README.md 25.9 KB
Newer Older
Aral Balkan's avatar
Aral Balkan committed
1
# Site.js
Aral Balkan's avatar
Aral Balkan committed
2

Aral Balkan's avatar
Aral Balkan committed
3
[![Screenshot of the Site.js web site header](images/site.js.jpeg)](https://sitejs.org)
4

Aral Balkan's avatar
Aral Balkan committed
5
6
7
## Develop, test, and deploy your secure static or dynamic personal web site with zero configuration.

__Site.js is an integrated [Small Tech](https://ar.al/2019/03/04/small-technology/) personal web tool for Linux and Linux-like* operating systems.__
Aral Balkan's avatar
Aral Balkan committed
8

Aral Balkan's avatar
Aral Balkan committed
9
10
  - Zero-configuration – It Just Works 🤞™.

Aral Balkan's avatar
Aral Balkan committed
11
  - Develop with automatically-provisioned locally-trusted TLS courtesy of [mkcert](https://github.com/FiloSottile/mkcert) seamlessly integrated via [Nodecert](https://source.ind.ie/hypha/tools/nodecert).
Aral Balkan's avatar
Aral Balkan committed
12

Aral Balkan's avatar
Aral Balkan committed
13
14
15
  - Stage and deploy production servers with automatically-provisioned globally-trusted TLS courtesy of [Let’s Encrypt](https://letsencrypt.org/) seamlessly integrated via [ACME TLS](https://source.ind.ie/hypha/tools/acme-tls) and [systemd](https://freedesktop.org/wiki/Software/systemd/). Your server will score an A on the [SSL Labs SSL Server Test](https://www.ssllabs.com/ssltest).

  - Create static web sites, extend them with dynamic JavaScript routes, or extend Site.js in Node.js to create fully-dynamic personal web applications.
Aral Balkan's avatar
Aral Balkan committed
16

Aral Balkan's avatar
Aral Balkan committed
17
  <ins>Note:</ins> Live deployments via startup daemons are only supported on Linux distributions with systemd.
Aral Balkan's avatar
Aral Balkan committed
18

19
20
  \* Works with Linux, macOS, and Windows Subsystem for Linux.

21
## Install
Aral Balkan's avatar
Aral Balkan committed
22

Aral Balkan's avatar
Aral Balkan committed
23
24
Copy and paste the following commands into your terminal:

25
### Native binaries
Aral Balkan's avatar
Aral Balkan committed
26

Aral Balkan's avatar
Aral Balkan committed
27
__Before you pipe any script into your computer, always [view the source code](https://site.js/install) and make sure you understand what it does.__
Aral Balkan's avatar
Aral Balkan committed
28

29
```shell
Aral Balkan's avatar
Aral Balkan committed
30
wget -qO- https://sitejs.org/install | bash
Aral Balkan's avatar
Aral Balkan committed
31
32
33
34
```

### Node.js

35
```shell
Aral Balkan's avatar
Aral Balkan committed
36
npm i -g @small-tech/site.js
Aral Balkan's avatar
Aral Balkan committed
37
38
```

39
40
41
42
43
44
45
46
47
48
49
## Dependencies

Site.js is tries to install the dependencies it needs seamlessly while running. That said, there are certain basic components it expects on a Linux-like system. These are:

  - `sudo`
  - `libcap2-bin` (we use `setcap` to escalate privileges on the binary as necessary)

If it turns out that any of these are a widespread reason for first-run breakage, we can look into having them installed automatically in the future. Please open an issue if any of these is an issue in your deployments or everyday usage.

Of course, you will need `wget` (or `curl`) installed to download the install script. You can install `wget` via your distribution’s package manager (e.g., `sudo apt install wget` on Ubuntu-like systems).

