v2.6.2: more reasonable defaults

README.md

@@ -154,39 +154,15 @@ Great when
 ////////////////////
 
 var greenlock = require('greenlock').create({
-
-  version: 'draft-12'
-, server: 'https://acme-v02.api.letsencrypt.org/directory'
-, configDir: '~/.config/acme'
-
-, email: 'user@example.com'           // IMPORTANT: Change email and domains
+  email: 'user@example.com'           // IMPORTANT: Change email and domains
 , agreeTos: true                      // Accept Let's Encrypt v2 Agreement
+, configDir: '~/.config/acme'         // A writable folder (a non-fs plugin)
+
 , communityMember: true               // Get (rare) non-mandatory updates about cool greenlock-related stuff (default false)
 , securityUpdates: true               // Important and mandatory notices related to security or breaking API changes (default true)
-
-, approveDomains: approveDomains
 });
 ```
 
-```js
-/////////////////////
-// APPROVE DOMAINS //
-/////////////////////
-
-
-function approveDomains(opts, certs, cb) {
-
-  // check for domains you want to receive certificates for
-  if ('example.com' === opts.domain) {
-    cb(null, { options: opts, certs: certs });
-    return;
-  }
-
-  // return error otherwise
-  cb(new Error("bad domain"));
-}
-```
-
 ```js
 ////////////////////
 // CREATE SERVERS //
@@ -225,7 +201,8 @@ var greenlock = Greenlock.create({
   version: 'draft-12'
 , server: 'https://acme-v02.api.letsencrypt.org/directory'
 
-  // approve a growing list of domains
+  // Use the approveDomains callback to set per-domain config
+  // (default: approve any domain that passes self-test of built-in challenges)
 , approveDomains: approveDomains
 
   // If you wish to replace the default account and domain key storage plugin
@@ -253,13 +230,10 @@ function approveDomains(opts, certs, cb) {
 
   // The domains being approved for the first time are listed in opts.domains
   // Certs being renewed are listed in certs.altnames
-  if (certs) {
-    opts.domains = certs.altnames;
-  }
-  else {
-    opts.email = 'john.doe@example.com';
-    opts.agreeTos = true;
-  }
+  // certs.domains;
+  // certs.altnames;
+  opts.email = 'john.doe@example.com';
+  opts.agreeTos = true;
 
   // NOTE: you can also change other options such as `challengeType` and `challenge`
   // opts.challengeType = 'http-01';
@@ -530,6 +504,9 @@ See https://git.coolaj86.com/coolaj86/le-challenge-fs.js
 
 # Change History
 
+* v2.6
+  * better defaults, fewer explicit options
+  * better pre-flight self-tests, explicit domains not required
 * v2.5
   * bugfix JWK (update rsa-compat)
   * eliminate all external non-optional dependencies

index.js

@@ -142,6 +142,8 @@ Greenlock.create = function (gl) {
   // BEGIN VERSION MADNESS //
   ///////////////////////////
 
+  gl.version = gl.version || 'draft-11';
+  gl.server = gl.server || 'https://acme-v01.api.letsencrypt.org/directory';
   if (!gl.version) {
     //console.warn("Please specify version: 'v01' (Let's Encrypt v1) or 'draft-12' (Let's Encrypt v2 / ACME draft 12)");
     console.warn("");
@@ -378,7 +380,6 @@ Greenlock.create = function (gl) {
         gl.approveDomains = null;
       }
       if (!gl.approveDomains) {
-        gl.approvedDomains = gl.approvedDomains || [];
         gl.approveDomains = function (lexOpts, certs, cb) {
           var err;
           var emsg;
@@ -392,6 +393,14 @@ Greenlock.create = function (gl) {
           if (!gl.approvedDomains.length) {
             throw new Error("le-sni-auto is not properly configured. Missing approveDomains(domain, certs, callback)");
           }
+
+          if (!Array.isArray(gl.approvedDomains)) {
+            // The acme-v2 package uses pre-flight test challenges to
+            // verify that each requested domain is hosted by the server
+            // these checks are sufficient for most use cases
+            return cb(null, { options: lexOpts, certs: certs });
+          }
+
           if (lexOpts.domains.every(function (domain) {
             return -1 !== gl.approvedDomains.indexOf(domain);
           })) {

package.json

@@ -1,6 +1,6 @@
 {
   "name": "greenlock",
-  "version": "2.6.1",
+  "version": "2.6.2",
   "description": "Let's Encrypt for node.js on npm",
   "main": "index.js",
   "files": [