greenlock.js/bin/add.js

135 lines
4.3 KiB
JavaScript

'use strict';
var args = process.argv.slice(3);
var cli = require('./cli.js');
var path = require('path');
//var pkgpath = path.join(__dirname, '..', 'package.json');
var pkgpath = path.join(process.cwd(), 'package.json');
require('./greenlockrc')(pkgpath).then(async function(rc) {
var Greenlock = require('../');
// this is a copy, so it's safe to modify
rc._bin_mode = true;
var greenlock = Greenlock.create(rc);
var mconf = await greenlock.manager.defaults();
cli.parse({
subject: [
false,
'the "subject" (primary domain) of the certificate',
'string'
],
altnames: [
false,
'the "subject alternative names" (additional domains) on the certificate, the first of which MUST be the subject',
'string'
],
'renew-offset': [
false,
"time to wait until renewing the cert such as '45d' (45 days after being issued) or '-3w' (3 weeks before expiration date)",
'string',
mconf.renewOffset
],
'server-key-type': [
false,
"either 'RSA-2048' or 'P-256' (ECDSA) - although other values are technically supported, they don't make sense and won't work with many services (More bits != More security)",
'string',
mconf.serverKeyType
],
challenge: [
false,
'the name name of file path of the HTTP-01, DNS-01, or TLS-ALPN-01 challenge module to use',
'string',
Object.keys(mconf.challenges)
.map(function(typ) {
return mconf.challenges[typ].module;
})
.join(',')
],
'challenge-xxxx': [
false,
'an option for the chosen challenge module, such as --challenge-apikey or --challenge-bucket',
'bag'
],
'challenge-json': [
false,
'a JSON string containing all option for the chosen challenge module (instead of --challenge-xxxx)',
'json',
'{}'
],
'force-save': [
false,
"save all options for this site, even if it's the same as the defaults",
'boolean',
false
]
});
// ignore certonly and extraneous arguments
async function main(_, options) {
if (!options.subject || !options.altnames) {
console.error(
'--subject and --altnames must be provided and should be valid domains'
);
process.exit(1);
return;
}
options.altnames = options.altnames.split(/[,\s]+/);
Object.keys(options).forEach(function(k) {
if (options[k] === mconf[k] && !options.forceSave) {
delete options[k];
}
});
var typ;
var challenge;
if (options.challenge) {
if (/http-01/.test(options.challenge)) {
typ = 'http-01';
} else if (/dns-01/.test(options.challenge)) {
typ = 'dns-01';
} else if (/tls-alpn-01/.test(options.challenge)) {
typ = 'tls-alpn-01';
}
challenge = options.challengeOpts;
challenge.module = options.challenge;
options.challenges = {};
options.challenges[typ] = challenge;
delete options.challengeOpts;
delete options.challenge;
var chall = mconf.challenges[typ];
if (challenge.module === chall.module) {
var keys = Object.keys(challenge);
var same =
!keys.length ||
keys.every(function(k) {
return chall[k] === challenge[k];
});
if (same && !options.forceSave) {
delete options.challenges;
}
}
}
delete options.forceSave;
/*
console.log('manager conf:');
console.log(mconf);
console.log('cli options:');
console.log(options);
*/
greenlock.add(options).catch(function(err) {
console.error();
console.error('error:', err.message);
console.error();
});
}
cli.main(main, process.argv.slice(3));
});