50
51
52
53
54
## Uninstall

To uninstall the native binary (and any created artifacts, like TLS certificates, systemd services, etc.):

```shell
Aral Balkan's avatar
Aral Balkan committed
55
site uninstall
56
57
```

58
## Use
59

60
### Local
61

62
Start serving the current directory at https://localhost as a regular process using locally-trusted certificates:
63
64

```shell
Aral Balkan's avatar
Aral Balkan committed
65
$ site
66
67
```

68
69
### Proxy server (local)

Aral Balkan's avatar
Aral Balkan committed
70
You can use Site.js as a development-time reverse proxy for HTTP and WebSocket connections. For example, if you use [Hugo](https://gohugo.io/) and you’re running `hugo server` on the default HTTP port 1313. You can run a HTTPS reverse proxy at https://localhost [with LiveReload support](https://source.ind.ie/hypha/tools/web-server/blob/master/bin/web-server.js#L237) using:
71
72

```shell
Aral Balkan's avatar
Aral Balkan committed
73
$ site :1313
74
75
```

76
77
78
79
This will create and serve the following proxies:

  * http://localhost:1313 → https://localhost
  * ws://localhost:1313 → wss://localhost
80

Aral Balkan's avatar
Aral Balkan committed
81
82
### Live sync to remote server

Aral Balkan's avatar
Aral Balkan committed
83
Part of local development involves deploying your changes to a live server at some point. You can use Site.js to handle this for you in real-time:
Aral Balkan's avatar
Aral Balkan committed
84
85

```shell
Aral Balkan's avatar
Aral Balkan committed
86
$ site my-demo --sync-to=my-demo.site
Aral Balkan's avatar
Aral Balkan committed
87
88
```

Aral Balkan's avatar
Aral Balkan committed
89
90
91
The above command will start a local development server at _https://localhost_. Additionally, it will watch the folder _my-demo_ for changes and sync any changes to its contents via rsync over ssh to the host _my-demo.site_.

If don’t want Site.js to start a server and you want to perform just a one-time sync, use the `--exit-on-sync` flag.
Aral Balkan's avatar
Aral Balkan committed
92
93

```shell
Aral Balkan's avatar
Aral Balkan committed
94
$ site my-demo --sync-to=my-demo.site --exit-on-sync
Aral Balkan's avatar
Aral Balkan committed
95
96
```

Aral Balkan's avatar
Aral Balkan committed
97
Without any customisations, the sync feature assumes that your account on your remote server has the same name as your account on your local machine and that the folder you are watching (_my-demo_, in the example above) is located at _/home/your-account/my-demo_ on the remote server. Also, by default, the contents of the folder will be synced, not the folder itself. You can change these defaults by specifying a full-qualified remote connection string as the `--sync-to` value.
Aral Balkan's avatar
Aral Balkan committed
98

Aral Balkan's avatar
Aral Balkan committed
99
The remote connection string has the format:
Aral Balkan's avatar
Aral Balkan committed
100

Aral Balkan's avatar
Aral Balkan committed
101
102
```
remoteAccount@host:/absolute/path/to/remoteFolder
Aral Balkan's avatar
Aral Balkan committed
103
104
```

Aral Balkan's avatar
Aral Balkan committed
105
For example:
Aral Balkan's avatar
Aral Balkan committed
106

Aral Balkan's avatar
Aral Balkan committed
107
108
109
110
111
```shell
$ site my-folder --sync-to=someOtherAccount@my-demo.site:/var/www
```

If you want to sync a different folder to the one you’re serving or if you’re running a proxy server (or if you just want to be as explicit as possible about your intent) you can use the `--sync-from` option to specify the folder to sync:
Aral Balkan's avatar
Aral Balkan committed
112

Aral Balkan's avatar
Aral Balkan committed
113
```shell
Aral Balkan's avatar
Aral Balkan committed
114
$ site :1313 --sync-from=public --sync-to=my-demo.site
Aral Balkan's avatar
Aral Balkan committed
115
116
```

Aral Balkan's avatar
Aral Balkan committed
117
(The above command will start a proxy server that forwards requests to and responses from http://localhost to https://localhost and sync the folder called `public` to the host `my-demo.site`.)
Aral Balkan's avatar
Aral Balkan committed
118

