From 3132e7a5928e46d9953f3b55e0f4b3361b30ca7d Mon Sep 17 00:00:00 2001 From: AJ ONeal Date: Thu, 17 Dec 2015 01:20:56 +0000 Subject: [PATCH] lookin' good --- README.md | 18 ++++++++++--- lib/standalone.js | 65 ++++++++++++++++++++++++++++++++++++++--------- 2 files changed, 67 insertions(+), 16 deletions(-) diff --git a/README.md b/README.md index 741faa7..a21dddf 100644 --- a/README.md +++ b/README.md @@ -23,7 +23,8 @@ npm install --save letsencrypt-express ```javascript 'use strict'; -var le = require('letsencrypt-express'); +// Note: using staging server url, remove .testing() for production +var le = require('letsencrypt-express').testing(); var express = require('express'); var app = express(); @@ -32,7 +33,7 @@ app.use('/', function (req, res) { }); le.create('/etc/letsencrypt', app).listen([80], [443, 5001], function () { - console.log("ENCRYPT **ALL** THE DOMAINS!"); + console.log("ENCRYPT __ALL__ THE DOMAINS!"); }); ``` @@ -52,6 +53,7 @@ app.use('/', function (req, res) { var results = le.create({ configDir: '/etc/letsencrypt' , onRequest: app +, server: require('letsencrypt').productionServerUrl }).listen( // you can give just the port, or expand out to the full options @@ -91,11 +93,14 @@ Partially defined values will be merged with the defaults. Setting the value to `false` will, in many cases (as documented), disable the defaults. ``` -configDir: string // +configDir: string // string the letsencrypt configuration path (de facto /etc/letsencrypt) + // + // default os.homedir() + '/letsencrypt/etc' webrootPath: string // string a path to a folder where temporary challenge files will be stored and read - // default os.tmpdir() + path.sep + 'acme-challenge' + // + // default os.tmpdir() + '/acme-challenge' getChallenge: func | false // false do not handle getChallenge @@ -126,6 +131,11 @@ sniCallback: func // func replace the default sniCallback ha letsencrypt: object // object configure the letsencrypt object yourself and pass it in directly // // default we create the letsencrypt object using parameters you specify + +server: url // url use letsencrypt.productionServerUrl (i.e. https://acme-v01.api.letsencrypt.org/directory) + // or letsencrypt.stagingServerUrl (i.e. https://acme-staging.api.letsencrypt.org/directory) + // + // default production ``` ## Heroku? diff --git a/lib/standalone.js b/lib/standalone.js index bc5a65b..d036e83 100644 --- a/lib/standalone.js +++ b/lib/standalone.js @@ -2,13 +2,11 @@ var path = require('path'); var challengeStore = require('./lib/challange-handlers'); +var LE = require('letsencrypt'); -function create(obj, app) { - var LE = require('letsencrypt'); +function LEX(obj, app) { var https = require('https'); var http = require('http'); - - var httpsOptions = obj.httpsOptions || {}; var defaultPems = require('localhost.daplie.com-certificates'); if (!obj) { @@ -33,7 +31,7 @@ function create(obj, app) { if (!obj.getChallenge) { if (false !== obj.getChallenge) { - obj.getChallenge = getChallenge; + obj.getChallenge = challengeStore.get; } if (!obj.webrootPath) { obj.webrootPath = path.join(require('os').tmpdir(), 'acme-challenge'); @@ -46,11 +44,20 @@ function create(obj, app) { console.warn("You can silence this warning by setting args.onRequest = false"); } + if (!obj.configDir) { + obj.configDir = require('os').homedir() + '/letsencrypt/etc'; + } + + if (!obj.server) { + obj.server = LEX.defaultServerUrl; + } + if (!obj.letsencrypt) { //LE.merge(obj, ); + // { configDir, webrootPath, server } obj.letsencrypt = LE.create(obj, { - setChallenge: setChallenge - , removeChallenge: removeChallenge + setChallenge: challengeStore.set + , removeChallenge: challengeStore.remove }); } @@ -69,6 +76,10 @@ function create(obj, app) { }); } + + var httpsOptions = obj.httpsOptions || {}; + var sniCallback = httpsOptions.SNICallback; + // https://nodejs.org/api/https.html // pfx, key, cert, passphrase, ca, ciphers, rejectUnauthorized, secureProtocol if (!httpsOptions.pfx) { @@ -86,6 +97,29 @@ function create(obj, app) { } } + if (obj.sniCallback) { + if (sniCallback) { + console.warn("You specified both args.sniCallback and args.httpsOptions.SNICallback," + + " but only args.sniCallback will be used."); + } + httpsOptions.SNICallback = obj.sniCallback; + } + else if (sniCallback) { + httpsOptions.SNICallback = function (domain, cb) { + sniCallback(domain, function (err, context) { + if (context) { + cb(err, context); + return; + } + + obj.letsencrypt.sniCallback(domain, cb); + }); + }; + } + else { + httpsOptions.SNICallback = obj.letsencrypt.sniCallback; + } + function listen(plainPorts, tlsPorts, onListening) { var results = { plainServers: [] @@ -155,8 +189,15 @@ function create(obj, app) { }; } -module.exports = create; -module.exports.create = create; -module.exports.setChallenge = challengeStore.set; -module.exports.getChallenge = challengeStore.get; -module.exports.removeChallenge = challengeStore.remove; +module.exports = LEX; +LEX.create = LEX; +LEX.setChallenge = challengeStore.set; +LEX.getChallenge = challengeStore.get; +LEX.removeChallenge = challengeStore.remove; +LEX.stagingServerUrl = LE.stagingServerUrl; +LEX.productionServerUrl = LE.productionServerUrl || LE.liveServerUrl; +LEX.defaultServerUrl = LEX.productionServerUrl; +LEX.testing = function () { + LEX.defaultServerUrl = LEX.stagingServerUrl; + return module.expotrs; +};