Andre Natal
7 years ago
2 changed files with 137 additions and 25 deletions
@ -0,0 +1,102 @@ |
|||
// This Source Code Form is subject to the terms of the Mozilla Public
|
|||
// License, v. 2.0. If a copy of the MPL was not distributed with this
|
|||
// file, You can obtain one at http://mozilla.org/MPL/2.0/.
|
|||
|
|||
'use strict'; |
|||
|
|||
var le; |
|||
var fetch = require('node-fetch'); |
|||
var LE = require('greenlock'); |
|||
var leChallengeDns = require('./index.js').create({ debug: false }) |
|||
// Storage Backend
|
|||
var leStore = require('le-store-certbot').create({ |
|||
configDir: '~/letsencrypt/etc' // or /etc/letsencrypt or wherever
|
|||
, debug: true |
|||
, logsDir: '~/letsencrypt/var/log' |
|||
}); |
|||
|
|||
function leAgree(opts, agreeCb) { |
|||
// opts = { email, domains, tosUrl }
|
|||
agreeCb(null, opts.tosUrl); |
|||
} |
|||
|
|||
let subdomain = String(Math.random()).replace('.',''); |
|||
|
|||
le = LE.create({ |
|||
server: LE.productionServerUrl // Change to LE.productionServerUrl in production
|
|||
, challengeType: 'dns-01' |
|||
, challenges: { |
|||
'dns-01': leChallengeDns |
|||
} |
|||
, approveDomains: [ subdomain + '.box.knilxof.org' ] |
|||
, agreeToTerms: leAgree // hook to allow user to view and accept LE TOS
|
|||
, debug: true |
|||
, store: leStore |
|||
}); |
|||
|
|||
|
|||
|
|||
// Check in-memory cache of certificates for the named domain
|
|||
le.check({ domains: [ subdomain + '.box.knilxof.org' ] }).then(function (results) { |
|||
|
|||
if (results) { |
|||
// we already have certificates
|
|||
return; |
|||
} |
|||
|
|||
let token; |
|||
let challenge; |
|||
|
|||
// promise to be called when LE has the dns challenge ready for us
|
|||
leChallengeDns.leDnsResponse = function(challenge, keyAuthorization, keyAuthDigest, challengeDomain, domain){ |
|||
|
|||
console.info(""); |
|||
console.info("Challenge for '" + domain + "'"); |
|||
console.info(""); |
|||
console.info("We now present (for you copy-and-paste pleasure) your ACME Challenge"); |
|||
console.info("public Challenge and secret KeyAuthorization and Digest, in that order, respectively:"); |
|||
console.info(challenge); |
|||
console.info(keyAuthorization); |
|||
console.info(keyAuthDigest); |
|||
console.info(""); |
|||
console.info(challengeDomain + "\tTXT " + keyAuthDigest + "\tTTL 60"); |
|||
console.info(""); |
|||
console.info(JSON.stringify({ |
|||
domain: domain |
|||
, challenge: challenge |
|||
, keyAuthorization: keyAuthorization |
|||
, keyAuthDigest: keyAuthDigest |
|||
}, null, ' ').replace(/^/gm, '\t')); |
|||
console.info(""); |
|||
|
|||
return new Promise((resolve, reject) => { |
|||
// ok now that we have a challenge, we call our gateway to setup the TXT record
|
|||
fetch('http://knilxof.org//dnsconfig?token=' + token + '&challenge=' + keyAuthDigest) |
|||
.then(function(res) { return res.text(); }).then(function(body) { |
|||
console.log(body); |
|||
resolve("Success!"); |
|||
}); |
|||
}); |
|||
} |
|||
|
|||
fetch('http://knilxof.org/subscribe?name=' + subdomain) |
|||
.then(function (res) { return res.text(); }) |
|||
.then(function (body) { |
|||
const jsonBody = JSON.parse(body); |
|||
token = jsonBody.token; |
|||
// Register Let's Encrypt
|
|||
le.register({ |
|||
domains: [subdomain + '.box.knilxof.org'] // CHANGE TO YOUR DOMAIN (list for SANS)
|
|||
, email: 'john.doe@example.com' // CHANGE TO YOUR EMAIL
|
|||
, agreeTos: true // set to tosUrl string (or true) to pre-approve (and skip agreeToTerms)
|
|||
, rsaKeySize: 2048 // 2048 or higher
|
|||
, challengeType: 'dns-01' // http-01, tls-sni-01, or dns-01
|
|||
}).then(function (results) { |
|||
console.log('success'); |
|||
}, function (err) { |
|||
console.error('[Error]: node-greenlock/examples/standalone'); |
|||
console.error(err.stack); |
|||
}); |
|||
}); |
|||
}); |
|||
|
Loading…
Reference in new issue