Aral Balkan's avatar
Aral Balkan committed
119
If you want to sync not the folder’s contents but the folder itself, use the `--sync-folder-and-contents` flag. e.g.,
120
121

```shell
Aral Balkan's avatar
Aral Balkan committed
122
$ site my-local-folder --sync-to=me@my.site:my-remote-folder --sync-folder-and-contents
123
124
```

Aral Balkan's avatar
Aral Balkan committed
125
126
The above command will result in the following directory structure on the remote server: _/home/me/my-remote-folder/my-local-folder_. It also demonstrates that if you specify a relative folder, Site.js assumes you mean the folder exists in the home directory of the account on the remote server.

127
128
### Global (ephemeral)

Aral Balkan's avatar
Aral Balkan committed
129
Start serving the _my-site_ directory at your _hostname_ as a regular process using globally-trusted Let’s Encrypt certificates:
130
131

```shell
Aral Balkan's avatar
Aral Balkan committed
132
$ site global my-site
133
134
```

135
Then use, for example, [ngrok](https://ngrok.com/) (Pro+) to point a custom domain name to your temporary staging server. Make sure you set your `hostname` file (e.g., in `/etc/hostname` or via `hostnamectl set-hostname <hostname>` or the equivalent for your platform) to match your domain name. The first time you hit your server via your hostname it will take a little longer to load as your Let’s Encrypt certificates are being automatically provisioned by ACME TLS.
136

Aral Balkan's avatar
Aral Balkan committed
137
When you start your server using the `global` command, it will run as a regular process. It will not be restarted if it crashes or if you exit the foreground process or restart the computer.
138
139
140

### Global (persistent)

141
__Available on Linux distributions with systemd (most Linux distributions, but [not these ones](https://sysdfree.wordpress.com/2019/03/09/135/) or on macOS).__
142

Aral Balkan's avatar
Aral Balkan committed
143
Start serving the _my-site_ directory at your _hostname_ as a daemon that is automatically run at system startup and restarted if it crashes:
144
145

```shell
Aral Balkan's avatar
Aral Balkan committed
146
$ site enable my-site
147
148
```

149
The `enable` command sets up your server to start automatically when your server starts and restart automatically if it crashes. Requires superuser privileges on first run to set up the launch item.
150

151
For example, if you run the command on a connected server that has the ar.al domain pointing to it and `ar.al` set in _/etc/hostname_, you will be able to access the site at https://ar.al. The first time you hit it, it will take a little longer to load as your Let’s Encrypt certificates are being automatically provisioned by ACME TLS.
152

153
When the server is enabled, you can also use:
Aral Balkan's avatar
Aral Balkan committed
154

155
  - `disable`: Stop server and remove from startup.
156
  - `logs`: Display and tail server logs.
157
  - `status`: Display detailed server information (press ‘q’ to exit).
Aral Balkan's avatar
Aral Balkan committed
158

Aral Balkan's avatar
Aral Balkan committed
159
Site.js uses the [systemd](https://freedesktop.org/wiki/Software/systemd/) to start and manage the daemon. Beyond the commands listed above that Site.js supports natively (and proxies to systemd), you can make use of all systemd functionality via the `systemctl` and `journalctl` commands.
Aral Balkan's avatar
Aral Balkan committed
160

161
162
## Build and test from source

Aral Balkan's avatar
Aral Balkan committed
163
### Install the source and run tests
Aral Balkan's avatar
Aral Balkan committed
164

165
166
```shell
# Clone and install.
Aral Balkan's avatar
Aral Balkan committed
167
168
169
170
mkdir site.js && cd site.js
git clone https://source.ind.ie/site.js/app.git
cd app
./install
171
172
173

# Run unit tests.
npm test
Aral Balkan's avatar
Aral Balkan committed
174
```
175

Aral Balkan's avatar
Aral Balkan committed
176
177
178
179
180
181
182
183
184
185
### Install as global Node.js module

