goldilocks.js/README.md

<!-- BANNER_TPL_BEGIN -->

About Daplie: We're taking back the Internet!
--------------

Down with Google, Apple, and Facebook!

We're re-decentralizing the web and making it read-write again - one home cloud system at a time.

Tired of serving the Empire? Come join the Rebel Alliance:

<a href="mailto:jobs@daplie.com">jobs@daplie.com</a> | [Invest in Daplie on Wefunder](https://daplie.com/invest/) | [Pre-order Cloud](https://daplie.com/preorder/), The World's First Home Server for Everyone

<!-- BANNER_TPL_END -->

Goldilocks
==========

The node.js webserver that's just right.


A simple HTTPS static file server with valid TLS (SSL) certs.

Comes bundled a valid certificate for localhost.daplie.me,
which is great for testing and development, and you can specify your own.

Also great for testing ACME certs from letsencrypt.org.

Install
-------

```bash
# v2 in npm
npm install -g goldilocks

# master in git (via ssh)
npm install -g git+ssh://git@git.daplie.com:Daplie/goldilocks.js

# master in git (unauthenticated)
npm install -g git+https://git@git.daplie.com:Daplie/goldilocks.js
```

```bash
goldilocks
```

```bash
Serving /Users/foo/ at https://localhost.daplie.me:8443
```

Usage
-----

Examples:

```
# Install
npm install -g git+https://git@git.daplie.com:Daplie/goldilocks.js

# Use tunnel
goldilocks --sites jane.daplie.me --agree-tos --email jane@example.com --tunnel

# BEFORE you access in a browser for the first time, use curl
# (because there's a concurrency bug in the greenlock setup)
curl https://jane.daplie.me
```

Options:

* `-p <port>` - i.e. `sudo goldilocks -p 443` (defaults to 80+443 or 8443)
* `-d <dirpath>` - i.e. `goldilocks -d /tmp/` (defaults to `pwd`)
  * you can use `:hostname` as a template for multiple directories
  * Example A: `goldilocks -d /srv/www/:hostname --sites localhost.foo.daplie.me,localhost.bar.daplie.me`
  * Example B: `goldilocks -d ./:hostname/public/ --sites localhost.foo.daplie.me,localhost.bar.daplie.me`
* `-c <content>` - i.e. `server-https -c 'Hello, World! '` (defaults to directory index)
* `--express-app <path>` - path to a file the exports an express-style app (`function (req, res, next) { ... }`)
* `--livereload` - inject livereload into all html pages (see also: [fswatch](http://stackoverflow.com/a/13807906/151312)), but be careful if `<dirpath>` has thousands of files it will spike your CPU usage to 100%

* `--email <email>` - email to use for Let's Encrypt, Daplie DNS, Daplie Tunnel
* `--agree-tos` - agree to terms for Let's Encrypt, Daplie DNS
* `--sites <domain.tld>` comma-separated list of domains to respond to (default is `localhost.daplie.me`)
  * optionally you may include the path to serve with `|` such as `example.com|/tmp,example.net/srv/www`
* `--tunnel` - make world-visible (must use `--sites`)

Specifying a custom HTTPS certificate:

* `--key /path/to/privkey.pem` specifies the server private key
* `--cert /path/to/fullchain.pem` specifies the bundle of server certificate and all intermediate certificates
* `--root /path/to/root.pem` specifies the certificate authority(ies)

Note: `--root` may specify single cert or a bundle, and may be used multiple times like so:

```
--root /path/to/primary-root.pem --root /path/to/cross-root.pem
```

Other options:

* `--serve-root true` alias for `-c` with the contents of root.pem
* `--sites example.com` changes the servername logged to the console
* `--letsencrypt-certs example.com` sets and key, fullchain, and root to standard letsencrypt locations

Examples
--------

```bash
goldilocks -p 1443 -c 'Hello from 1443' &
goldilocks -p 2443 -c 'Hello from 2443' &
goldilocks -p 3443 -d /tmp &

curl https://localhost.daplie.me:1443
> Hello from 1443

curl --insecure https://localhost:2443
> Hello from 2443

curl https://localhost.daplie.me:3443
> [html index listing of /tmp]
```

And if you tested <http://localhost.daplie.me:3443> in a browser,
it would redirect to <https://localhost.daplie.me:3443> (on the same port).

(in curl it would just show an error message)

### Testing ACME Let's Encrypt certs

In case you didn't know, you can get free https certificates from
[letsencrypt.org](https://letsencrypt.org)
(ACME letsencrypt)
and even a free subdomain from <https://freedns.afraid.org>.

