README.md 6.19 KB
Newer Older
1
# HTTPS Server
Aral Balkan's avatar
Aral Balkan committed
2

3
HTTPS Server is a secure [Small Tech](https://ar.al/2019/03/04/small-technology/) personal web server for seamless development and live use.
Aral Balkan's avatar
Aral Balkan committed
4

5
HTTP Server uses [nodecert](https://source.ind.ie/hypha/tools/nodecert) for seamless locally-trusted TLS certificate provisioning and use during development and [ACME TLS](https://source.ind.ie/hypha/tools/acme-tls) for seamless globally-trusted [Let’s Encrypt](https://letsencrypt.org/) TLS certificate provisioning and use on live environments.
Aral Balkan's avatar
Aral Balkan committed
6

7 8

## Install
Aral Balkan's avatar
Aral Balkan committed
9 10 11 12 13

```sh
npm i -g @ind.ie/https-server
```

14
## Use
15

16
### Command-line
Aral Balkan's avatar
Aral Balkan committed
17

18 19 20 21 22 23 24 25 26 27 28 29 30 31 32 33
Start serving the current directory at https://localhost:

```shell
$ https-server
```

Start serving the _site_ directory at your hostname:

```shell
$ https-server site --global
```

For example, if you run the command on a connected server that has the ar.al domain pointing to it and `ar.al` set in _/etc/hostname_ (on Unix/Linux), you will be able to access the site at https://ar.al. The first time you access it, it will take a little longer to load as your Let’s Encrypt certificates are being automatically provisioned.

#### Syntax

Aral Balkan's avatar
Aral Balkan committed
34
```sh
35
https-server [folder-to-serve] [--port N] [--global] [--version]
Aral Balkan's avatar
Aral Balkan committed
36
```
37

38
All command-line arguments are optional. By default, an HTTPS server with locally-trusted certificates will be created for you to serve the current folder over port 443.
Aral Balkan's avatar
Aral Balkan committed
39

40
If you do not already have TLS certificates, they will be created for you automatically using [nodecert](https://source.ind.ie/hypha/tools/nodecert).
41

42
All dependencies are installed automatically for you if they do not exist if you have apt, pacman, or yum (untested) on Linux or if you have [Homebrew](https://brew.sh/) or [MacPorts](https://www.macports.org/) (untested) on macOS.
43

44
If you specify the `--global` flag, globally-trusted Let’s Encrypt TLS certificates are automatically provisioned for you using ACME-TLS the first time you hit your hostname. The hostname for the certificates is automatically set from the hostname of your system (and the _www._ subdomain is also automatically provisioned).
45

46 47
### API

48
HTTPS Server’s `createServer` method behaves like the built-in _https_ module’s `createServer` function. Anywhere you use `https.createServer`, you can simply replace it with `httpsServer.createServer`.
49

50

51
#### createServer([options], [requestListener])
52

53
  - __options__ _(object)___:__ see [https.createServer](https://nodejs.org/api/https.html#https_https_createserver_options_requestlistener). Populates the `cert` and `key` properties from the automatically-created [nodecert](https://source.ind.ie/hypha/tools/nodecert/) or Let’s Encrypt certificates and will overwrite them if they exist in the options object you pass in. If your options has `options.global = true` set, globally-trusted TLS certificates are obtained from Let’s Encrypt using ACME TLS.
54

55
  - __requestListener__ _(function)___:__ see [https.createServer](https://nodejs.org/api/https.html#https_https_createserver_options_requestlistener). If you don’t pass a request listener, HTTPS Server will use its default one.
56

57
    __Returns:__ [https.Server](https://nodejs.org/api/https.html#https_class_https_server) instance, configured with either locally-trusted certificates via nodecert or globally-trusted ones from Let’s Encrypt.
58

59
##### Example
60 61 62 63 64 65 66 67

```js
const httpsServer = require('https-server')
const express = require('express')

const app = express()
app.use(express.static('.'))

68
const options = {} // to use globally-trusted certificates instead, set this to {global: true}
69 70 71 72 73
const server = httpsServer.createServer(options, app).listen(443, () => {
  console.log(` 🎉 Serving on https://localhost\n`)
})
```

74 75 76
#### serve([options])

Options is an optional parameter object that may contain the following properties, all optional:
77

78
  - __path__ _(string)___:__ the directory to serve using [Express](http://expressjs.com/).static.
79

80 81 82 83
  - __callback__ _(function)___:__ a function to be called when the server is ready. If you do not specify a callback, you can specify the port as the second argument.

  - __port__ _(number)___:__ the port to serve on. Defaults to 443. (On Linux, privileges to bind to the port are automatically obtained for you.)

84
  - __global__ _(boolean)___:__ if true, globally-trusted Let’s Encrypt certificates will be provisioned (if necesary) and used via ACME TLS. If false (default), locally-trusted certificates will be provisioned (if necesary) and used using nodecert.
85 86

    __Returns:__ [https.Server](https://nodejs.org/api/https.html#https_class_https_server) instance, configured with either locally or globally-trusted certificates.
87 88 89


##### Example
90

91 92
Using locally-trusted TLS certificates:

93 94 95 96 97 98 99
```js
const httpsServer = require('https-server')

// Serve the current directory over https://localhost
const server = httpsServer.serve()
```

100 101 102 103 104 105 106 107 108
Using globally-trusted TLS certificates:

```js
const httpsServer = require('https-server')

// Serve the current directory over https://localhost
const server = httpsServer.serve({global: true})
```

109 110
## Help wanted

111
I can use your help to test HTTPS Server on the following platform/package manager combinations:
112

113 114
  - Linux with yum
  - macOS with MacPorts
115

116
Please [let me know how/if it works](https://github.com/indie-mirror/https-server/issues). Thank you!
117

118 119
Also, automatic hostname detection has not been implemented for Windows and so globally-trusted certificates will fail on that platform. If you get to it before I do, [I would appreciate a pull request](https://github.com/indie-mirror/https-server/pulls).

120

121 122 123
## Thanks

  * [thagoat](https://github.com/thagoat) for confirming that [installation works on Arch Linux with Pacman](https://github.com/indie-mirror/https-server/issues/1).
124 125 126 127

  * [Tim Knip](https://github.com/timknip) for confirming that [the module works with 64-bit Windows](https://github.com/indie-mirror/https-server/issues/2) with the following behaviour: “Install pops up a windows dialog to allow adding the cert.”

  * [Run Rabbit Run](https://hackers.town/@nobody) for [the following information](https://hackers.town/@nobody/101670447262172957) on 64-bit Windows: “Win64: works with the windows cert install popup on server launch. Chrome and ie are ok with the site then. FF 65 still throws the cert warning even after restarting.”