After you install the source and run tests:

```shell
# Install the binary as a global module
npm i -g

# Serve the test site locally (visit https://localhost to view).
site test/site
186
187
```

Aral Balkan's avatar
Aral Balkan committed
188
__Note:__ for commands that require root privileges (i.e., `enable` and `disable`), Site.js will automatically restart itself using sudo and Node must be available for the root account. If you’re using [nvm](https://github.com/creationix/nvm), you can enable this via:
189
190
191
192
193
194
195

```shell
# Replace v10.15.3 with the version of node you want to make available globally.
sudo ln -s "$NVM_DIR/versions/node/v10.15.3/bin/node" "/usr/local/bin/node"
sudo ln -s "$NVM_DIR/versions/node/v10.15.3/bin/npm" "/usr/local/bin/npm"
```

Aral Balkan's avatar
Aral Balkan committed
196
197
### Native binaries

Aral Balkan's avatar
Aral Balkan committed
198
After you install the source and run tests:
Aral Balkan's avatar
Aral Balkan committed
199

Aral Balkan's avatar
Aral Balkan committed
200
```shell
201
202
# Build the native binary for your platform.
# To build for all platforms, use npm run build -- --all
Aral Balkan's avatar
Aral Balkan committed
203
204
205
npm run build

# Serve the test site (visit https://localhost to view).
Aral Balkan's avatar
Aral Balkan committed
206
207
# e.g., To run the version 11.0.0 Linux binary:
dist/linux/11.0.0/web-server test/site
208
209
```

210
211
### Build and install native binary locally

Aral Balkan's avatar
Aral Balkan committed
212
213
After you install the source and run tests:

214
215
216
217
```shell
npm run install-locally
```

218
219
220
221
222
223
224
### Deployment

```shell
# To build binaries for both linux and macOS and also to
# copy them over to the Indie Web Site for deployment.
# (You will most likely not need to do this.)
npm run deploy
Aral Balkan's avatar
Aral Balkan committed
225
226
```

227
## Syntax
228

Aral Balkan's avatar
Aral Balkan committed
229
```shell
Aral Balkan's avatar
Aral Balkan committed
230
site [command] [folder|host] [host] [--options]
Aral Balkan's avatar
Aral Balkan committed
231
```
232

Aral Balkan's avatar
Aral Balkan committed
233
234
235
  * `command`: version | help | local | global | proxy | sync | enable | disable | logs | status
  * `folder|host`: Path of folder to serve (defaults to current folder) or host to proxy or sync.
  * `host`: Host to sync.
236
  * `options`: Settings that alter server characteristics.
Aral Balkan's avatar
Aral Balkan committed
237

238
239
240
241
### Commands:

  * `version`: Display version and exit.
  * `help`: Display help screen and exit.
242
243
  * `local`: Start server as regular process with locally-trusted certificates.
  * `global`: Start server as regular process with globally-trusted certificates.
Aral Balkan's avatar
Aral Balkan committed
244
245
  * `proxy`: Start server to proxy provided HTTP URL via HTTPS. Also proxies WebSockets.
  * `sync`: Start server as regular process with locally-trusted certificates and rsync folder to host.
Aral Balkan's avatar
Aral Balkan committed
246

247
On Linux distributions with systemd, you can also use:
Aral Balkan's avatar
Aral Balkan committed
248

249
250
  * `enable`: Start server as daemon with globally-trusted certificates and add to startup.
  * `disable`: Stop server daemon and remove from startup.
251
  * `logs`: Display and tail server logs.
252
  * `status`: Display detailed server information.
Aral Balkan's avatar
Aral Balkan committed
253

254
If `command` is omitted, behaviour defaults to `local`.
255
256

### Options:
Aral Balkan's avatar
Aral Balkan committed
257

Aral Balkan's avatar
Aral Balkan committed
258
259
260
261
262
263
264
265
266
267
268
269
  * `--port=N`: Port to start server on (defaults to 443).

#### For the enable command:

  * `--sync`: Ensure the server can also rsync via ssh (so you can sync your site to it from your local machine).

