coolaj86
/
walnut.js
1
1
Fork 1
Code Issues Pull Requests Releases Activity
A lightweight IOT application server with a hard shell written for node.js
148 Commits 12 Branches 6 Tags 16 MiB
JavaScript 83.6%
HTML 8.9%
Shell 4.6%
CSS 2.9%
Go to file
AJ ONeal 64629ef402 add .jshintrc 2017-05-04 23:10:24 -06:00
bin refactoring to use fs config 2016-04-09 19:14:00 -04:00
boot removed letsencrypt and other 2017-05-04 23:09:56 -06:00
etc include special and auto cert dirs 2016-03-28 21:12:35 -04:00
lib removed letsencrypt and other 2017-05-04 23:09:56 -06:00
snippets add undo instructions 2015-02-23 19:30:34 +00:00
tests apppath => pagespath 2015-11-21 20:47:28 +00:00
.gitignore remove unused files 2015-11-28 05:44:52 +00:00
.jshintrc add .jshintrc 2017-05-04 23:10:24 -06:00
LICENSE open source, again 2015-11-28 06:14:03 +00:00
README.md begin documentation 2015-11-28 07:40:33 +00:00
install.sh little fixes (typos, missing config, etc) 2016-06-07 10:49:26 -04:00
package.json little fixes (typos, missing config, etc) 2016-06-07 10:49:26 -04:00
setup-dev-deps.sh refactoring to use fs config 2016-04-09 19:14:00 -04:00
walnut.js removed letsencrypt and other 2017-05-04 23:09:56 -06:00

README.md

walnut

Small, light, and secure iot application framework.

Features

  • IOT Application server written in Node.js
  • Small memory footprint
  • Secure
    • Uses JWT, not Cookies*
    • HTTPS-only
    • AES, RSA, and ECDSA encryption and signing
    • Safe against CSRF, XSS, and SQL injection
    • Safe against Compression attacks
  • Multi-Tentated Application Management
  • Built-in OAuth2 & OAuth3 support
    • Facebook Connect
    • Google Plus

*Cookies are used only for GETs and only where using a token would be less secure such as images which would otherwise require the token to be passed into the img src. They are also scoped such that CSRF attacks are not possible.

In Progress

  • Static Asset Serving via Caddy
  • HTTPS Certificates provisioned via Let's Encrypt
  • HTTPS Key Pinning
  • Heroku (pending completion of PostgreSQL support)
  • GunDB Support
  • OpenID support

Structure

Currently being tested with Ubuntu, Raspbian, and Debian on Digital Ocean, Raspberry Pi, and Heroku.

/srv/walnut/
├── setup.sh (in-progress)
├── core
│   ├── bin
│   ├── boot
│   ├── holepunch
│   └── lib
├── node_modules
├── packages
│   ├── apis
│   ├── pages
│   └── services
├── certs
|   └── live
│       └── example.com
│           ├── fullchain.pem
│           └── privkey.pem
└── var
  • core contains all walnut code
  • node_modules is a flat installation of all dependencies
  • certs is a directory for Let's Encrypt (or custom) certificates
  • var is a directory for database files and such
  • packages contains 3 types of packages

LICENSE

Apache-2.0

See LICENSE