener). Populates the `cert` and `key` properties from the automatically-created [nodecert](https://source.ind.ie/hypha/tools/nodecert/) or Let’s Encrypt certificates and will overwrite them if they exist in the options object you pass in. If your options has `options.global = true` set, globally-trusted TLS certificates are obtained from Let’s Encrypt using ACME TLS.
235

236
  - __requestListener__ _(function)_: see [https.createServer](https://nodejs.org/api/https.html#https_https_createserver_options_requestlistener). If you don’t pass a request listener, Indie Web Server will use its default one.
237

238
    __Returns:__ [https.Server](https://nodejs.org/api/https.html#https_class_https_server) instance, configured with either locally-trusted certificates via nodecert or globally-trusted ones from Let’s Encrypt.
239

240
#### Example
241
242

```js
Aral Balkan's avatar
Aral Balkan committed
243
const webServer = require('@ind.ie/web-server')
244
245
246
247
248
const express = require('express')

const app = express()
app.use(express.static('.'))

249
const options = {} // to use globally-trusted certificates instead, set this to {global: true}
Aral Balkan's avatar
Aral Balkan committed
250
const server = webServer.createServer(options, app).listen(443, () => {
251
252
253
254
  console.log(` 🎉 Serving on https://localhost\n`)
})
```

255
### serve([options])
256
257

Options is an optional parameter object that may contain the following properties, all optional:
258

259
  - __path__ _(string)_: the directory to serve using [Express](http://expressjs.com/).static.
260

261
  - __callback__ _(function)_: a function to be called when the server is ready. If you do not specify a callback, you can specify the port as the second argument.
262

263
  - __port__ _(number)_: the port to serve on. Defaults to 443. (On Linux, privileges to bind to the port are automatically obtained for you.)
264

265
  - __global__ _(boolean)_: if true, globally-trusted Let’s Encrypt certificates will be provisioned (if necesary) and used via ACME TLS. If false (default), locally-trusted certificates will be provisioned (if necesary) and used using nodecert.
266
267

    __Returns:__ [https.Server](https://nodejs.org/api/https.html#https_class_https_server) instance, configured with either locally or globally-trusted certificates.
268
269


270
#### Examples
271

Aral Balkan's avatar
Aral Balkan committed
272
Serve the current directory at https://localhost using locally-trusted TLS certificates:
273

274
```js
Aral Balkan's avatar
Aral Balkan committed
275
276
const webServer = require('@ind.ie/web-server')
const server = webServer.serve()
277
278
```

Aral Balkan's avatar
Aral Balkan committed
279
Serve the current directory at your hostname using globally-trusted Let’s Encrypt TLS certificates:
280
281

```js
Aral Balkan's avatar
Aral Balkan committed
282
283
const webServer = require('@ind.ie/web-server')
const server = webServer.serve({global: true})
284
285
```

286
287
## Contributing

Aral Balkan's avatar
Aral Balkan committed
288
Indie Web Server is, by design, a zero-configuration personal web server for single-tenant web applications for and by individuals. As such, any new feature requests will have to be both fit for purpose and survive a trial by fire to be considered. (That is, this is [Small Tech](https://ar.al/2019/03/04/small-technology/), with the emphasis on _small_).
289
290
291

Please file issues and submit pull requests on the [Indie Web Server Github Mirror](https://github.com/indie-mirror/indie-web-server).

292
293
## Help wanted

Aral Balkan's avatar
Aral Balkan committed
294
295
296
For locally-trusted certificates, all dependencies are installed automatically for you if they do not exist if you have apt, pacman, or yum (untested) on Linux or if you have [Homebrew](https://brew.sh/) or [MacPorts](https://www.macports.org/) (untested) on macOS.

I can use your help to test Indie Web Server on the following platform/package manager combinations:
297

298
299
  - Linux with yum
  - macOS with MacPorts
300

Aral Balkan's avatar
Aral Balkan committed
301
Please [let me know how/if it works](https://github.com/indie-mirror/web-server/issues). Thank you!
302
303
304
305

## Thanks

  * [thagoat](https://github.com/thagoat) for confirming that [installation works on Arch Linux with Pacman](https://github.com/indie-mirror/https-server/issues/1).
306
307
308
309

  * [Tim Knip](https://github.com/timknip) for confirming that [the module works with 64-bit Windows](https://github.com/indie-mirror/https-server/issues/2) with the following behaviour: “Install pops up a windows dialog to allow adding the cert.”

  * [Run Rabbit Run](https://hackers.town/@nobody) for [the following information](https://hackers.town/@nobody/101670447262172957) on 64-bit Windows: “Win64: works with the windows cert install popup on server launch. Chrome and ie are ok with the site then. FF 65 still throws the cert warning even after restarting.”