### For the sync command:

  * `--host`: The remote host to sync to (e.g., my-demo.site).
  * `--account`: The ssh account to use on remote server (defaults to same as on current session).
  * `--folder`:	The subfolder of home folder to sync to on remote machine (defaults to name of served folder).
  * `--proxy`: Proxy the specified host and port instead of starting a regular local server.
Aral Balkan's avatar
Aral Balkan committed
270
271
  * `--exit-on-sync`: Exit once the first sync has occurred. Useful in deployment scripts.
  * `--sync-folder-and-contents`: Sync folder and contents (default is to sync the folder’s contents only).
Aral Balkan's avatar
Aral Balkan committed
272

Aral Balkan's avatar
Aral Balkan committed
273
All command-line arguments are optional. By default, Site.js will serve your current working folder over port 443 with locally-trusted certificates.
Aral Balkan's avatar
Aral Balkan committed
274

Aral Balkan's avatar
Aral Balkan committed
275
If you want to serve a directory that has the same name as a command, you can specify the command in _options_ format. e.g., `site --enable logs` will start Site.js as a startup daemon to serve the _logs_ folder.
276

277
When you use the `global` or `enable` commands, globally-trusted Let’s Encrypt TLS certificates are automatically provisioned for you using ACME TLS the first time you hit your hostname. The hostname for the certificates is automatically set from the hostname of your system (and the _www._ subdomain is also automatically provisioned).
278

Aral Balkan's avatar
Aral Balkan committed
279
280
281
282
283
284
## Usage examples

### Develop using locally-trusted certificates:

| Goal                                      | Command                                                       |
| ----------------------------------------- | ------------------------------------------------------------- |
Aral Balkan's avatar
Aral Balkan committed
285
286
287
288
289
290
291
292
293
294
295
296
297
| Serve current folder (shorthand)          | site                                                          |
| Serve folder my-site (shorthand)          | site my-site                                                  |
| Serve current folder                      | site local                                                    |
| Serve folder my-site                      | site local my-site                                            |
| Serve folder my-site at port 666          | site local my-site --port=666                                 |
| Proxy localhost:1313 to https://localhost | site proxy localhost:1313                                     |
| Serve current folder, sync it to my.site  | site sync my.site                                             |
| Serve my-site folder, sync it to my.site  | site sync my-site my.site                                     |
| Ditto, but using the --host option        | site sync site --host=my.site                                 |
| Ditto, but use account me on my.site      | site sync site --host=my.site --account=me                    |
| Ditto, but sync to remote folder www      | site sync site --host=my.site --account=me --folder=www       |
| Ditto, but using the --to option          | site sync site --to=me@my.site:/home/me/www                   |
| Sync current folder, proxy localhost:1313 | site sync my.site --proxy=localhost:1313                      |
Aral Balkan's avatar
Aral Balkan committed
298
299
300
301
302

### Stage and deploy using globally-trusted Let’s Encrypt certificates:

| Goal                                      | Command                                                       |
| ----------------------------------------- | ------------------------------------------------------------- |
Aral Balkan's avatar
Aral Balkan committed
303
304
305
306
307
308
309
| Serve current folder                      | site global                                                   |
| Serve folder my-site                      | site global my-site                                           |
| Serve current folder as daemon            | site enable                                                   |
| Ditto & also ensure it can rsync via ssh  | site enable --sync                                            |
| Get status of daemon                      | site status                                                   |
| Display server logs                       | site logs                                                     |
| Stop current daemon                       | site disable                                                  |
Aral Balkan's avatar
Aral Balkan committed
310

311
## Native support for an Evergreen Web
312

Aral Balkan's avatar
Aral Balkan committed
313
What if links never died? What if we never broke the Web? What if it didn’t involve any extra work? It’s possible. And, with Site.js, it’s effortless.
314

Aral Balkan's avatar
Aral Balkan committed
315
### Native cascading archives support
316

Aral Balkan's avatar
Aral Balkan committed
317
If you have a static archive of the previous version of your site, you can have Site.js automatically serve it for you. For example, if your site is being served from the `my-site` folder, just put the archive of your site into a folder named `my-site-archive-1`:
318
319
320
321
322
323
324
325
326
327
328
329
330
331
332
333
334

```
|- my-site
|- my-site-archive-1
```

If a path cannot be found in `my-site`, it will be served from `my-site-archive-1`.

