Verified Commit 933b89df authored by Aral Balkan's avatar Aral Balkan
Browse files

Closes #205, #212, #216: local server improvements

  - Local servers are now reachable over local area network via IPv4

  - Local root certificate authority public key is served at https://<IPv4>/.ca

  - Local servers redirect HTTP to HTTPS.
parent 73428695
......@@ -4,6 +4,16 @@ All notable changes to this project will be documented in this file.
The format is based on [Keep a Changelog](https://keepachangelog.com/en/1.0.0/), and this project adheres to [Semantic Versioning](https://semver.org/spec/v2.0.0.html).
## [14.1.0] - 2020-07-07
### Added
- Local servers now redirect HTTP to HTTPS just like global servers.
- You can now access local servers via their IPv4 address over a local area network. This is useful when you want to test your site with different devices without having to expose your server over the Internet using a service like ngrok.
- When running a local server, you can go to http://(IPv4 address)/.ca to download the local root certificate authority’s public key. You must install this in the certificate stores of any devices you want to access the local server from via your local area network.
## [14.0.1] - 2020-07-03
### Fixed
......
......@@ -205,6 +205,25 @@ That, again, is shorthand for the full version of the command, which is:
$ site serve . @localhost:666
```
#### Accessing your local server over the local area network
You can access local servers via their IPv4 address over a local area network.
This is useful when you want to test your site with different devices without having to expose your server over the Internet using a service like ngrok. For example, if your machine’s IPv4 address on the local area network is 192.168.2.42, you can just enter that IP to access it from, say, your iPhone.
To access your local machine from a different device on your local area network, you must transfer the public key of your generated local root certificate authority to that device and install and trust it.
For example, if you’re on an iPhone, hit the `/.ca` route in your browser:
```
http://192.168.2.42/.ca
```
The browser will download the local root certificate authority’s public key and prompt you to install profile on your iPhone. You then have to go to Settings → Profile Downloaded → Tap Install when the Install Profile pop-up appears showing you the mkcert certificate you downloaded. Then, go to Settings → General → About → Certificate Trust Settings → Turn on the switch next to the mkcert certificate you downloaded. You should now be able to hit `https://192.168.2.42` and see your site from your iPhone.
You can also tranfer your key to your other devices manually. You can find the key at `~/.small-tech/site.js/tls/local/rootCA.pem` after you’ve created a local server at least once. For more details on transferring your key to other devices, please refer to [the relevant section in the mkcert documentation](https://github.com/FiloSottile/mkcert#mobile-devices).
#### Proxy server
You can use Site.js as a development-time reverse proxy for HTTP and WebSocket connections. This is useful if you have a web app written in any language that only supports HTTP (not TLS) that you want to deploy securely.
......
{
"name": "@small-tech/site.js",
"version": "14.0.0",
"version": "14.0.1",
"lockfileVersion": 1,
"requires": true,
"dependencies": {
......@@ -354,11 +354,13 @@
}
},
"@small-tech/auto-encrypt-localhost": {
"version": "5.1.2",
"resolved": "https://registry.npmjs.org/@small-tech/auto-encrypt-localhost/-/auto-encrypt-localhost-5.1.2.tgz",
"integrity": "sha512-dGuqR73tABXeN6p1Pkj1qIz4ICTcmCQDSH/II16BHdc9HmLXwiC7veMI1sPr34o5y3/c24pQfmkOKiUkc0p4WQ==",
"version": "5.3.0",
"resolved": "https://registry.npmjs.org/@small-tech/auto-encrypt-localhost/-/auto-encrypt-localhost-5.3.0.tgz",
"integrity": "sha512-BGNCQLNbzEf/l3fKMW4OUZ4la1hzbhNMhA0NzqKj7IShW70uSK86OeIhBFKAiQKhoN9Yc8eBDYZezZn9yWEtAg==",
"requires": {
"encodeurl": "^1.0.2",
"fs-extra": "^8.1.0",
"server-destroy": "^1.0.1",
"syswide-cas": "^5.3.0"
}
},
......@@ -386,12 +388,12 @@
}
},
"@small-tech/https": {
"version": "1.3.1",
"resolved": "https://registry.npmjs.org/@small-tech/https/-/https-1.3.1.tgz",
"integrity": "sha512-zRC43q1siGDH9rjeNngYXPP9zsuVtWZi422mLCj3U2IKomAfzVuBrrmmJa0FOK0a+mVern7IiNWe8moViM5WiQ==",
"version": "1.5.0",
"resolved": "https://registry.npmjs.org/@small-tech/https/-/https-1.5.0.tgz",
"integrity": "sha512-FA8jES80WpHxyCZmYsp+bgHmuSk94lZzGEADYv/Ufn/InvgXoMBYZxCz5k1mXeRjWDnxfKZiHY2NjQgU/kGnAQ==",
"requires": {
"@small-tech/auto-encrypt": "^2.0.1",
"@small-tech/auto-encrypt-localhost": "^5.1.2",
"@small-tech/auto-encrypt-localhost": "^5.3.0",
"fs-extra": "^9.0.0"
},
"dependencies": {
......
{
"name": "@small-tech/site.js",
"version": "14.0.1",
"version": "14.1.0",
"description": "Small Web construction set.",
"keywords": [
"web server",
......@@ -53,7 +53,7 @@
"dependencies": {
"@small-tech/cross-platform-hostname": "^1.0.0",
"@small-tech/express-ws": "^1.0.0",
"@small-tech/https": "^1.3.1",
"@small-tech/https": "^1.4.0",
"@small-tech/instant": "^1.1.0",
"@small-tech/node-hugo": "^1.4.1",
"@small-tech/web-routes-from-files": "^2.0.0",
......
Markdown is supported
0% or .
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment