This commit is contained in:
AJ ONeal 2017-05-01 17:39:43 -04:00
parent 671753bb94
commit d4a904ef94
6 changed files with 29 additions and 27 deletions

View File

@ -57,6 +57,8 @@ Currently being tested with Ubuntu, Raspbian, and Debian on Digital Ocean, Raspb
│    ├── fullchain.pem │    ├── fullchain.pem
│    └── privkey.pem │    └── privkey.pem
└── var └── var
   ├── files
   └── tmp
``` ```
* `core` contains all walnut code * `core` contains all walnut code

View File

@ -5,6 +5,11 @@ module.exports.create = function (opts) {
var promiseApp; var promiseApp;
function createAndBindInsecure(lex, message, cb) { function createAndBindInsecure(lex, message, cb) {
var webserver = require('http').createServer(lex.middleware(require('redirect-https')())).listen(message.conf.insecurePort, function () {
console.log('handling http-01 ACME challenges on port', message.conf.insecurePort);
cb(null, webserver, null, message);
});
/*
// TODO conditional if 80 is being served by caddy // TODO conditional if 80 is being served by caddy
require('../lib/insecure-server').create(lex, message.conf.externalPort, message.conf.insecurePort, message, function (err, webserver) { require('../lib/insecure-server').create(lex, message.conf.externalPort, message.conf.insecurePort, message, function (err, webserver) {
console.info("#" + id + " Listening on http://" + webserver.address().address + ":" + webserver.address().port, '\n'); console.info("#" + id + " Listening on http://" + webserver.address().address + ":" + webserver.address().port, '\n');
@ -12,34 +17,21 @@ module.exports.create = function (opts) {
// we are returning the promise result to the caller // we are returning the promise result to the caller
return cb(null, webserver, null, message); return cb(null, webserver, null, message);
}); });
*/
} }
function createLe(conf) { function createLe(conf) {
var LEX = require('letsencrypt-express'); var LEX = require('letsencrypt-express');
var lex = LEX.create({ var lex = LEX.create({
configDir: conf.letsencrypt.configDir // i.e. __dirname + '/letsencrypt.config' server: 'https://acme-v01.api.letsencrypt.org/directory'
, approveRegistration: function (hostname, cb) { //server: 'staging'
cb(null, { , configDir: conf.letsencrypt.configDir // i.e. __dirname + '/letsencrypt.config'
domains: [hostname] // TODO handle www and bare on the same cert , webrootPath: '/tmp/acme-challenges'
, email: conf.letsencrypt.email , approveDomains: function (opts, certs, cb) {
, agreeTos: conf.letsencrypt.agreeTos opts.email = conf.letsencrypt.email;
}); opts.agreeTos = conf.letsencrypt.agreeTos;
/* opts.domains = certs && certs.altnames || opts.domains;
letsencrypt.getConfig({ domains: [domain] }, function (err, config) { cb(null, { options: opts, certs: certs });
if (!(config && config.checkpoints >= 0)) {
cb(err, null);
return;
}
cb(null, {
email: config.email
// can't remember which it is, but the pyconf is different that the regular variable
, agreeTos: config.tos || config.agree || config.agreeTos
, server: config.server || LE.productionServerUrl
, domains: config.domains || [domain]
});
});
*/
} }
}); });
//var letsencrypt = lex.letsencrypt; //var letsencrypt = lex.letsencrypt;

View File

@ -42,7 +42,6 @@ module.exports.create = function (lex, securePort, insecurePort, info, serverCal
// http://evothings.com/is-it-possible-to-secure-micro-controllers-used-within-iot/ // http://evothings.com/is-it-possible-to-secure-micro-controllers-used-within-iot/
// needs ECDSA? // needs ECDSA?
console.warn('HARD-CODED HTTPS EXCEPTION in insecure-server.js for redirect-www.org');
if (/redirect-www.org$/.test(host) && useAppInsecurely(req, res)) { if (/redirect-www.org$/.test(host) && useAppInsecurely(req, res)) {
return true; return true;
} }

View File

@ -44,8 +44,7 @@ module.exports.create = function (lex, certPaths, port, info, serverCallback) {
} }
if (lex) { if (lex) {
var LEX = require('letsencrypt-express'); server.on('request', lex.middleware(onRequest));
server.on('request', LEX.createAcmeResponder(lex, onRequest));
} else { } else {
server.on('request', onRequest); server.on('request', onRequest);
} }

View File

@ -222,6 +222,15 @@ module.exports.create = function (webserver, info, state) {
req.hostname = req.hostname.replace(/.*\.?proxyable\./, ''); req.hostname = req.hostname.replace(/.*\.?proxyable\./, '');
} }
// hacky fix for com.enom.reseller, com.daplie.domains, org.oauth3.dns, org.oauth3.domains
if (req.path) {
req.url = req.url.replace(/com\.daplie\.domains/, 'com.enom.reseller');
req.url = req.url.replace(/org\.oauth3\.domains/, 'com.enom.reseller');
req.url = req.url.replace(/org\.oauth3\.dns/, 'com.enom.reseller');
req.url = req.url.replace(/org\.oauth3\.provider\/credentials/, 'org.oauth3.provider/logins');
//req.path = req.path.replace(/com\.daplie\.domains/, 'com.enom.reseller');
}
require('./package-server').mapToApp({ require('./package-server').mapToApp({
config: pkgConf config: pkgConf
, deps: pkgDeps , deps: pkgDeps

View File

@ -43,6 +43,7 @@
"bluebird": "2.x", "bluebird": "2.x",
"body-parser": "1.x", "body-parser": "1.x",
"btoa": "1.x", "btoa": "1.x",
"busboy": "^0.2.13",
"bytes": "^1.0.0", "bytes": "^1.0.0",
"cluster-store": "^1.0.0", "cluster-store": "^1.0.0",
"compression": "1.x", "compression": "1.x",
@ -80,8 +81,8 @@
"jarson": "1.x", "jarson": "1.x",
"json-storage": "2.x", "json-storage": "2.x",
"jsonwebtoken": "^5.4.0", "jsonwebtoken": "^5.4.0",
"lodash": "2.x",
"letsencrypt-express": "1.1.x", "letsencrypt-express": "1.1.x",
"lodash": "2.x",
"masterquest-sqlite3": "git://github.com/coolaj86/masterquest-sqlite3.git", "masterquest-sqlite3": "git://github.com/coolaj86/masterquest-sqlite3.git",
"media-typer": "^0.3.0", "media-typer": "^0.3.0",
"methods": "^1.1.1", "methods": "^1.1.1",