And you’re not limited to a single archive (and hence the “cascade” bit in the name of the feature). As you have multiple older versions of your site, just add them to new folders and increment the archive index in the name. e.g., `my-site-archive-2`, `my-site-archive-3`, etc.

Paths in `my-site` will override those in `my-site-archive-3` and those in `my-site-archive-3` will, similarly, override those in `my-site-archive-2` and so on.

What this means that your old links will never die but if you do replace them with never content in never versions, those will take precedence.

### Native 404 → 302 support

But what if the previous version of your site is a dynamic site and you either don’t want to lose the dynamic functionality or you simply cannot take a static backup. No worries. Just move it to a different subdomain or domain and make your 404s into 302s.
335

Aral Balkan's avatar
Aral Balkan committed
336
Site.js has native support for [the 404 to 302 technique](https://4042302.org) to ensure an evergreen web. Just serve the old version of your site (e.g., your WordPress site, etc.) from a different subdomain and tell Site.js to forward any unknown requests on your new static site to that subdomain so that all your existing links magically work.
337
338
339

To do so, create a simple file called `4042302` in the root directory of your web content and add the URL of the server that is hosting your older content. e.g.,

340
### /4042302
341
```
Aral Balkan's avatar
Aral Balkan committed
342
https://the-previous-version-of.my.site
343
```
344
345
346
347
348
349

You can chain the 404 → 302 method any number of times to ensure that none of your links ever break without expending any additional effort to migrate your content.

For more information and examples, see [4042302.org](https://4042302.org).

## Custom error pages
350

351
352
![Screenshot of the custom 404 error page included in the unit tests](images/custom-404.png)

353
354
355
356
You can specify a custom error page for 404 (not found) and 500 (internal server error) errors. To do so, create a folder with the status code you want off of the root of your web content (i.e., `/404` and/or `/500`) and place at least an `index.html` file in the folder. You can also, optionally, put any assets you want to display on your error pages into those folders and load them in via relative URLs. Your custom error pages will be served with the proper error code and at the URL that was being accessed.

If you do not create custom error pages, the built-in default error pages will be displayed for 404 and 500 errors.

357
358
When creating your own servers (see [API](#API)), you can generate the default error pages programmatically using the static methods `WebServer.default404ErrorPage()` and `WebServer.default500ErrorPage()`, passing in the missing path and the error message as the argument, respectively to get the HTML string of the error page returned.

359
360
## Dynamic routes

361
You can include very basic dynamic routes by including JavaScript files that export middleware-style functions in a special _.dynamic_ folder in the root folder of your web content. The syntax and conventions are [detailed here](https://source.ind.ie/hypha/tools/web-routes-from-files).
362

363
So, for example, if you wanted to have a dynamic route that showed the server CPU load and free memory, you could create a file called _.dynamic/server-stats.js_ in your web folder with the following content:
364
365
366
367
368
369
370
371
372
373
374
375
376
377
378
379
380
381

```js
const os = require('os')

function serverStats (request, response, next) {

  const loadAverages = `<p> ${os.loadavg().reduce((a, c, i) => `${a}\n<li><strong>CPU ${i+1}:</strong> ${c}</li>`, '<ul>') + '</ul>'}</p>`

  const freeMemory = `<p>${os.freemem()} bytes</p>`

  const page = `<html><head><title>Server statistics</title><style>body {font-family: sans-serif;}</style></head><body><h1>Server statistics</h1><h2>Load averages</h2>${loadAverages}<h2>Free memory</h2>${freeMemory}</body></html>`

  response.end(page)
}

module.exports = serverStats
```

Aral Balkan's avatar
Aral Balkan committed
382
Site.js will load your dynamic route at startup and you can test it by hitting _https://localhost/server-stats_ using a local web server. Each time you refresh, you should get the latest dynamic content.
383

384
385
If you need to use custom Node modules, initialise your _.dynamic_ folder using `npm init` and use `npm install` as usual. And modules you require from your routes will be properly loaded and used.

