works?
This commit is contained in:
parent
671753bb94
commit
d4a904ef94
|
@ -57,6 +57,8 @@ Currently being tested with Ubuntu, Raspbian, and Debian on Digital Ocean, Raspb
|
||||||
│ ├── fullchain.pem
|
│ ├── fullchain.pem
|
||||||
│ └── privkey.pem
|
│ └── privkey.pem
|
||||||
└── var
|
└── var
|
||||||
|
├── files
|
||||||
|
└── tmp
|
||||||
```
|
```
|
||||||
|
|
||||||
* `core` contains all walnut code
|
* `core` contains all walnut code
|
||||||
|
|
|
@ -5,6 +5,11 @@ module.exports.create = function (opts) {
|
||||||
var promiseApp;
|
var promiseApp;
|
||||||
|
|
||||||
function createAndBindInsecure(lex, message, cb) {
|
function createAndBindInsecure(lex, message, cb) {
|
||||||
|
var webserver = require('http').createServer(lex.middleware(require('redirect-https')())).listen(message.conf.insecurePort, function () {
|
||||||
|
console.log('handling http-01 ACME challenges on port', message.conf.insecurePort);
|
||||||
|
cb(null, webserver, null, message);
|
||||||
|
});
|
||||||
|
/*
|
||||||
// TODO conditional if 80 is being served by caddy
|
// TODO conditional if 80 is being served by caddy
|
||||||
require('../lib/insecure-server').create(lex, message.conf.externalPort, message.conf.insecurePort, message, function (err, webserver) {
|
require('../lib/insecure-server').create(lex, message.conf.externalPort, message.conf.insecurePort, message, function (err, webserver) {
|
||||||
console.info("#" + id + " Listening on http://" + webserver.address().address + ":" + webserver.address().port, '\n');
|
console.info("#" + id + " Listening on http://" + webserver.address().address + ":" + webserver.address().port, '\n');
|
||||||
|
@ -12,34 +17,21 @@ module.exports.create = function (opts) {
|
||||||
// we are returning the promise result to the caller
|
// we are returning the promise result to the caller
|
||||||
return cb(null, webserver, null, message);
|
return cb(null, webserver, null, message);
|
||||||
});
|
});
|
||||||
|
*/
|
||||||
}
|
}
|
||||||
|
|
||||||
function createLe(conf) {
|
function createLe(conf) {
|
||||||
var LEX = require('letsencrypt-express');
|
var LEX = require('letsencrypt-express');
|
||||||
var lex = LEX.create({
|
var lex = LEX.create({
|
||||||
configDir: conf.letsencrypt.configDir // i.e. __dirname + '/letsencrypt.config'
|
server: 'https://acme-v01.api.letsencrypt.org/directory'
|
||||||
, approveRegistration: function (hostname, cb) {
|
//server: 'staging'
|
||||||
cb(null, {
|
, configDir: conf.letsencrypt.configDir // i.e. __dirname + '/letsencrypt.config'
|
||||||
domains: [hostname] // TODO handle www and bare on the same cert
|
, webrootPath: '/tmp/acme-challenges'
|
||||||
, email: conf.letsencrypt.email
|
, approveDomains: function (opts, certs, cb) {
|
||||||
, agreeTos: conf.letsencrypt.agreeTos
|
opts.email = conf.letsencrypt.email;
|
||||||
});
|
opts.agreeTos = conf.letsencrypt.agreeTos;
|
||||||
/*
|
opts.domains = certs && certs.altnames || opts.domains;
|
||||||
letsencrypt.getConfig({ domains: [domain] }, function (err, config) {
|
cb(null, { options: opts, certs: certs });
|
||||||
if (!(config && config.checkpoints >= 0)) {
|
|
||||||
cb(err, null);
|
|
||||||
return;
|
|
||||||
}
|
|
||||||
|
|
||||||
cb(null, {
|
|
||||||
email: config.email
|
|
||||||
// can't remember which it is, but the pyconf is different that the regular variable
|
|
||||||
, agreeTos: config.tos || config.agree || config.agreeTos
|
|
||||||
, server: config.server || LE.productionServerUrl
|
|
||||||
, domains: config.domains || [domain]
|
|
||||||
});
|
|
||||||
});
|
|
||||||
*/
|
|
||||||
}
|
}
|
||||||
});
|
});
|
||||||
//var letsencrypt = lex.letsencrypt;
|
//var letsencrypt = lex.letsencrypt;
|
||||||
|
|
|
@ -42,7 +42,6 @@ module.exports.create = function (lex, securePort, insecurePort, info, serverCal
|
||||||
// http://evothings.com/is-it-possible-to-secure-micro-controllers-used-within-iot/
|
// http://evothings.com/is-it-possible-to-secure-micro-controllers-used-within-iot/
|
||||||
// needs ECDSA?
