|
| 1 | +'use strict'; |
| 2 | + |
| 3 | +const LEX = require('greenlock-express'); |
| 4 | +const app = require('express')(); |
| 5 | +const http = require('http'); |
| 6 | +const https = require('https'); |
| 7 | + |
| 8 | +// Ensure we don't try to register a certificate unless running on a production server |
| 9 | +var serverUrl = ''; |
| 10 | +if (process.env.NODE_ENV === 'production') { |
| 11 | + serverUrl = 'https://acme-v01.api.letsencrypt.org/directory'; |
| 12 | +} else { |
| 13 | + serverUrl = 'staging'; |
| 14 | +} |
| 15 | + |
| 16 | +// |
| 17 | +var lex = LEX.create({ |
| 18 | + server: serverUrl, |
| 19 | + challenges: { |
| 20 | + 'http-01': require('le-challenge-fs').create({ |
| 21 | + webrootPath: '~/letsencrypt/var/:hostname' |
| 22 | + }) |
| 23 | + }, |
| 24 | + store: require('le-store-certbot').create({ |
| 25 | + webrootPath: '~/letsencrypt/var/:hostname' |
| 26 | + }), |
| 27 | + approveDomains: approveDomains, |
| 28 | + debug: false |
| 29 | +}); |
| 30 | + |
| 31 | +// Validate the domain |
| 32 | +function approveDomains(opts, certs, cb) { |
| 33 | + if (!/\.multiparty\.io/.test(opts.domain) && opts.domain !== 'multiparty.io') { |
| 34 | + console.error("bad domain '" + opts.domain + "', not a subdomain of multiparty.io"); |
| 35 | + cb(null, null); |
| 36 | + return; |
| 37 | + } |
| 38 | + |
| 39 | + if (certs) { |
| 40 | + opts.domains = certs.altnames; |
| 41 | + } |
| 42 | + else { |
| 43 | + opts.domains = ['multiparty.io']; |
| 44 | + |
| 45 | + opts.agreeTos = true; |
| 46 | + } |
| 47 | + cb(null, {options: opts, certs: certs}); |
| 48 | +} |
| 49 | + |
| 50 | +// Run server on port 80 and 443 in production |
| 51 | +if (process.env.NODE_ENV === 'production') { |
| 52 | + // Redirect port 80 traffic to 443 |
| 53 | + http.createServer(lex.middleware(require('redirect-https')())).listen(80, function () { |
| 54 | + console.log("Listening for ACME http-01 challenges on", this.address()); |
| 55 | + }); |
| 56 | + |
| 57 | + https.createServer(lex.httpsOptions, lex.middleware(app)).listen(443, function () { |
| 58 | + console.log("Listening for ACME tls-sni-01 challenges and serve app on", this.address()); |
| 59 | + }); |
| 60 | +} else { |
| 61 | + // Run server on port 8080 for development |
| 62 | + http.createServer(lex.middleware(app)).listen(8080, function () { |
| 63 | + console.log("Listening for ACME http-01 challenges on", this.address()); |
| 64 | + }); |
| 65 | +} |
| 66 | + |
| 67 | +app.use('/', function (req, res) { |
| 68 | + res.end('Hello, World!'); |
| 69 | +}); |
0 commit comments