If you want to quickly test the certificates you installed,
you can do so like this:

```bash
goldilocks -p 8443 \
  --letsencrypt-certs test.mooo.com \
  --serve-root true
```

which is equilavent to

```bash
goldilocks -p 8443 \
  --sites test.mooo.com
  --key /etc/letsencrypt/live/test.mooo.com/privkey.pem \
  --cert /etc/letsencrypt/live/test.mooo.com/fullchain.pem \
  --root /etc/letsencrypt/live/test.mooo.com/root.pem \
  -c "$(cat 'sudo /etc/letsencrypt/live/test.mooo.com/root.pem')"
```

and can be tested like so

```bash
curl --insecure https://test.mooo.com:8443 > ./root.pem
curl https://test.mooo.com:8843 --cacert ./root.pem
```

* [QuickStart Guide for Let's Encrypt](https://coolaj86.com/articles/lets-encrypt-on-raspberry-pi/)
* [QuickStart Guide for FreeDNS](https://coolaj86.com/articles/free-dns-hosting-with-freedns-afraid-org.html)
auto-update banner 2016-12-30 09:41:04 +00:00			`<!-- BANNER_TPL_BEGIN -->`
auto-update ad 2016-12-30 07:53:29 +00:00
			`About Daplie: We're taking back the Internet!`
Update README.md 2016-11-25 17:20:39 +00:00			`--------------`

auto-update ad 2016-12-30 07:53:29 +00:00			`Down with Google, Apple, and Facebook!`

			`We're re-decentralizing the web and making it read-write again - one home cloud system at a time.`

			`Tired of serving the Empire? Come join the Rebel Alliance:`
Update README.md 2016-11-25 17:20:39 +00:00
auto-update ad 2016-12-30 07:53:29 +00:00			`<a href="mailto:jobs@daplie.com">jobs@daplie.com</a> \| [Invest in Daplie on Wefunder](https://daplie.com/invest/) \| [Pre-order Cloud](https://daplie.com/preorder/), The World's First Home Server for Everyone`
Update README.md 2016-11-25 17:20:39 +00:00
auto-update banner 2016-12-30 09:41:04 +00:00			`<!-- BANNER_TPL_END -->`
Update README.md 2016-11-25 17:20:39 +00:00
Add new file 2017-01-27 06:07:51 +00:00			`Goldilocks`
			`==========`

rebrand to goldilocks 2017-02-22 22:00:14 +00:00			`The node.js webserver that's just right.`

custom https certs, http-to-https redirects 2015-07-08 06:43:46 +00:00
doc updates 2015-07-08 07:46:01 +00:00			`A simple HTTPS static file server with valid TLS (SSL) certs.`
custom https certs, http-to-https redirects 2015-07-08 06:43:46 +00:00
add --sites option for multiple domains #10 and use localhost.daplie.me 2017-02-01 22:47:08 +00:00			`Comes bundled a valid certificate for localhost.daplie.me,`
doc updates 2015-07-08 07:46:01 +00:00			`which is great for testing and development, and you can specify your own.`
add ability to specify content for / 2015-06-30 23:11:01 +00:00
custom https certs, http-to-https redirects 2015-07-08 06:43:46 +00:00			`Also great for testing ACME certs from letsencrypt.org.`
ready for npm 2015-06-24 21:44:42 +00:00
			`Install`
			`-------`

			```bash
rebrand to goldilocks 2017-02-22 22:00:14 +00:00			`# v2 in npm`
			`npm install -g goldilocks`
how to install from git 2017-01-08 00:21:12 +00:00
			`# master in git (via ssh)`
rebrand to goldilocks 2017-02-22 22:00:14 +00:00			`npm install -g git+ssh://git@git.daplie.com:Daplie/goldilocks.js`
how to install from git 2017-01-08 00:21:12 +00:00
			`# master in git (unauthenticated)`
rebrand to goldilocks 2017-02-22 22:00:14 +00:00			`npm install -g git+https://git@git.daplie.com:Daplie/goldilocks.js`
ready for npm 2015-06-24 21:44:42 +00:00			```

Update README.md 2017-01-07 23:43:45 +00:00			```bash
rebrand to goldilocks 2017-02-22 22:00:14 +00:00			`goldilocks`
ready for npm 2015-06-24 21:44:42 +00:00			```
Update README.md 2017-01-07 23:43:45 +00:00
			```bash
add --sites option for multiple domains #10 and use localhost.daplie.me 2017-02-01 22:47:08 +00:00			`Serving /Users/foo/ at https://localhost.daplie.me:8443`
ready for npm 2015-06-24 21:44:42 +00:00			```

