README.md 12.6 KB
Newer Older
Aral Balkan's avatar
Aral Balkan committed
1
# Indie Web Server
Aral Balkan's avatar
Aral Balkan committed
2

3
4
![Screenshot of Indie Web Server in use](images/indie-web-server.jpeg)

Aral Balkan's avatar
Aral Balkan committed
5
Indie Web Server is a secure and seamless [Small Tech](https://ar.al/2019/03/04/small-technology/) personal web server.
Aral Balkan's avatar
Aral Balkan committed
6

Aral Balkan's avatar
Aral Balkan committed
7
8
  - Zero-configuration – It Just Works 🤞™.

9
  - Develop with automatically-provisioned locally-trusted TLS thanks to [mkcert](https://github.com/FiloSottile/mkcert) via [Nodecert](https://source.ind.ie/hypha/tools/nodecert).
Aral Balkan's avatar
Aral Balkan committed
10

11
  - Test and deploy with automatically-provisioned globally-trusted TLS thanks to [Let’s Encrypt](https://letsencrypt.org/) via [ACME TLS](https://source.ind.ie/hypha/tools/acme-tls) (with an A score on [SSL Labs SSL Server Test](https://www.ssllabs.com/ssltest)) and the seamlessly-integrated [pm2](https://pm2.io/runtime/) process manager.
Aral Balkan's avatar
Aral Balkan committed
12

13

14
## Install
Aral Balkan's avatar
Aral Balkan committed
15

Aral Balkan's avatar
Aral Balkan committed
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
Copy and paste the following commands into your terminal:

### Linux

```
wget https://ind.ie/web-server/linux/7.2.0.zip && unzip 7.2.0.zip && chmod +x web-server && sudo mv web-server /usr/local/bin/
```

### macOS

```
wget https://ind.ie/web-server/macos/7.2.0.zip && unzip 7.2.0.zip && chmod +x web-server && sudo mv web-server /usr/local/bin/
```

### Node.js

Aral Balkan's avatar
Aral Balkan committed
32
```sh
Aral Balkan's avatar
Aral Balkan committed
33
npm i -g @ind.ie/web-server
Aral Balkan's avatar
Aral Balkan committed
34
35
```

36
## Use
37

Aral Balkan's avatar
Aral Balkan committed
38
### Development
39
40

Start serving the current directory at https://localhost using locally-trusted certificates:
41
42

```shell
Aral Balkan's avatar
Aral Balkan committed
43
$ web-server
44
45
```

46
### Testing
47

Aral Balkan's avatar
Aral Balkan committed
48
Start serving the _site_ directory at your _hostname_ as a regular process using globally-trusted Let’s Encrypt certificates:
49
50

```shell
51
$ web-server test site
52
53
```

54
55
For example, use [ngrok](https://ngrok.com/) (Pro+) with a custom domain name that you set in your `hostname` file (e.g., in `/etc/hostname` or via `hostnamectl set-hostname <hostname>` or the equivalent for your platform). The first time you hit your staging server via your hosname it will take a little longer to load as your Let’s Encrypt certificates are being automatically provisioned by ACME TLS.

Aral Balkan's avatar
Aral Balkan committed
56
### Live
57

Aral Balkan's avatar
Aral Balkan committed
58
Start serving the _site_ directory at your _hostname_ as a daemon that is automatically run at system startup and restarted if it crashes:
59
60

```shell
61
$ web-server on site
62
63
```

64
The `on` command sets up your server to (re)start automatically when your server (re)starts and/or crashes, etc. Requires superuser privileges on first run to set up the launch item.
65

Aral Balkan's avatar
Aral Balkan committed
66
For example, if you run the command on a connected server that has the ar.al domain pointing to it and `ar.al` set in _/etc/hostname_ (on Unix/Linux/macOS), you will be able to access the site at https://ar.al. The first time you hit it, it will take a little longer to load as your Let’s Encrypt certificates are being automatically provisioned by ACME TLS.
67

68
When the server is on, you can also use:
Aral Balkan's avatar
Aral Balkan committed
69

70
71
72
73
  - `off`: Turn server off and remove it from startup items.
  - `monitor`: Monitor server state.
  - `logs`: Display and tail server logs.
  - `info`: Display detailed server information.
Aral Balkan's avatar
Aral Balkan committed
74

75
Indie Web Server uses the [pm2](https://pm2.io/runtime/) process manager internally to start and manage the daemon. Beyond the commands listed above that Indie Web Server supports natively (and proxies to pm2), you can make use of all pm2 functionality via the pm2 command directly should you need to.
Aral Balkan's avatar
Aral Balkan committed
76

77
78
## Build and test from source

Aral Balkan's avatar
Aral Balkan committed
79
80
### Global Node.js module

81
82
83
84
```shell
# Clone and install.
git clone https://source.ind.ie/hypha/tools/web-server.git
cd web-server
85
86
npm i         # Install modules and development dependencies.
npm i -g .    # Install globally for access to the binary.
87
88
89
90
91
92
93
94

# Run unit tests.
npm test

# Serve the test site (visit https://localhost to view).
web-server test/site
```

