coolaj86
/
greenlock-cluster.js
1
0
Çatalla 0
Kod Konular 1 Değişiklik İstekleri Sürüm Aktivite

letsencrypt to greenlock

Bu işleme şunda yer alıyor:
Drew Warren 2017-01-25 14:53:56 -07:00
ebeveyn fce08dec51
işleme 2feecb017d
6 değiştirilmiş dosya ile 29 ekleme ve 29 silme
İstatistikleri Göster Yama Dosyasını İndir Diff Dosyasını İndir Tüm dosyaları genişlet Tüm dosyaları daralt

38
README.md
Dosyayı Görüntüle

@ -15,12 +15,12 @@ Tired of serving the Empire? Come join the Rebel Alliance:
[![Join the chat at https://gitter.im/coolaj86/letsencrypt-express](https://badges.gitter.im/coolaj86/letsencrypt-express.svg)](https://gitter.im/coolaj86/letsencrypt-express?utm_source=badge&utm_medium=badge&utm_campaign=pr-badge&utm_content=badge)
| [letsencrypt (lib)](https://git.coolaj86.com/coolaj86/node-greenlock)
| [letsencrypt-cli](https://git.coolaj86.com/coolaj86/greenlock-cli)
| [letsencrypt-express](https://git.coolaj86.com/coolaj86/greenlock-express)
| **letsencrypt-cluster**
| [letsencrypt-koa](https://git.coolaj86.com/coolaj86/greenlock-koa)
| [letsencrypt-hapi](https://git.coolaj86.com/coolaj86/greenlock-hapi)
| [greenlock (lib)](https://git.coolaj86.com/coolaj86/node-greenlock)
| [greenlock-cli](https://git.coolaj86.com/coolaj86/greenlock-cli)
| [greenlock-express](https://git.coolaj86.com/coolaj86/greenlock-express)
| **greenlock-cluster**
| [greenlock-koa](https://git.coolaj86.com/coolaj86/greenlock-koa)
| [greenlock-hapi](https://git.coolaj86.com/coolaj86/greenlock-hapi)
|
greenlock-cluster (letsencrypt-cluster)
@ -37,7 +37,7 @@ Install
=======
```bash
npm install --save letsencrypt-cluster@2.x
npm install --save greenlock-cluster@2.x
```
Usage
@ -81,14 +81,14 @@ main.init(sharedOptions);
Master
------
We think it makes the most sense to load letsencrypt in master.
We think it makes the most sense to load greenlock in master.
This can prevent race conditions (see [node-letsencrypt#45](https://github.com/coolaj86/node-letsencrypt/issues/45))
as only one process is writing the to file system or database at a time.
The main implementation detail here is `approveDomains(options, certs, cb)` for new domain certificates
and potentially `agreeToTerms(opts, cb)` for new accounts.
The master takes **the same arguments** as `node-letsencrypt` (`challenge`, `store`, etc),
The master takes **the same arguments** as `node-greenlock` (`challenge`, `store`, etc),
plus a few extra (`approveDomains`... okay, just one extra):
`master.js`:
@ -99,7 +99,7 @@ var cluster = require('cluster');
module.exports.init = function (sharedOpts) {
var cores = require('os').cpus();
var leMaster = require('letsencrypt-cluster/master').create({
var leMaster = require('greenlock-cluster/master').create({
debug: sharedOpts.debug
, server: 'staging' // CHANGE TO PRODUCTION
@ -128,18 +128,18 @@ module.exports.init = function (sharedOpts) {
### API
All options are passed directly to `node-letsencrypt`
(in other works, `leMaster` is a `letsencrypt` instance),
but a few are only actually used by `letsencrypt-cluster`.
All options are passed directly to `node-greenlock`
(in other works, `leMaster` is a `greenlock` instance),
but a few are only actually used by `greenlock-cluster`.
* `leOptions.approveDomains(options, certs, cb)` is special for `letsencrypt-cluster`, but will probably be included in `node-letsencrypt` in the future (no API change).
* `leOptions.approveDomains(options, certs, cb)` is special for `greenlock-cluster`, but will probably be included in `node-greenlock` in the future (no API change).
* `leMaster.addWorker(worker)` is added by `letsencrypt-cluster` and **must be called** for each new worker.
* `leMaster.addWorker(worker)` is added by `greenlock-cluster` and **must be called** for each new worker.
Worker
------
The worker takes *similar* arguments to `node-letsencrypt`,
The worker takes *similar* arguments to `node-greenlock`,
but only ones that are useful for determining certificate
renewal and for `le.challenge.get`.
@ -150,7 +150,7 @@ If you want to a non-default `le.challenge`
'use strict';
module.exports.init = function (sharedOpts) {
var leWorker = require('letsencrypt-cluster/worker').create({
var leWorker = require('greenlock-cluster/worker').create({
debug: sharedOpts.debug
, renewWithin: sharedOpts.renewWithin
@ -206,12 +206,12 @@ module.exports.init = function (sharedOpts) {
### API
`node-letsencrypt` is **not used** directly by the worker,
`node-greenlock` is **not used** directly by the worker,
but certain options are shared because certain logic is duplicated.
* `leOptions.renewWithin` is shared so that the worker knows how earlier to request a new cert
* `leOptions.renewBy` is passed to `le-sni-auto` so that it staggers renewals between `renewWithin` (latest) and `renewBy` (earlier)
* `leWorker.middleware(nextApp)` uses `letsencrypt/middleware` for GET-ing `http-01`, hence `sharedOptions.webrootPath`
* `leWorker.middleware(nextApp)` uses `greenlock/middleware` for GET-ing `http-01`, hence `sharedOptions.webrootPath`
* `leWorker.httpsOptions` has a default localhost certificate and the `SNICallback`.
There are a few options that aren't shown in these examples, so if you need to change something