			`Usage`
			`-----`

add example 2016-10-17 23:50:17 +00:00			`Examples:`

			```
update example 2017-01-20 20:13:41 +00:00			`# Install`
rebrand to goldilocks 2017-02-22 22:00:14 +00:00			`npm install -g git+https://git@git.daplie.com:Daplie/goldilocks.js`
update example 2017-01-20 20:13:41 +00:00
			`# Use tunnel`
rebrand to goldilocks 2017-02-22 22:00:14 +00:00			`goldilocks --sites jane.daplie.me --agree-tos --email jane@example.com --tunnel`
update example 2017-01-20 20:13:41 +00:00
			`# BEFORE you access in a browser for the first time, use curl`
			`# (because there's a concurrency bug in the greenlock setup)`
			`curl https://jane.daplie.me`
add example 2016-10-17 23:50:17 +00:00			```

add options 2016-10-17 23:52:32 +00:00			`Options:`

rebrand to goldilocks 2017-02-22 22:00:14 +00:00			* `-p <port>` - i.e. `sudo goldilocks -p 443` (defaults to 80+443 or 8443)
			* `-d <dirpath>` - i.e. `goldilocks -d /tmp/` (defaults to `pwd`)
allow templating 2017-02-03 17:50:33 +00:00			* you can use `:hostname` as a template for multiple directories
rebrand to goldilocks 2017-02-22 22:00:14 +00:00			* Example A: `goldilocks -d /srv/www/:hostname --sites localhost.foo.daplie.me,localhost.bar.daplie.me`
			* Example B: `goldilocks -d ./:hostname/public/ --sites localhost.foo.daplie.me,localhost.bar.daplie.me`
update defaults, https now on 8443 2015-07-08 06:45:40 +00:00			* `-c <content>` - i.e. `server-https -c 'Hello, World! '` (defaults to directory index)
update options 2016-10-17 23:46:11 +00:00			* `--express-app <path>` - path to a file the exports an express-style app (`function (req, res, next) { ... }`)
update README 2016-10-07 19:46:29 +00:00			* `--livereload` - inject livereload into all html pages (see also: [fswatch](http://stackoverflow.com/a/13807906/151312)), but be careful if `<dirpath>` has thousands of files it will spike your CPU usage to 100%
custom https certs, http-to-https redirects 2015-07-08 06:43:46 +00:00
update options 2016-10-17 23:46:11 +00:00			* `--email <email>` - email to use for Let's Encrypt, Daplie DNS, Daplie Tunnel
			* `--agree-tos` - agree to terms for Let's Encrypt, Daplie DNS
clarify 2017-02-02 03:02:25 +00:00			* `--sites <domain.tld>` comma-separated list of domains to respond to (default is `localhost.daplie.me`)
			* optionally you may include the path to serve with `\|` such as `example.com\|/tmp,example.net/srv/www`
change --servername to --sites 2017-02-01 22:56:40 +00:00			* `--tunnel` - make world-visible (must use `--sites`)
update options 2016-10-17 23:46:11 +00:00
custom https certs, http-to-https redirects 2015-07-08 06:43:46 +00:00			`Specifying a custom HTTPS certificate:`

doc updates 2015-07-08 07:46:01 +00:00			* `--key /path/to/privkey.pem` specifies the server private key
update letsencrypt conventions 2015-07-13 23:46:44 +00:00			* `--cert /path/to/fullchain.pem` specifies the bundle of server certificate and all intermediate certificates
			* `--root /path/to/root.pem` specifies the certificate authority(ies)
custom https certs, http-to-https redirects 2015-07-08 06:43:46 +00:00
update letsencrypt conventions 2015-07-13 23:46:44 +00:00			Note: `--root` may specify single cert or a bundle, and may be used multiple times like so:
doc updates 2015-07-08 07:46:01 +00:00
			```
update letsencrypt conventions 2015-07-13 23:46:44 +00:00			`--root /path/to/primary-root.pem --root /path/to/cross-root.pem`
doc updates 2015-07-08 07:46:01 +00:00			```

			`Other options:`

update letsencrypt conventions 2015-07-13 23:46:44 +00:00			* `--serve-root true` alias for `-c` with the contents of root.pem
change --servername to --sites 2017-02-01 22:56:40 +00:00			* `--sites example.com` changes the servername logged to the console
update letsencrypt conventions 2015-07-13 23:46:44 +00:00			* `--letsencrypt-certs example.com` sets and key, fullchain, and root to standard letsencrypt locations
add ability to specify content for / 2015-06-30 23:11:01 +00:00
			`Examples`
			`--------`