Aral Balkan's avatar
Aral Balkan committed
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
### Native binaries

```shell
# Clone and install.
git clone https://source.ind.ie/hypha/tools/web-server.git
cd web-server
npm i         # Install modules and development dependencies.

# Run unit tests.
npm test

# Build the native binaries
npm run build

# Serve the test site (visit https://localhost to view).
# e.g., To run the version 7.2.0 Linux binary:
111
dist-iws/linux/7.2.0/web-server test/site
Aral Balkan's avatar
Aral Balkan committed
112
113
```

114
## Syntax
115

Aral Balkan's avatar
Aral Balkan committed
116
```shell
117
web-server [command] [folder] [options]
Aral Balkan's avatar
Aral Balkan committed
118
```
119

120
121
122
  * `command`: version | help | dev | test | on | off | monitor | logs | info
  * `folder`: Path of folder to serve (defaults to current folder).
  * `options`: Settings that alter server characteristics.
Aral Balkan's avatar
Aral Balkan committed
123

124
125
126
127
### Commands:

  * `version`: Display version and exit.
  * `help`: Display help screen and exit.
Aral Balkan's avatar
Aral Balkan committed
128

129
130
131
  * `dev`: Launch server as regular process with locally-trusted certificates.
  * `test`: Launch server as regular process with globally-trusted certificates.
  * `on`: Launch server as startup daemon with globally-trusted certificates.
Aral Balkan's avatar
Aral Balkan committed
132

133
When the server is on, you can also use:
Aral Balkan's avatar
Aral Balkan committed
134

135
  * `off`: Take server offline and remove it from startup items.
Aral Balkan's avatar
Aral Balkan committed
136

137
  * `monitor`: Monitor server state.
Aral Balkan's avatar
Aral Balkan committed
138

139
  * `logs`: Display and tail server logs.
Aral Balkan's avatar
Aral Balkan committed
140

141
  * `info`: Display detailed server information.
Aral Balkan's avatar
Aral Balkan committed
142

143
144
145
If `command` is omitted, behaviour defaults to `dev`.

### Options:
Aral Balkan's avatar
Aral Balkan committed
146

147
  * `--port=N`: Port to start the server on (defaults to 443).
Aral Balkan's avatar
Aral Balkan committed
148

149
All command-line arguments are optional. By default, Indie Web Server will serve your current working folder over port 443 with locally-trusted certificates.
Aral Balkan's avatar
Aral Balkan committed
150

151
If you want to serve a directory that has the same name as a command, you can speficy the command in _options_ format. e.g., `web-server --on logs` will start Indie Web Server as a startup daemon to serve the _logs_ folder.
152

153
If you use the `test` or `on` commands, globally-trusted Let’s Encrypt TLS certificates are automatically provisioned for you using ACME TLS the first time you hit your hostname. The hostname for the certificates is automatically set from the hostname of your system (and the _www._ subdomain is also automatically provisioned).
154

155
156
157
158
## Native 404 → 302 support for an evergreen web

What if links never died? What if we never broke the Web? What if it didn’t involve any extra work? It’s possible. And easy. Just make your 404s into 302s.

Aral Balkan's avatar
Aral Balkan committed
159
Indie Web Server has native support for [the 404 to 302 technique](https://4042302.org) to ensure an evergreen web. Just serve the old version of your site (e.g., your WordPress site, etc.) from a different subdomain and tell Indie Web Server to forward any unknown requests on your new static site to that subdomain so that all your existing links magically work.
160
161
162

To do so, create a simple file called `4042302` in the root directory of your web content and add the URL of the server that is hosting your older content. e.g.,

163
### /4042302
164
```
Aral Balkan's avatar
Aral Balkan committed
165
https://the-previous-version-of.my.site
166
```
167
168
169
170
171
172

You can chain the 404 → 302 method any number of times to ensure that none of your links ever break without expending any additional effort to migrate your content.

For more information and examples, see [4042302.org](https://4042302.org).

## Custom error pages
173

174
175
![Screenshot of the custom 404 error page included in the unit tests](images/custom-404.png)

176
177
178
179
You can specify a custom error page for 404 (not found) and 500 (internal server error) errors. To do so, create a folder with the status code you want off of the root of your web content (i.e., `/404` and/or `/500`) and place at least an `index.html` file in the folder. You can also, optionally, put any assets you want to display on your error pages into those folders and load them in via relative URLs. Your custom error pages will be served with the proper error code and at the URL that was being accessed.

If you do not create custom error pages, the built-in default error pages will be displayed for 404 and 500 errors.

180
181
When creating your own servers (see [API](#API)), you can generate the default error pages programmatically using the static methods `WebServer.default404ErrorPage()` and `WebServer.default500ErrorPage()`, passing in the missing path and the error message as the argument, respectively to get the HTML string of the error page returned.

