mirror of
https://github.com/Lissy93/dashy.git
synced 2024-12-23 00:41:37 +03:00
Add redirection from http to https
This commit is contained in:
parent
93911c2520
commit
6ee5286ebf
4
.env
4
.env
@ -20,6 +20,10 @@
|
||||
# SSL_PRIV_KEY_PATH=/etc/ssl/certs/dashy-priv.key
|
||||
# SSL_PUB_KEY_PATH=/etc/ssl/certs/dashy-pub.pem
|
||||
|
||||
# If SSL enabled, choose whether or not to redirect http to https
|
||||
# Defaults to true
|
||||
# REDIRECT_HTTPS=true
|
||||
|
||||
# Usually the same as BASE_URL, but accessible in frontend
|
||||
# VUE_APP_DOMAIN=https://dashy.to
|
||||
|
||||
|
@ -66,6 +66,8 @@ const printWarning = (msg, error) => {
|
||||
const method = (m, mw) => (req, res, next) => (req.method === m ? mw(req, res, next) : next());
|
||||
|
||||
const app = express()
|
||||
// Load SSL redirection middleware
|
||||
.use(sslServer.middleware)
|
||||
// Serves up static files
|
||||
.use(express.static(path.join(__dirname, 'dist')))
|
||||
.use(express.static(path.join(__dirname, 'public')))
|
||||
@ -128,4 +130,4 @@ http.createServer(app)
|
||||
});
|
||||
|
||||
/* Check, and if possible start SSL server too */
|
||||
sslServer(app);
|
||||
sslServer.startSSLServer(app);
|
||||
|
@ -5,36 +5,48 @@ const https = require('https');
|
||||
const promise = util.promisify;
|
||||
const stat = promise(fs.stat);
|
||||
|
||||
module.exports = (app) => {
|
||||
const httpsCerts = {
|
||||
private: process.env.SSL_PRIV_KEY_PATH || '/etc/ssl/certs/dashy-priv.key',
|
||||
public: process.env.SSL_PUB_KEY_PATH || '/etc/ssl/certs/dashy-pub.pem',
|
||||
};
|
||||
const httpsCerts = {
|
||||
private: process.env.SSL_PRIV_KEY_PATH || '/etc/ssl/certs/dashy-priv.key',
|
||||
public: process.env.SSL_PUB_KEY_PATH || '/etc/ssl/certs/dashy-pub.pem',
|
||||
};
|
||||
|
||||
const isDocker = !!process.env.IS_DOCKER;
|
||||
const SSLPort = process.env.SSL_PORT || (isDocker ? 443 : 4001);
|
||||
const isDocker = !!process.env.IS_DOCKER;
|
||||
const SSLPort = process.env.SSL_PORT || (isDocker ? 443 : 4001);
|
||||
const redirectHttps = process.env.REDIRECT_HTTPS || true;
|
||||
|
||||
const printSuccess = () => {
|
||||
console.log(`🔐 HTTPS server successfully started (port: ${SSLPort} ${isDocker ? 'of container' : ''})`);
|
||||
};
|
||||
const printNotSoGood = (msg) => {
|
||||
console.log(`SSL Not Enabled: ${msg}`);
|
||||
};
|
||||
|
||||
const printNotSoGood = (msg) => {
|
||||
console.log(`SSL Not Enabled: ${msg}`);
|
||||
};
|
||||
const printSuccess = () => {
|
||||
console.log(`🔐 HTTPS server successfully started (port: ${SSLPort} ${isDocker ? 'of container' : ''})`);
|
||||
};
|
||||
|
||||
/* Starts SSL-secured node server */
|
||||
const startSSLServer = () => {
|
||||
// Check if the SSL certs are present and SSL should be enabled
|
||||
let enableSSL = false;
|
||||
stat(httpsCerts.public).then(() => {
|
||||
stat(httpsCerts.private).then(() => {
|
||||
enableSSL = true;
|
||||
}).catch(() => { printNotSoGood('Private key not present'); });
|
||||
}).catch(() => { printNotSoGood('Public key not present'); });
|
||||
|
||||
const startSSLServer = (app) => {
|
||||
// If SSL should be enabled, create a secured server and start it
|
||||
if (enableSSL) {
|
||||
const httpsServer = https.createServer({
|
||||
key: fs.readFileSync(httpsCerts.private),
|
||||
cert: fs.readFileSync(httpsCerts.public),
|
||||
}, app);
|
||||
httpsServer.listen(SSLPort, () => { printSuccess(); });
|
||||
};
|
||||
|
||||
/* Check if SSL certs present, if so also start the HTTPS server */
|
||||
stat(httpsCerts.public).then(() => {
|
||||
stat(httpsCerts.private).then(() => {
|
||||
startSSLServer();
|
||||
}).catch(() => { printNotSoGood('Private key not present'); });
|
||||
}).catch(() => { printNotSoGood('Public key not present'); });
|
||||
}
|
||||
};
|
||||
|
||||
const middleware = (req, res, next) => {
|
||||
if (enableSSL && redirectHttps && req.protocol === 'http') {
|
||||
res.redirect(`https://${req.hostname + ((SSLPort === 443) ? '' : `:${SSLPort}`) + req.url}`);
|
||||
} else {
|
||||
next();
|
||||
}
|
||||
};
|
||||
|
||||
module.exports = { startSSLServer, middleware };
|
||||
|
Loading…
Reference in New Issue
Block a user