|
// needs ECDSA?
|
||||||
|
|
||||||
console.warn('HARD-CODED HTTPS EXCEPTION in insecure-server.js for redirect-www.org');
|
|
||||||
if (/redirect-www.org$/.test(host) && useAppInsecurely(req, res)) {
|
if (/redirect-www.org$/.test(host) && useAppInsecurely(req, res)) {
|
||||||
return true;
|
return true;
|
||||||
}
|
}
|
||||||
|
|
|
@ -44,8 +44,7 @@ module.exports.create = function (lex, certPaths, port, info, serverCallback) {
|
||||||
}
|
}
|
||||||
|
|
||||||
if (lex) {
|
if (lex) {
|
||||||
var LEX = require('letsencrypt-express');
|
server.on('request', lex.middleware(onRequest));
|
||||||
server.on('request', LEX.createAcmeResponder(lex, onRequest));
|
|
||||||
} else {
|
} else {
|
||||||
server.on('request', onRequest);
|
server.on('request', onRequest);
|
||||||
}
|
}
|
||||||
|
|
|
@ -222,6 +222,15 @@ module.exports.create = function (webserver, info, state) {
|
||||||
req.hostname = req.hostname.replace(/.*\.?proxyable\./, '');
|
req.hostname = req.hostname.replace(/.*\.?proxyable\./, '');
|
||||||
}
|
}
|
||||||
|
|
||||||
|
// hacky fix for com.enom.reseller, com.daplie.domains, org.oauth3.dns, org.oauth3.domains
|
||||||
|
if (req.path) {
|
||||||
|
req.url = req.url.replace(/com\.daplie\.domains/, 'com.enom.reseller');
|
||||||
|
req.url = req.url.replace(/org\.oauth3\.domains/, 'com.enom.reseller');
|
||||||
|
req.url = req.url.replace(/org\.oauth3\.dns/, 'com.enom.reseller');
|
||||||
|
req.url = req.url.replace(/org\.oauth3\.provider\/credentials/, 'org.oauth3.provider/logins');
|
||||||
|
//req.path = req.path.replace(/com\.daplie\.domains/, 'com.enom.reseller');
|
||||||
|
}
|
||||||
|
|
||||||
require('./package-server').mapToApp({
|
require('./package-server').mapToApp({
|
||||||
config: pkgConf
|
config: pkgConf
|
||||||
, deps: pkgDeps
|
, deps: pkgDeps
|
||||||
|
|
|
@ -43,6 +43,7 @@
|
||||||
"bluebird": "2.x",
|
"bluebird": "2.x",
|
||||||
"body-parser": "1.x",
|
"body-parser": "1.x",
|
||||||
"btoa": "1.x",
|
"btoa": "1.x",
|
||||||
|
"busboy": "^0.2.13",
|
||||||
"bytes": "^1.0.0",
|
"bytes": "^1.0.0",
|
||||||
"cluster-store": "^1.0.0",
|
"cluster-store": "^1.0.0",
|
||||||
"compression": "1.x",
|
"compression": "1.x",
|
||||||
|
@ -80,8 +81,8 @@
|
||||||
"jarson": "1.x",
|
"jarson": "1.x",
|
||||||
"json-storage": "2.x",
|
"json-storage": "2.x",
|
||||||
"jsonwebtoken": "^5.4.0",
|
"jsonwebtoken": "^5.4.0",
|
||||||
"lodash": "2.x",
|
|
||||||
"letsencrypt-express": "1.1.x",
|
"letsencrypt-express": "1.1.x",
|
||||||
|
"lodash": "2.x",
|
||||||
"masterquest-sqlite3": "git://github.com/coolaj86/masterquest-sqlite3.git",
|
"masterquest-sqlite3": "git://github.com/coolaj86/masterquest-sqlite3.git",
|
||||||
"media-typer": "^0.3.0",
|
"media-typer": "^0.3.0",
|
||||||
"methods": "^1.1.1",
|
"methods": "^1.1.1",
|
||||||
|
|
Loading…
Reference in New Issue