			```bash
rebrand to goldilocks 2017-02-22 22:00:14 +00:00			`goldilocks -p 1443 -c 'Hello from 1443' &`
			`goldilocks -p 2443 -c 'Hello from 2443' &`
			`goldilocks -p 3443 -d /tmp &`
add ability to specify content for / 2015-06-30 23:11:01 +00:00
add --sites option for multiple domains #10 and use localhost.daplie.me 2017-02-01 22:47:08 +00:00			`curl https://localhost.daplie.me:1443`
add ability to specify content for / 2015-06-30 23:11:01 +00:00			`> Hello from 1443`

			`curl --insecure https://localhost:2443`
			`> Hello from 2443`

add --sites option for multiple domains #10 and use localhost.daplie.me 2017-02-01 22:47:08 +00:00			`curl https://localhost.daplie.me:3443`
add ability to specify content for / 2015-06-30 23:11:01 +00:00			`> [html index listing of /tmp]`
			```
custom https certs, http-to-https redirects 2015-07-08 06:43:46 +00:00
add --sites option for multiple domains #10 and use localhost.daplie.me 2017-02-01 22:47:08 +00:00			`And if you tested <http://localhost.daplie.me:3443> in a browser,`
			`it would redirect to <https://localhost.daplie.me:3443> (on the same port).`
custom https certs, http-to-https redirects 2015-07-08 06:43:46 +00:00
			`(in curl it would just show an error message)`

			`### Testing ACME Let's Encrypt certs`

clarify 2015-07-08 06:51:38 +00:00			`In case you didn't know, you can get free https certificates from`
			`[letsencrypt.org](https://letsencrypt.org)`
add link 2015-07-08 06:48:18 +00:00			`(ACME letsencrypt)`
			`and even a free subdomain from <https://freedns.afraid.org>.`
custom https certs, http-to-https redirects 2015-07-08 06:43:46 +00:00
clarify 2015-07-08 06:51:38 +00:00			`If you want to quickly test the certificates you installed,`
			`you can do so like this:`

custom https certs, http-to-https redirects 2015-07-08 06:43:46 +00:00			```bash
rebrand to goldilocks 2017-02-22 22:00:14 +00:00			`goldilocks -p 8443 \`
add alias --letsencrypt-certs and option --serve-chain 2015-07-08 07:27:14 +00:00			`--letsencrypt-certs test.mooo.com \`
update letsencrypt conventions 2015-07-13 23:46:44 +00:00			`--serve-root true`
add alias --letsencrypt-certs and option --serve-chain 2015-07-08 07:27:14 +00:00			```

			`which is equilavent to`

			```bash
rebrand to goldilocks 2017-02-22 22:00:14 +00:00			`goldilocks -p 8443 \`
change --servername to --sites 2017-02-01 22:56:40 +00:00			`--sites test.mooo.com`
custom https certs, http-to-https redirects 2015-07-08 06:43:46 +00:00			`--key /etc/letsencrypt/live/test.mooo.com/privkey.pem \`
update letsencrypt conventions 2015-07-13 23:46:44 +00:00			`--cert /etc/letsencrypt/live/test.mooo.com/fullchain.pem \`
			`--root /etc/letsencrypt/live/test.mooo.com/root.pem \`
			`-c "$(cat 'sudo /etc/letsencrypt/live/test.mooo.com/root.pem')"`
custom https certs, http-to-https redirects 2015-07-08 06:43:46 +00:00			```

add alias --letsencrypt-certs and option --serve-chain 2015-07-08 07:27:14 +00:00			`and can be tested like so`

custom https certs, http-to-https redirects 2015-07-08 06:43:46 +00:00			```bash
update letsencrypt conventions 2015-07-13 23:46:44 +00:00			`curl --insecure https://test.mooo.com:8443 > ./root.pem`
			`curl https://test.mooo.com:8843 --cacert ./root.pem`
custom https certs, http-to-https redirects 2015-07-08 06:43:46 +00:00			```

			`* [QuickStart Guide for Let's Encrypt](https://coolaj86.com/articles/lets-encrypt-on-raspberry-pi/)`
			`* [QuickStart Guide for FreeDNS](https://coolaj86.com/articles/free-dns-hosting-with-freedns-afraid-org.html)`