2
examples/README.md
Dosyayı Görüntüle

@ -1,4 +1,4 @@
letsencrypt cluster examples
greenlock cluster examples
-------------------
First you need to change the email address in `examples/worker.js`.

4
examples/serve.js
Dosyayı Görüntüle

@ -18,7 +18,7 @@ else {
// this is nothing letsencrypt-cluster specific
// this is nothing greenlock-cluster specific
// I'm just arbitrarily choosing to share some configuration
// that I know I'm going to use in both places
main.init({
@ -28,6 +28,6 @@ main.init({
// using using le-challenge-fs (as you'll see), I'm only sharing the webrootPath
webrootPath: require('os').tmpdir() + require('path').sep + 'acme-challenge'
// this is used both by node-letsencrypt (master) and le-sni-auto (worker)
// this is used both by node-greenlock (master) and le-sni-auto (worker)
, renewWithin: 15 * 24 * 60 * 60 * 1000
});

6
index.js
Dosyayı Görüntüle

@ -1,11 +1,11 @@
'use strict';
console.error("");
console.error("One does not simply require('letsencrypt-cluster');");
console.error("One does not simply require('greenlock-cluster');");
console.error("");
console.error("Usage:");
console.error("\trequire('letsencrypt-cluster/master').create({ ... });");
console.error("\trequire('letsencrypt-cluster/worker').create({ ... });");
console.error("\trequire('greenlock-cluster/master').create({ ... });");
console.error("\trequire('greenlock-cluster/worker').create({ ... });");
console.error("");
console.error("");

6
master.js
Dosyayı Görüntüle

@ -6,7 +6,7 @@ module.exports.create = function (opts) {
opts = opts || { };
opts._workers = [];
opts.webrootPath = opts.webrootPath || require('os').tmpdir() + require('path').sep + 'acme-challenge';
if (!opts.letsencrypt) { opts.letsencrypt = require('letsencrypt').create(opts); }
if (!opts.greenlock) { opts.greenlock = require('greenlock').create(opts); }
if ('function' !== typeof opts.approveDomains) {
throw new Error("You must provide opts.approveDomains(domain, certs, callback) to approve certificates");
}
@ -67,10 +67,10 @@ module.exports.create = function (opts) {
// */
if (results.certs) {
promise = opts.letsencrypt.renew(results.options, results.certs);
promise = opts.greenlock.renew(results.options, results.certs);
}
else {
promise = opts.letsencrypt.register(results.options);
promise = opts.greenlock.register(results.options);
}
promise.then(function (certs) {

2
worker.js
Dosyayı Görüntüle

@ -79,7 +79,7 @@ module.exports.create = function (opts) {
// opts.challenge.get, opts.acmeChallengePrefix
opts.middleware = require('letsencrypt/lib/middleware').create(opts);
opts.middleware = require('greenlock/lib/middleware').create(opts);