386
387
### Directories

Aral Balkan's avatar
Aral Balkan committed
388
Your dynamic web routes are running within Site.js, which is a Node application compiled into a native binary.
389

Aral Balkan's avatar
Aral Balkan committed
390
  - `os.homedir()`: __(writable)__ This is the home folder of the account running Site.js. You can write to it to store persistent objects (e.g., save data).
391
392
393
394
395

  - `os.tmpdir()`: __(writable)__ Path to the system temporary folder. Use for content you can afford to lose and can recreate (e.g., cache API calls).

  - `.`: __(writable)__ Path to the root of your web content. Since you can write here, you can, if you want to, create content dynamically that will then automatically be served by the static web server.

396
  - `__dirname`: __(writeable)__ Path to the `.dynamic` folder.
397

Aral Balkan's avatar
Aral Balkan committed
398
  - `/`: __(read-only)__ Path to the `/usr` folder (Site.js is installed in `/usr/local/site`). You should not have any reason to use this.
399

Aral Balkan's avatar
Aral Balkan committed
400
If you want to access the directory of Site.js itself (e.g., to load in the `package.json` to read the app’s version), you can use the following code:
401
402

```js
Aral Balkan's avatar
Aral Balkan committed
403
const appPath = require.main.filename.replace('bin/site.js', '')
404
405
```

406
407
408
409
410
411
### Security

The code within your JavaScript routes is executed on the server. Exercise the same caution as you would when creating any Node.js app (sanitise input, etc.)

### Intended usage

Aral Balkan's avatar
Aral Balkan committed
412
You shouldn’t use this functionality to create your latest amazing web app. For that, include Site.js as a node module in your project and extend it that way. This is to add tiny bits of dynamic functionality. There is currently only support for `GET` routes. Again, if you need custom modules, extend Site.js using Node.js.
413

414
## API
415

Aral Balkan's avatar
Aral Balkan committed
416
Site.js’s `createServer` method behaves like the built-in _https_ module’s `createServer` function. Anywhere you use `require('https').createServer`, you can simply replace it with `require('@small-tech/site.js').createServer`.
417

418

419
### createServer([options], [requestListener])
420

421
  - __options__ _(object)_: see [https.createServer](https://nodejs.org/api/https.html#https_https_createserver_options_requestlistener). Populates the `cert` and `key` properties from the automatically-created [nodecert](https://source.ind.ie/hypha/tools/nodecert/) or Let’s Encrypt certificates and will overwrite them if they exist in the options object you pass in. If your options has `options.global = true` set, globally-trusted TLS certificates are obtained from Let’s Encrypt using ACME TLS.
422

Aral Balkan's avatar
Aral Balkan committed
423
  - __requestListener__ _(function)_: see [https.createServer](https://nodejs.org/api/https.html#https_https_createserver_options_requestlistener). If you don’t pass a request listener, Site.js will use its default one.
424

425
    __Returns:__ [https.Server](https://nodejs.org/api/https.html#https_class_https_server) instance, configured with either locally-trusted certificates via nodecert or globally-trusted ones from Let’s Encrypt.
426

427
#### Example
428
429

```js
Aral Balkan's avatar
Aral Balkan committed
430
const site = require('@small-tech/site.js')
431
432
433
434
435
const express = require('express')

const app = express()
app.use(express.static('.'))

436
const options = {} // to use globally-trusted certificates instead, set this to {global: true}
Aral Balkan's avatar
Aral Balkan committed
437
const server = site.createServer(options, app).listen(443, () => {
438
439
440
441
  console.log(` 🎉 Serving on https://localhost\n`)
})
```

