Compare commits
1 Commits
master
...
letsencryp
Author | SHA1 | Date |
---|---|---|
AJ ONeal | d4a904ef94 |
|
@ -57,6 +57,8 @@ Currently being tested with Ubuntu, Raspbian, and Debian on Digital Ocean, Raspb
|
|||
│ ├── fullchain.pem
|
||||
│ └── privkey.pem
|
||||
└── var
|
||||
├── files
|
||||
└── tmp
|
||||
```
|
||||
|
||||
* `core` contains all walnut code
|
||||
|
|
|
@ -5,6 +5,11 @@ module.exports.create = function (opts) {
|
|||
var promiseApp;
|
||||
|
||||
function createAndBindInsecure(lex, message, cb) {
|
||||
var webserver = require('http').createServer(lex.middleware(require('redirect-https')())).listen(message.conf.insecurePort, function () {
|
||||
console.log('handling http-01 ACME challenges on port', message.conf.insecurePort);
|
||||
cb(null, webserver, null, message);
|
||||
});
|
||||
/*
|
||||
// TODO conditional if 80 is being served by caddy
|
||||
require('../lib/insecure-server').create(lex, message.conf.externalPort, message.conf.insecurePort, message, function (err, webserver) {
|
||||
console.info("#" + id + " Listening on http://" + webserver.address().address + ":" + webserver.address().port, '\n');
|
||||
|
@ -12,34 +17,21 @@ module.exports.create = function (opts) {
|
|||
// we are returning the promise result to the caller
|
||||
return cb(null, webserver, null, message);
|
||||
});
|
||||
*/
|
||||
}
|
||||
|
||||
function createLe(conf) {
|
||||
var LEX = require('letsencrypt-express');
|
||||
var lex = LEX.create({
|
||||
configDir: conf.letsencrypt.configDir // i.e. __dirname + '/letsencrypt.config'
|
||||
, approveRegistration: function (hostname, cb) {
|
||||
cb(null, {
|
||||
domains: [hostname] // TODO handle www and bare on the same cert
|
||||
, email: conf.letsencrypt.email
|
||||
, agreeTos: conf.letsencrypt.agreeTos
|
||||
});
|
||||
/*
|
||||
letsencrypt.getConfig({ domains: [domain] }, function (err, config) {
|
||||
if (!(config && config.checkpoints >= 0)) {
|
||||
cb(err, null);
|
||||
return;
|
||||
}
|
||||
|
||||
cb(null, {
|
||||
email: config.email
|
||||
// can't remember which it is, but the pyconf is different that the regular variable
|
||||
, agreeTos: config.tos || config.agree || config.agreeTos
|
||||
, server: config.server || LE.productionServerUrl
|
||||
, domains: config.domains || [domain]
|
||||
});
|
||||
});
|
||||
*/
|
||||
server: 'https://acme-v01.api.letsencrypt.org/directory'
|
||||
//server: 'staging'
|
||||
, configDir: conf.letsencrypt.configDir // i.e. __dirname + '/letsencrypt.config'
|
||||
, webrootPath: '/tmp/acme-challenges'
|
||||
, approveDomains: function (opts, certs, cb) {
|
||||
opts.email = conf.letsencrypt.email;
|
||||
opts.agreeTos = conf.letsencrypt.agreeTos;
|
||||
opts.domains = certs && certs.altnames || opts.domains;
|
||||
cb(null, { options: opts, certs: certs });
|
||||
}
|
||||
});
|
||||
//var letsencrypt = lex.letsencrypt;
|
||||
|
|
|
@ -42,7 +42,6 @@ module.exports.create = function (lex, securePort, insecurePort, info, serverCal
|
|||
// http://evothings.com/is-it-possible-to-secure-micro-controllers-used-within-iot/
|
||||
// needs ECDSA?
|
||||
|
||||
console.warn('HARD-CODED HTTPS EXCEPTION in insecure-server.js for redirect-www.org');
|
||||
if (/redirect-www.org$/.test(host) && useAppInsecurely(req, res)) {
|
||||
return true;
|
||||
}
|
||||
|
|
|
@ -44,8 +44,7 @@ module.exports.create = function (lex, certPaths, port, info, serverCallback) {
|
|||
}
|
||||
|
||||
if (lex) {
|
||||
var LEX = require('letsencrypt-express');
|
||||
server.on('request', LEX.createAcmeResponder(lex, onRequest));
|
||||
server.on('request', lex.middleware(onRequest));
|
||||
} else {
|
||||
server.on('request', onRequest);
|
||||
}
|
||||
|
|
|
@ -222,6 +222,15 @@ module.exports.create = function (webserver, info, state) {
|
|||
req.hostname = req.hostname.replace(/.*\.?proxyable\./, '');
|
||||
}
|
||||
|
||||
// hacky fix for com.enom.reseller, com.daplie.domains, org.oauth3.dns, org.oauth3.domains
|
||||
if (req.path) {
|
||||
req.url = req.url.replace(/com\.daplie\.domains/, 'com.enom.reseller');
|
||||
req.url = req.url.replace(/org\.oauth3\.domains/, 'com.enom.reseller');
|
||||
req.url = req.url.replace(/org\.oauth3\.dns/, 'com.enom.reseller');
|
||||
req.url = req.url.replace(/org\.oauth3\.provider\/credentials/, 'org.oauth3.provider/logins');
|
||||
//req.path = req.path.replace(/com\.daplie\.domains/, 'com.enom.reseller');
|
||||
}
|
||||
|
||||
require('./package-server').mapToApp({
|
||||
config: pkgConf
|
||||
, deps: pkgDeps
|
||||
|
|
|
@ -43,6 +43,7 @@
|
|||
"bluebird": "2.x",
|
||||
"body-parser": "1.x",
|
||||
"btoa": "1.x",
|
||||
"busboy": "^0.2.13",
|
||||
"bytes": "^1.0.0",
|
||||
"cluster-store": "^1.0.0",
|
||||
"compression": "1.x",
|
||||
|
@ -80,8 +81,8 @@
|
|||
"jarson": "1.x",
|
||||
"json-storage": "2.x",
|
||||
"jsonwebtoken": "^5.4.0",
|
||||
"lodash": "2.x",
|
||||
"letsencrypt-express": "1.1.x",
|
||||
"lodash": "2.x",
|
||||
"masterquest-sqlite3": "git://github.com/coolaj86/masterquest-sqlite3.git",
|
||||
"media-typer": "^0.3.0",
|
||||
"methods": "^1.1.1",
|
||||
|
|
Loading…
Reference in New Issue