182
## API
183

184
Indie Web Server’s `createServer` method behaves like the built-in _https_ module’s `createServer` function. Anywhere you use `require('https').createServer`, you can simply replace it with `require('@ind.ie/web-server').createServer`.
185

186

187
### createServer([options], [requestListener])
188

189
  - __options__ _(object)___:__ see [https.createServer](https://nodejs.org/api/https.html#https_https_createserver_options_requestlistener). Populates the `cert` and `key` properties from the automatically-created [nodecert](https://source.ind.ie/hypha/tools/nodecert/) or Let’s Encrypt certificates and will overwrite them if they exist in the options object you pass in. If your options has `options.global = true` set, globally-trusted TLS certificates are obtained from Let’s Encrypt using ACME TLS.
190

Aral Balkan's avatar
Aral Balkan committed
191
  - __requestListener__ _(function)___:__ see [https.createServer](https://nodejs.org/api/https.html#https_https_createserver_options_requestlistener). If you don’t pass a request listener, Indie Web Server will use its default one.
192

193
    __Returns:__ [https.Server](https://nodejs.org/api/https.html#https_class_https_server) instance, configured with either locally-trusted certificates via nodecert or globally-trusted ones from Let’s Encrypt.
194

195
#### Example
196
197

```js
Aral Balkan's avatar
Aral Balkan committed
198
const webServer = require('@ind.ie/web-server')
199
200
201
202
203
const express = require('express')

const app = express()
app.use(express.static('.'))

204
const options = {} // to use globally-trusted certificates instead, set this to {global: true}
Aral Balkan's avatar
Aral Balkan committed
205
const server = webServer.createServer(options, app).listen(443, () => {
206
207
208
209
  console.log(` 🎉 Serving on https://localhost\n`)
})
```

210
### serve([options])
211
212

Options is an optional parameter object that may contain the following properties, all optional:
213

214
  - __path__ _(string)___:__ the directory to serve using [Express](http://expressjs.com/).static.
215

216
217
218
219
  - __callback__ _(function)___:__ a function to be called when the server is ready. If you do not specify a callback, you can specify the port as the second argument.

  - __port__ _(number)___:__ the port to serve on. Defaults to 443. (On Linux, privileges to bind to the port are automatically obtained for you.)

220
  - __global__ _(boolean)___:__ if true, globally-trusted Let’s Encrypt certificates will be provisioned (if necesary) and used via ACME TLS. If false (default), locally-trusted certificates will be provisioned (if necesary) and used using nodecert.
221
222

    __Returns:__ [https.Server](https://nodejs.org/api/https.html#https_class_https_server) instance, configured with either locally or globally-trusted certificates.
223
224


225
#### Examples
226

Aral Balkan's avatar
Aral Balkan committed
227
Serve the current directory at https://localhost using locally-trusted TLS certificates:
228

229
```js
Aral Balkan's avatar
Aral Balkan committed
230
231
const webServer = require('@ind.ie/web-server')
const server = webServer.serve()
232
233
```

Aral Balkan's avatar
Aral Balkan committed
234
Serve the current directory at your hostname using globally-trusted Let’s Encrypt TLS certificates:
235
236

```js
Aral Balkan's avatar
Aral Balkan committed
237
238
const webServer = require('@ind.ie/web-server')
const server = webServer.serve({global: true})
239
240
```

241
242
## Contributing

Aral Balkan's avatar
Aral Balkan committed
243
Indie Web Server is, by design, a zero-configuration personal web server for single-tenant web applications for and by individuals. As such, any new feature requests will have to be both fit for purpose and survive a trial by fire to be considered. (That is, this is [Small Tech](https://ar.al/2019/03/04/small-technology/), with the emphasis on _small_).
244
245
246

Please file issues and submit pull requests on the [Indie Web Server Github Mirror](https://github.com/indie-mirror/indie-web-server).

247
248
## Help wanted

Aral Balkan's avatar
Aral Balkan committed
249
250
251
For locally-trusted certificates, all dependencies are installed automatically for you if they do not exist if you have apt, pacman, or yum (untested) on Linux or if you have [Homebrew](https://brew.sh/) or [MacPorts](https://www.macports.org/) (untested) on macOS.

I can use your help to test Indie Web Server on the following platform/package manager combinations:
252

253
254
  - Linux with yum
  - macOS with MacPorts
255

Aral Balkan's avatar
Aral Balkan committed
256
Please [let me know how/if it works](https://github.com/indie-mirror/web-server/issues). Thank you!
257

Aral Balkan's avatar
Aral Balkan committed
258
Also, automatic hostname detection has not been implemented for Windows and so globally-trusted certificates will fail on that platform. If you get to it before I do, [I would appreciate a pull request](https://github.com/indie-mirror/web-server/pulls).
259

260

261
262
263
## Thanks

  * [thagoat](https://github.com/thagoat) for confirming that [installation works on Arch Linux with Pacman](https://github.com/indie-mirror/https-server/issues/1).
264
265
266
267

  * [Tim Knip](https://github.com/timknip) for confirming that [the module works with 64-bit Windows](https://github.com/indie-mirror/https-server/issues/2) with the following behaviour: “Install pops up a windows dialog to allow adding the cert.”

  * [Run Rabbit Run](https://hackers.town/@nobody) for [the following information](https://hackers.town/@nobody/101670447262172957) on 64-bit Windows: “Win64: works with the windows cert install popup on server launch. Chrome and ie are ok with the site then. FF 65 still throws the cert warning even after restarting.”