coolaj86
/
greenlock-rill.js
1
0
Fork 0
Código Issues Pull requests Versões Wiki Atividade
Free SSL and Automatic HTTPS for node.js with rill and other middleware systems via ACME (Let's Encrypt)
Você não pode selecionar mais de 25 tópicos Os tópicos devem começar com uma letra ou um número, podem incluir traços ('-') e podem ter até 35 caracteres.
36 Commits
1 Branch
7 Tags
78 KiB
 
Branch: master
Branches Tags
${ item.name }
Create tag ${ searchTerm }
Criar branch ${ searchTerm }
de master
${ noResults }
AJ ONeal a9ca9b5508
Update '.github/ISSUE_TEMPLATE.md' 		5 anos atrás
.github Update '.github/ISSUE_TEMPLATE.md' 5 anos atrás
.gitignore Initial commit 8 anos atrás
LICENSE update LICENSE 6 anos atrás
README.md update for rill 6 anos atrás
index.js update for rill 6 anos atrás
package.json add homepage url 6 anos atrás

README.md

Greenlock™ for rill

An Automated HTTPS ACME client (Let's Encrypt v2) for rill

Greenlock™ for Browsers, Node.js, Commandline, Express.js, Node.js Cluster, hapi, Koa, and rill | Sponsered by ppl

Features

  • Automatic Registration via SNI (httpsOptions.SNICallback)
  • Secure domain approval callback
  • Automatic renewal between 10 and 14 days before expiration
  • Virtual Hosting (vhost) with Multiple Domains & SAN
  • and more
  • plugins for AWS, redis, and more

This module is just an alias for greenlock-express.js, which works with any middleware system.

Install

npm install --save greenlock-rill@2.x

QuickStart

'use strict';

//////////////////////
// Greenlock Setup  //
//////////////////////

var greenlock = require('greenlock-rill').create({
  version: 'draft-11' // Let's Encrypt v2
  // You MUST change this to 'https://acme-v02.api.letsencrypt.org/directory' in production
, server: 'https://acme-staging-v02.api.letsencrypt.org/directory'

, email: 'jon@example.com'
, agreeTos: true
, approveDomains: [ 'example.com' ]

  // Join the community to get notified of important updates
  // and help make greenlock better
, communityMember: true

, configDir: require('os').homedir() + '/acme/etc'

//, debug: true
});


///////////////////
// Just add rill //
///////////////////

var http = require('http');
var https = require('https');
var Rill = require('rill');
var app = new Rill();

app.use(({ req, res }, next)=> {
  res.body = 'Hello, World!';
});

// https server
var server = https.createServer(greenlock.tlsOptions, greenlock.middleware(app.handler()));

server.listen(443, function () {
 console.log('Listening at https://localhost:' + this.address().port);
});


// http redirect to https
var http = require('http');
var redirectHttps = require('redirect-https')();
http.createServer(greenlock.middleware(redirectHttps)).listen(80, function () {
  console.log('Listening on port 80 to handle ACME http-01 challenge and redirect to https');
});

Usage & Troubleshooting

See https://git.coolaj86.com/coolaj86/greenlock-express.js

Handling a dynamic list of domains

In the oversimplified exapmple above we handle a static list of domains. If you add domains programmatically you'll want to use the approveDomains callback.

SECURITY: Be careful with this. If you don't check that the domains being requested are the domains you allow an attacker can make you hit your rate limit for failed verification attempts.

We have a vhost example that allows any domain for which there is a folder on the filesystem in a specific location.

See that example for an idea of how this is done.