442
### serve([options])
443
444

Options is an optional parameter object that may contain the following properties, all optional:
445

446
  - __path__ _(string)_: the directory to serve using [Express](http://expressjs.com/).static.
447

448
  - __callback__ _(function)_: a function to be called when the server is ready. If you do not specify a callback, you can specify the port as the second argument.
449

450
  - __port__ _(number)_: the port to serve on. Defaults to 443. (On Linux, privileges to bind to the port are automatically obtained for you.)
451

Aral Balkan's avatar
Aral Balkan committed
452
  - __global__ _(boolean)_: if true, globally-trusted Let’s Encrypt certificates will be provisioned (if necessary) and used via ACME TLS. If false (default), locally-trusted certificates will be provisioned (if necessary) and used using _nodecert_.
453
454

    __Returns:__ [https.Server](https://nodejs.org/api/https.html#https_class_https_server) instance, configured with either locally or globally-trusted certificates.
455
456


457
#### Examples
458

Aral Balkan's avatar
Aral Balkan committed
459
Serve the current directory at https://localhost using locally-trusted TLS certificates:
460

461
```js
Aral Balkan's avatar
Aral Balkan committed
462
463
const site = require('@small-tech/site.js')
const server = site.serve()
464
465
```

Aral Balkan's avatar
Aral Balkan committed
466
Serve the current directory at your hostname using globally-trusted Let’s Encrypt TLS certificates:
467
468

```js
Aral Balkan's avatar
Aral Balkan committed
469
470
const site = require('@small-tech/site.js')
const server = site.serve({global: true})
471
472
```

473
474
## Contributing

Aral Balkan's avatar
Aral Balkan committed
475
Site.js is [Small Technology](https://ar.al/2019/03/04/small-technology/). The emphasis is on _small_. It is, by design, a zero-configuration tool for creating and hosting single-tenant web applications. It is for humans, by humans. It is non-commercial. (It is not for enterprises, it is not for “startups”, and it is definitely not for unicorns.) As such, any new feature requests will have to be both fit for purpose and survive a trial by fire to be considered.
476

Aral Balkan's avatar
Aral Balkan committed
477
Please file issues and submit pull requests on the [Site.js Github Mirror](https://github.com/small-tech/site.js).
478

479
480
## Help wanted

Aral Balkan's avatar
Aral Balkan committed
481
482
For locally-trusted certificates, all dependencies are installed automatically for you if they do not exist if you have apt, pacman, or yum (untested) on Linux or if you have [Homebrew](https://brew.sh/) or [MacPorts](https://www.macports.org/) (untested) on macOS.

Aral Balkan's avatar
Aral Balkan committed
483
I can use your help to test Site.js on the following platform/package manager combinations:
484

485
486
  - Linux with yum
  - macOS with MacPorts
487

Aral Balkan's avatar
Aral Balkan committed
488
Please [let me know how/if it works](https://github.com/small-tech/site.js/issues). Thank you!
489
490
491
492

## Thanks

  * [thagoat](https://github.com/thagoat) for confirming that [installation works on Arch Linux with Pacman](https://github.com/indie-mirror/https-server/issues/1).
493

Aral Balkan's avatar
Aral Balkan committed
494
  * [Tim Knip](https://github.com/timknip) for confirming that [the module works with 64-bit Windows](https://github.com/indie-mirror/https-server/issues/2) with the following behaviour: “Install pops up a windows dialog to allow adding the cert.” __Note: Site.js is not supported on Windows. Please use Windows Subsystem for Linux.__
495

Aral Balkan's avatar
Aral Balkan committed
496
  * [Run Rabbit Run](https://hackers.town/@nobody) for [the following information](https://hackers.town/@nobody/101670447262172957) on 64-bit Windows: “Win64: works with the windows cert install popup on server launch. Chrome and ie are ok with the site then. FF 65 still throws the cert warning even after restarting.” __Note: Site.js is not supported on Windows. Please use Windows Subsystem for Linux.__