mirror of
https://github.com/therootcompany/greenlock-express.js.git
synced 2024-11-16 17:28:59 +00:00
51 lines
1.7 KiB
JavaScript
51 lines
1.7 KiB
JavaScript
'use strict';
|
|
|
|
// allow node.js to bind to port 80 and 443 without root:
|
|
//
|
|
// sudo setcap 'cap_net_bind_service=+ep' `which node`
|
|
|
|
/* Note: using staging server url, remove .testing() for production
|
|
Using .testing() will overwrite the debug flag with true */
|
|
var LEX = require('letsencrypt-express').testing();
|
|
var http = require('http');
|
|
// NOTE: you could use the old https module if for some reason
|
|
// you don't want to support modern browsers
|
|
var https = require('spdy');
|
|
var leConfDir = require('os').homedir() + '/letsencrypt/etc';
|
|
throw new Error(
|
|
"You must edit the example to change the email address (and remove this error)."
|
|
+ " Also, you'll need to remove .testing() and rm -rf '" + leConfDir + "'"
|
|
+ " to get actual, trusted production certificates.");
|
|
var lex = LEX.create({
|
|
configDir: leConfDir
|
|
, approveRegistration: function (hostname, cb) { // leave `null` to disable automatic registration
|
|
// Note: this is the place to check your database to get the user associated with this domain
|
|
cb(null, {
|
|
domains: [hostname]
|
|
, email: 'CHANGE_ME' // user@example.com
|
|
, agreeTos: true
|
|
});
|
|
}
|
|
});
|
|
|
|
function redirectHttp() {
|
|
http.createServer(LEX.createAcmeResponder(lex, function redirectHttps(req, res) {
|
|
res.setHeader('Location', 'https://' + req.headers.host + req.url);
|
|
res.statusCode = 302;
|
|
res.end('<!-- Hello Developer Person! Please use HTTPS instead -->');
|
|
})).listen(80);
|
|
}
|
|
|
|
function serveHttps() {
|
|
var app = require('express')();
|
|
|
|
app.use('/', function (req, res) {
|
|
res.end('Hello!');
|
|
});
|
|
|
|
https.createServer(lex.httpsOptions, LEX.createAcmeResponder(lex, app)).listen(443);
|
|
}
|
|
|
|
redirectHttp();
|
|
serveHttps();
|