From 3593721fd78e74afc0271faea54ca2ff70a52d53 Mon Sep 17 00:00:00 2001 From: Alicia Sykes Date: Tue, 9 Nov 2021 22:40:57 +0000 Subject: [PATCH] :lock: Adds support for native SSL --- server.js | 17 +++++++++++------ services/ssl-server.js | 40 ++++++++++++++++++++++++++++++++++++++++ 2 files changed, 51 insertions(+), 6 deletions(-) create mode 100644 services/ssl-server.js diff --git a/server.js b/server.js index 2b990f1a..f3455f46 100644 --- a/server.js +++ b/server.js @@ -5,12 +5,15 @@ * Also includes some routes for status checks/ ping and config saving * */ -/* Include required node dependencies */ -const express = require('express'); +/* Import built-in Node server modules */ +const http = require('http'); const path = require('path'); const util = require('util'); const dns = require('dns'); const os = require('os'); + +/* Import Express + middleware functions */ +const express = require('express'); const history = require('connect-history-api-fallback'); /* Kick of some basic checks */ @@ -21,6 +24,7 @@ require('./services/config-validator'); // Include and kicks off the config file const statusCheck = require('./services/status-check'); // Used by the status check feature, uses GET const saveConfig = require('./services/save-config'); // Saves users new conf.yml to file-system const rebuild = require('./services/rebuild-app'); // A script to programmatically trigger a build +const sslServer = require('./services/ssl-server'); /* Helper functions, and default config */ const printMessage = require('./services/print-message'); // Function to print welcome msg on start @@ -89,7 +93,8 @@ const app = express() }); }); -// Start the server, then print welcome message -app.listen(port, () => { - try { printWelcomeMessage(); } catch (e) { printWarning('Dashy is Starting...'); } -}); +/* Create HTTP server from app on port, and print welcome message */ +http.createServer(app).listen(port, () => { printWelcomeMessage(); }); + +/* Check, and if possible start SSL server too */ +sslServer(app); diff --git a/services/ssl-server.js b/services/ssl-server.js new file mode 100644 index 00000000..a8245a47 --- /dev/null +++ b/services/ssl-server.js @@ -0,0 +1,40 @@ +const fs = require('fs'); +const util = require('util'); +const https = require('https'); + +const promise = util.promisify; +const stat = promise(fs.stat); + +module.exports = (app) => { + const httpsCerts = { + private: '/etc/ssl/certs/dashy-priv.key', + public: '/etc/ssl/certs/dashy-pub.pem', + }; + + const isDocker = !!process.env.IS_DOCKER; + const SSLPort = process.env.SSL_PORT || (isDocker ? 443 : 4001); + + const printSuccess = () => { + console.log(`🔐 HTTPS server successfully started (port: ${SSLPort} ${isDocker ? 'of container' : ''})`); + }; + + const printNotSoGood = (msg) => { + console.log(`SSL Not Enabled: ${msg}`); + }; + + /* Starts SSL-secured node server */ + const startSSLServer = () => { + const httpsServer = https.createServer({ + key: fs.readFileSync(httpsCerts.private), + cert: fs.readFileSync(httpsCerts.public), + }, app); + httpsServer.listen(SSLPort, () => { printSuccess(); }); + }; + + /* Check if SSL certs present, if so also start the HTTPS server */ + stat(httpsCerts.public).then(() => { + stat(httpsCerts.private).then(() => { + startSSLServer(); + }).catch(() => { printNotSoGood('Private key not present'); }); + }).catch(() => { printNotSoGood('Public key not present'); }); +};