README.md 6.19 KB
Newer Older
1
# HTTPS Server
Aral Balkan's avatar
Aral Balkan committed
2

3
HTTPS Server is a secure [Small Tech](https://ar.al/2019/03/04/small-technology/) personal web server for seamless development and live use.
Aral Balkan's avatar
Aral Balkan committed
4

5
HTTP Server uses [nodecert](https://source.ind.ie/hypha/tools/nodecert) for seamless locally-trusted TLS certificate provisioning and use during development and [ACME TLS](https://source.ind.ie/hypha/tools/acme-tls) for seamless globally-trusted [Let’s Encrypt](https://letsencrypt.org/) TLS certificate provisioning and use on live environments.
Aral Balkan's avatar
Aral Balkan committed
6

7
8

## Install
Aral Balkan's avatar
Aral Balkan committed
9
10
11
12
13

```sh
npm i -g @ind.ie/https-server
```

14
## Use
15

16
### Command-line
Aral Balkan's avatar
Aral Balkan committed
17

18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
Start serving the current directory at https://localhost:

```shell
$ https-server
```

Start serving the _site_ directory at your hostname:

```shell
$ https-server site --global
```

For example, if you run the command on a connected server that has the ar.al domain pointing to it and `ar.al` set in _/etc/hostname_ (on Unix/Linux), you will be able to access the site at https://ar.al. The first time you access it, it will take a little longer to load as your Let’s Encrypt certificates are being automatically provisioned.

#### Syntax

Aral Balkan's avatar
Aral Balkan committed
34
```sh
35
https-server [folder-to-serve] [--port N] [--global] [--version]
Aral Balkan's avatar
Aral Balkan committed
36
```
37

38
All command-line arguments are optional. By default, an HTTPS server with locally-trusted certificates will be created for you to serve the current folder over port 443.
Aral Balkan's avatar
Aral Balkan committed
39

40
If you do not already have TLS certificates, they will be created for you automatically using [nodecert](https://source.ind.ie/hypha/tools/nodecert).
41

42
All dependencies are installed automatically for you if they do not exist if you have apt, pacman, or yum (untested) on Linux or if you have [Homebrew](https://brew.sh/) or [MacPorts](https://www.macports.org/) (untested) on macOS.
43

44
If you specify the `--global` flag, globally-trusted Let’s Encrypt TLS certificates are automatically provisioned for you using ACME-TLS the first time you hit your hostname. The hostname for the certificates is automatically set from the hostname of your system (and the _www._ subdomain is also automatically provisioned).
45

46
47
### API

48
HTTPS Server’s `createServer` method behaves like the built-in _https_ module’s `createServer` function. Anywhere you use `https.createServer`, you can simply replace it with `httpsServer.createServer`.
49

50

51
#### createServer([options], [requestListener])
52

53
  - __options__ _(object)___:__ see [https.createServer](https://nodejs.org/api/https.html#https_https_createserver_options_requestlistener). Populates the `cert` and `key` properties from the automatically-created [nodecert](https://source.ind.ie/hypha/tools/nodecert/) or Let’s Encrypt certificates and will overwrite them if they exist in the options object you pass in. If your options has `options.global = true` set, globally-trusted TLS certificates are obtained from Let’s Encrypt using ACME TLS.
54

55
  - __requestListener__ _(function)___:__ see [https.createServer](https://nodejs.org/api/https.html#https_https_createserver_options_requestlistener). If you don’t pass a request listener, HTTPS Server will use its default one.
56

57
    __Returns:__ [https.Server](https://nodejs.org/api/https.html#https_class_https_server) instance, configured with either locally-trusted certificates via nodecert or globally-trusted ones from Let’s Encrypt.
58

59
##### Example
60
61
62
63
64
65
66
67

```js
const httpsServer = require('https-server')
const express = require('express')

const app = express()
app.use(express.static('.'))

68
const options = {} // to use globally-trusted certificates instead, set this to {global: true}
69
70
71
72
73
const server = httpsServer.createServer(options, app).listen(443, () => {
  console.log(` 🎉 Serving on https://localhost\n`)
})
```

74
75
76
#### serve([options])

Options is an optional parameter object that may contain the following properties, all optional:
77

78
  - __path__ _(string)___:__ the directory to serve using [Express](http://expressjs.com/).static.
79

80
81
82
83
  - __callback__ _(function)___:__ a function to be called when the server is ready. If you do not specify a callback, you can specify the port as the second argument.

  - __port__ _(number)___:__ the port to serve on. Defaults to 443. (On Linux, privileges to bind to the port are automatically obtained for you.)

84
  - __global__ _(boolean)___:__ if true, globally-trusted Let’s Encrypt certificates will be provisioned (if necesary) and used via ACME TLS. If false (default), locally-trusted certificates will be provisioned (if necesary) and used using nodecert.
85
86

    __Returns:__ [https.Server](https://nodejs.org/api/https.html#https_class_https_server) instance, configured with either locally or globally-trusted certificates.
87
88
89


##### Example
90

91
92
Using locally-trusted TLS certificates:

93
94
95
96
97
98
99
```js
const httpsServer = require('https-server')

// Serve the current directory over https://localhost
const server = httpsServer.serve()
```

100
101
102
103
104
105
106
107
108
Using globally-trusted TLS certificates:

```js
const httpsServer = require('https-server')

// Serve the current directory over https://localhost
const server = httpsServer.serve({global: true})
```

109
110
## Help wanted

111
I can use your help to test HTTPS Server on the following platform/package manager combinations:
112

113
114
  - Linux with yum
  - macOS with MacPorts
115

116
Please [let me know how/if it works](https://github.com/indie-mirror/https-server/issues). Thank you!
117

118
119
Also, automatic hostname detection has not been implemented for Windows and so globally-trusted certificates will fail on that platform. If you get to it before I do, [I would appreciate a pull request](https://github.com/indie-mirror/https-server/pulls).

120

121
122
123
## Thanks

  * [thagoat](https://github.com/thagoat) for confirming that [installation works on Arch Linux with Pacman](https://github.com/indie-mirror/https-server/issues/1).
124
125
126
127

  * [Tim Knip](https://github.com/timknip) for confirming that [the module works with 64-bit Windows](https://github.com/indie-mirror/https-server/issues/2) with the following behaviour: “Install pops up a windows dialog to allow adding the cert.”

  * [Run Rabbit Run](https://hackers.town/@nobody) for [the following information](https://hackers.town/@nobody/101670447262172957) on 64-bit Windows: “Win64: works with the windows cert install popup on server launch. Chrome and ie are ok with the site then. FF 65 still throws the cert warning even after restarting.”