diff --git a/boot/master.js b/boot/master.js index f963bb7..0e5ad55 100644 --- a/boot/master.js +++ b/boot/master.js @@ -14,23 +14,49 @@ var cluster = require('cluster'); //var minWorkers = 2; var numCores = 2; // Math.max(minWorkers, require('os').cpus().length); var workers = []; -var config = require('../../config'); -var useCaddy = require('fs').existsSync(config.caddy.bin); -var conf = { - localPort: process.argv[2] || (useCaddy ? 4080 : 443) // system / local network -, insecurePort: process.argv[3] || (useCaddy ? 80 : 80) // meh -, externalPort: 443 // world accessible +var config = { + externalPort: 443 // world accessible , externalPortInsecure: 80 // world accessible // TODO externalInsecurePort? , locked: false // TODO XXX , ipcKey: null -, caddyfilepath: config.caddy.conf + // XXX // TODO needs mappings from db -, caddy: config.caddy + // TODO autoconfig Caddy caddy + // XXX +, caddy: { + conf: __dirname + '/Caddyfile' + , bin: '/usr/local/bin/caddy' + , sitespath: path.join(__dirname, 'sites-enabled') + } +, redirects: [ + { "ip": false, "id": "*", "value": false } // default no-www + + , { "ip": false, "id": "daplie.domains", "value": null } + , { "ip": false, "id": "*.daplie.domains", "value": false } + , { "ip": false, "id": "no.daplie.domains", "value": false } + , { "ip": false, "id": "*.no.daplie.domains", "value": false } + , { "ip": false, "id": "ns2.daplie.domains", "value": false } + + , { "ip": true, "id": "maybe.daplie.domains", "value": null } + , { "ip": true, "id": "*.maybe.daplie.domains", "value": null } + + , { "ip": true, "id": "www.daplie.domains", "value": null } + , { "ip": true, "id": "yes.daplie.domains", "value": true } + , { "ip": true, "id": "*.yes.daplie.domains", "value": true } + , { "ip": true, "id": "ns1.daplie.domains", "value": false } + ] + // TODO use sqlite3 or autogenerate ? +, privkey: require('fs').readFileSync(__dirname + '/../../' + '/nsx.redirect-www.org.key.pem', 'ascii') +, pubkey: require('fs').readFileSync(__dirname + '/../../' + '/nsx.redirect-www.org.key.pem.pub', 'ascii') }; +var useCaddy = require('fs').existsSync(config.caddy.bin); var state = {}; var caddy; +config.localPort = process.argv[2] || (useCaddy ? 4080 : 443); // system / local network +config.insecurePort = process.argv[3] || (useCaddy ? 80 : 80); // meh + function fork() { if (workers.length < numCores) { workers.push(cluster.fork()); @@ -38,30 +64,26 @@ function fork() { } cluster.on('online', function (worker) { + console.info('[MASTER] Worker ' + worker.process.pid + ' is online'); + fork(); + // TODO XXX Should these be configurable? If so, where? var certPaths = [ path.join(__dirname, 'certs', 'live') , path.join(__dirname, 'letsencrypt', 'live') ]; - var info; - conf.redirects = config.redirects; - - console.info('[MASTER] Worker ' + worker.process.pid + ' is online'); - fork(); - // TODO communicate config with environment vars? - info = { + var info = { type: 'walnut.init' , conf: { protocol: useCaddy ? 'http' : 'https' - , externalPort: conf.externalPort - , localPort: conf.localPort - , insecurePort: conf.insecurePort + , externalPort: config.externalPort + , localPort: config.localPort + , insecurePort: config.insecurePort , trustProxy: useCaddy ? true : false , certPaths: useCaddy ? null : certPaths , ipcKey: null // TODO let this load after server is listening - , redirects: config.redirects , 'org.oauth3.consumer': config['org.oauth3.consumer'] , 'org.oauth3.provider': config['org.oauth3.provider'] , keys: config.keys @@ -79,17 +101,14 @@ cluster.on('online', function (worker) { // calls init if init has not been called state.caddy = caddy; state.workers = workers; - require('../lib/master').touch(conf, state).then(function () { + require('../lib/master').touch(config, state).then(function () { info.type = 'walnut.webserver.onrequest'; - info.conf.ipcKey = conf.ipcKey; - info.conf.memstoreSock = conf.memstoreSock; - info.conf.sqlite3Sock = conf.sqlite3Sock; - // TODO get this from db config instead - var config = require('../../config'); + info.conf.ipcKey = config.ipcKey; + info.conf.memstoreSock = config.memstoreSock; + info.conf.sqlite3Sock = config.sqlite3Sock; // TODO get this from db config instead info.conf.privkey = config.privkey; info.conf.pubkey = config.pubkey; - info.conf.redirects = config.redirects; worker.send(info); }); } @@ -115,7 +134,7 @@ cluster.on('exit', function (worker, code, signal) { fork(); if (useCaddy) { - caddy = require('../lib/spawn-caddy').create(conf); + caddy = require('../lib/spawn-caddy').create(config); // relies on { localPort, locked } - caddy.spawn(conf); + caddy.spawn(config); } diff --git a/lib/master.js b/lib/master.js index f501401..80ea606 100644 --- a/lib/master.js +++ b/lib/master.js @@ -92,55 +92,5 @@ function touch(conf, state) { */ } - //var config = require('./device.json'); - - // require('ssl-root-cas').inject(); - // TODO try SNI loopback.example.com as result of api.ipify.com with loopback token - - /* - function phoneHome() { - var holepunch = require('./holepunch/beacon'); - var ports; - - ports = [ - { private: 65022 - , public: 65022 - , protocol: 'tcp' - , ttl: 0 - , test: { service: 'ssh' } - , testable: false - } - , { private: 650443 - , public: 650443 - , protocol: 'tcp' - , ttl: 0 - , test: { service: 'https' } - } - , { private: 65080 - , public: 65080 - , protocol: 'tcp' - , ttl: 0 - , test: { service: 'http' } - } - ]; - - // TODO return a middleware - holepunch.run(require('./redirects.json').reduce(function (all, redirect) { - if (!all[redirect.from.hostname]) { - all[redirect.from.hostname] = true; - all.push(redirect.from.hostname); - } - if (!all[redirect.to.hostname]) { - all[redirect.to.hostname] = true; - all.push(redirect.to.hostname); - } - - return all; - }, []), ports).catch(function () { - console.error("Couldn't phone home. Oh well"); - }); - } - */ - module.exports.init = init; module.exports.touch = touch;