w00tgit status

2015-12-13 06:39:37 +00:00 · 2015-12-13 06:39:37 +00:00 · 9017a40985
parent 2be48af0d7
commit 9017a40985
4 changed files with 114 additions and 8 deletions
--- a/README.md
+++ b/README.md
@ -3,13 +3,11 @@ letsencrypt
 Let's Encrypt for node.js
-This enables you to get Free SSL Certificates for Automatic HTTPS.
+  * Automatic HTTPS with Express
-
+  * Automatic renewal (in-process)
-#### NOT YET PUBLISHED
+  * safe for use with node cluster
-
+  * configurable for automatic registration (in-process)
-* Dec 12 2015: gettin' really close
+  * usable via commandline as well
 * Dec 11 2015: almost done (node-letsencrypt-python complete)
 * Dec 10 2015: began tinkering
 Install
 =======
@ -49,6 +47,19 @@ le.register({
 than what makes sense to show in a minimal snippet.
 * [commandline (standalone with "webroot")](https://github.com/Daplie/node-letsencrypt/blob/master/examples/commandline.js)
 ```bash
 # manual standalone registration via commandline
 # (runs against testing server on tls port 5001)
 node examples/commandline.js example.com,www.example.com user@example.net agree
 ```
 ```bash
 # automatic registration and renewal (certs install as you visit the site for the first time)
 # (runs against testing server on tls port 5001)
 node examples/commandline.js example.com,www.example.com user@example.net agree
 ```
 * [expressjs (fully automatic https)](https://github.com/Daplie/node-letsencrypt/blob/master/examples/express.js)
 ### non-root
--- a/backends-python.js
+++ b/backends-python.js
@ -4,8 +4,9 @@ var PromiseA = require('bluebird');
 var fs = PromiseA.promisifyAll(require('fs'));
 module.exports.create = function (leBinPath, defaults) {
-  defaults.webroot = true;
+  defaults.webroot = true;        // standalone should not be set to true
  defaults.renewByDefault = true;
  defaults.text = true;
  var LEP = require('letsencrypt-python');
  var lep = PromiseA.promisifyAll(LEP.create(leBinPath, { debug: true }));
--- a/examples/express.js
+++ b/examples/express.js
@ -0,0 +1,93 @@
 'use strict';
 var conf = {
  domains: (process.argv[2]||'').split(',')
 , email: process.argv[3]
 , agree: 'agree' === process.argv[4]
 };
 var port = 80;
 var tlsPort = 5001;
 if (!conf.domains || !conf.email || !conf.agree) {
  console.error("Usage: node examples/express <domain1,domain2> <email> agree");
  console.error("Example: node examples/express example.com,www.example.com user@example.com agree");
  return;
 }
 var LE = require('../');
 var path = require('path');
 // backend-specific defaults will be passed through
 // Note: Since agreeTos is a legal agreement, I would suggest not accepting it by default
 var bkDefaults = {
  webrootPath: path.join(__dirname, '..', 'tests', 'acme-challenge')
 , fullchainTpl: '/live/:hostname/fullchain.pem'
 , privkeyTpl: '/live/:hostname/privkey.pem'
 , configDir: path.join(__dirname, '..', 'tests', 'letsencrypt.config')
 , logsDir: path.join(__dirname, '..', 'tests', 'letsencrypt.logs')
 , workDir: path.join(__dirname, '..', 'tests', 'letsencrypt.work')
 , server: LE.stagingServer
 };
 var leBinPath = require('homedir')() + '/.local/share/letsencrypt/bin/letsencrypt';
 var LEB = require('../backends-python');
 var backend = LEB.create(leBinPath, bkDefaults, { debug: true });
 var le = LE.create(backend, bkDefaults, {
  sniRegisterCallback: function (args, certInfo, cb) {
    var allowedDomains = conf.domains; // require('../tests/config').allowedDomains;
    // let the renewal take place in the background
    if (certInfo && certInfo.context) {
      cb(null, certInfo);
      return;
    }
    // verify that these are domains we allow to register on our server
    if (args.domains.length && args.domains.every(function (hostname) {
      hostname = hostname.toLowerCase();
      return (-1 !== allowedDomains.indexOf(hostname));
    })) {
      // wait for registration before responding
      args.agreeTos = conf.agree;
      args.email = conf.email; // you'd want to lookup which user has this email
      le.register(args, cb);
    } else {
      // I don't know where this error goes (SNICallback)... but at least we put it somewhere
      cb(new Error("SNI came in for (an) unrecognized domain(s): '" + args.domains + "'"));
    }
  }
 /*
 , setChallenge: function (hostnames, key, value, cb) {
    // the python backend needs fs.watch implemented
    // before this would work (and even then it would be difficult)
  }
 , getChallenge: function (hostnames, key, cb) {
    // 
  }
 , registrationFailureCallback: function (args, certInfo, cb) {
    what do to when a backgrounded registration fails
  }
 */
 });
 var localCerts = require('localhost.daplie.com-certificates');
 var express = require('express');
 var app = express();
 app.use('/', le.middleware());
 var server = require('http').createServer();
 server.on('request', app);
 server.listen(port, function () {
  console.log('Listening http', server.address());
 });
 var tlsServer = require('https').createServer({
  key: localCerts.key
 , cert: localCerts.cert
 , SNICallback: le.sniCallback
 });
 tlsServer.on('request', app);
 tlsServer.listen(tlsPort, function () {
  console.log('Listening http', tlsServer.address());
 });
--- a/tests/config.js
+++ b/tests/config.js
@ -10,4 +10,5 @@ module.exports = {
 , configDir: path.join(__dirname, "letsencrypt.config")
 , workDir: path.join(__dirname, "letsencrypt.work")
 , logsDir: path.join(__dirname, "letsencrypt.logs")
 , allowedDomains: ['example.com']
 };