mirror of https://github.com/lissy93/dashy
Add redirection from http to https
This commit is contained in:
parent
93911c2520
commit
6ee5286ebf
4
.env
4
.env
|
@ -20,6 +20,10 @@
|
||||||
# SSL_PRIV_KEY_PATH=/etc/ssl/certs/dashy-priv.key
|
# SSL_PRIV_KEY_PATH=/etc/ssl/certs/dashy-priv.key
|
||||||
# SSL_PUB_KEY_PATH=/etc/ssl/certs/dashy-pub.pem
|
# SSL_PUB_KEY_PATH=/etc/ssl/certs/dashy-pub.pem
|
||||||
|
|
||||||
|
# If SSL enabled, choose whether or not to redirect http to https
|
||||||
|
# Defaults to true
|
||||||
|
# REDIRECT_HTTPS=true
|
||||||
|
|
||||||
# Usually the same as BASE_URL, but accessible in frontend
|
# Usually the same as BASE_URL, but accessible in frontend
|
||||||
# VUE_APP_DOMAIN=https://dashy.to
|
# VUE_APP_DOMAIN=https://dashy.to
|
||||||
|
|
||||||
|
|
|
@ -66,6 +66,8 @@ const printWarning = (msg, error) => {
|
||||||
const method = (m, mw) => (req, res, next) => (req.method === m ? mw(req, res, next) : next());
|
const method = (m, mw) => (req, res, next) => (req.method === m ? mw(req, res, next) : next());
|
||||||
|
|
||||||
const app = express()
|
const app = express()
|
||||||
|
// Load SSL redirection middleware
|
||||||
|
.use(sslServer.middleware)
|
||||||
// Serves up static files
|
// Serves up static files
|
||||||
.use(express.static(path.join(__dirname, 'dist')))
|
.use(express.static(path.join(__dirname, 'dist')))
|
||||||
.use(express.static(path.join(__dirname, 'public')))
|
.use(express.static(path.join(__dirname, 'public')))
|
||||||
|
@ -128,4 +130,4 @@ http.createServer(app)
|
||||||
});
|
});
|
||||||
|
|
||||||
/* Check, and if possible start SSL server too */
|
/* Check, and if possible start SSL server too */
|
||||||
sslServer(app);
|
sslServer.startSSLServer(app);
|
||||||
|
|
|
@ -5,36 +5,48 @@ const https = require('https');
|
||||||
const promise = util.promisify;
|
const promise = util.promisify;
|
||||||
const stat = promise(fs.stat);
|
const stat = promise(fs.stat);
|
||||||
|
|
||||||
module.exports = (app) => {
|
const httpsCerts = {
|
||||||
const httpsCerts = {
|
private: process.env.SSL_PRIV_KEY_PATH || '/etc/ssl/certs/dashy-priv.key',
|
||||||
private: process.env.SSL_PRIV_KEY_PATH || '/etc/ssl/certs/dashy-priv.key',
|
public: process.env.SSL_PUB_KEY_PATH || '/etc/ssl/certs/dashy-pub.pem',
|
||||||
public: process.env.SSL_PUB_KEY_PATH || '/etc/ssl/certs/dashy-pub.pem',
|
};
|
||||||
};
|
|
||||||
|
|
||||||
const isDocker = !!process.env.IS_DOCKER;
|
const isDocker = !!process.env.IS_DOCKER;
|
||||||
const SSLPort = process.env.SSL_PORT || (isDocker ? 443 : 4001);
|
const SSLPort = process.env.SSL_PORT || (isDocker ? 443 : 4001);
|
||||||
|
const redirectHttps = process.env.REDIRECT_HTTPS || true;
|
||||||
|
|
||||||
const printSuccess = () => {
|
const printNotSoGood = (msg) => {
|
||||||
console.log(`🔐 HTTPS server successfully started (port: ${SSLPort} ${isDocker ? 'of container' : ''})`);
|
console.log(`SSL Not Enabled: ${msg}`);
|
||||||
};
|
};
|
||||||
|
|
||||||
const printNotSoGood = (msg) => {
|
const printSuccess = () => {
|
||||||
console.log(`SSL Not Enabled: ${msg}`);
|
console.log(`🔐 HTTPS server successfully started (port: ${SSLPort} ${isDocker ? 'of container' : ''})`);
|
||||||
};
|
};
|
||||||
|
|
||||||
/* Starts SSL-secured node server */
|
// Check if the SSL certs are present and SSL should be enabled
|
||||||
const startSSLServer = () => {
|
let enableSSL = false;
|
||||||
|
stat(httpsCerts.public).then(() => {
|
||||||
|
stat(httpsCerts.private).then(() => {
|
||||||
|
enableSSL = true;
|
||||||
|
}).catch(() => { printNotSoGood('Private key not present'); });
|
||||||
|
}).catch(() => { printNotSoGood('Public key not present'); });
|
||||||
|
|
||||||
|
const startSSLServer = (app) => {
|
||||||
|
// If SSL should be enabled, create a secured server and start it
|
||||||
|
if (enableSSL) {
|
||||||
const httpsServer = https.createServer({
|
const httpsServer = https.createServer({
|
||||||
key: fs.readFileSync(httpsCerts.private),
|
key: fs.readFileSync(httpsCerts.private),
|
||||||
cert: fs.readFileSync(httpsCerts.public),
|
cert: fs.readFileSync(httpsCerts.public),
|
||||||
}, app);
|
}, app);
|
||||||
httpsServer.listen(SSLPort, () => { printSuccess(); });
|
httpsServer.listen(SSLPort, () => { printSuccess(); });
|
||||||
};
|
}
|
||||||
|
|
||||||
/* Check if SSL certs present, if so also start the HTTPS server */
|
|
||||||
stat(httpsCerts.public).then(() => {
|
|
||||||
stat(httpsCerts.private).then(() => {
|
|
||||||
startSSLServer();
|
|
||||||
}).catch(() => { printNotSoGood('Private key not present'); });
|
|
||||||
}).catch(() => { printNotSoGood('Public key not present'); });
|
|
||||||
};
|
};
|
||||||
|
|
||||||
|
const middleware = (req, res, next) => {
|
||||||
|
if (enableSSL && redirectHttps && req.protocol === 'http') {
|
||||||
|
res.redirect(`https://${req.hostname + ((SSLPort === 443) ? '' : `:${SSLPort}`) + req.url}`);
|
||||||
|
} else {
|
||||||
|
next();
|
||||||
|
}
|
||||||
|
};
|
||||||
|
|
||||||
|
module.exports = { startSSLServer, middleware };
|
||||||
|
|
Loading…
Reference in New Issue