Mercurial > hg > rlgwebd
comparison rlgwebd @ 201:f3843245a35e
Initial support for TLS.
RLGWebD now serves via encrypted connections on port 8081.
The client-side script now uses secure WebSockets if the page is being
accessed via HTTPS.
| author | John "Elwin" Edwards |
|---|---|
| date | Sun, 01 Jan 2017 20:18:01 -0500 |
| parents | ea28353d620a |
| children | 7f25bb89b59c |
comparison
equal
deleted
inserted
replaced
| 200:a7cc38a0168d | 201:f3843245a35e |
|---|---|
| 1 #!/usr/bin/env node | 1 #!/usr/bin/env node |
| 2 | 2 |
| 3 var http = require('http'); | 3 var http = require('http'); |
| 4 var https = require('https'); | |
| 4 var net = require('net'); | 5 var net = require('net'); |
| 5 var url = require('url'); | 6 var url = require('url'); |
| 6 var path = require('path'); | 7 var path = require('path'); |
| 7 var fs = require('fs'); | 8 var fs = require('fs'); |
| 8 var events = require('events'); | 9 var events = require('events'); |
| 11 var posix = require("posix"); | 12 var posix = require("posix"); |
| 12 var pty = require("pty.js"); | 13 var pty = require("pty.js"); |
| 13 var WebSocketServer = require("websocket").server; | 14 var WebSocketServer = require("websocket").server; |
| 14 | 15 |
| 15 /* Configuration variables */ | 16 /* Configuration variables */ |
| 16 // The first file is NOT in the chroot. | 17 // These first files are NOT in the chroot. |
| 18 var domain_name = "rlgallery.org"; | |
| 17 var ctlsocket = "/var/run/rlgwebd.sock"; | 19 var ctlsocket = "/var/run/rlgwebd.sock"; |
| 20 var keyfile = "/etc/letsencrypt/live/" + domain_name + "/privkey.pem"; | |
| 21 var certfile = "/etc/letsencrypt/live/" + domain_name + "/cert.pem"; | |
| 22 var cafile = "/etc/letsencrypt/live/" + domain_name + "/chain.pem"; | |
| 18 var httpPort = 8080; | 23 var httpPort = 8080; |
| 24 var httpsPort = 8081; | |
| 19 var chrootDir = "/var/dgl/"; | 25 var chrootDir = "/var/dgl/"; |
| 20 var dropToUser = "rodney"; | 26 var dropToUser = "rodney"; |
| 21 var serveStaticRoot = "/var/www/"; // inside the chroot | 27 var serveStaticRoot = "/var/www/"; // inside the chroot |
| 22 | 28 |
| 23 var clearbufs = [ | 29 var clearbufs = [ |
| 1210 /* This could be nonblocking, but nothing else can start yet anyway. */ | 1216 /* This could be nonblocking, but nothing else can start yet anyway. */ |
| 1211 if (fs.existsSync(ctlsocket)) { | 1217 if (fs.existsSync(ctlsocket)) { |
| 1212 fs.unlinkSync(ctlsocket); | 1218 fs.unlinkSync(ctlsocket); |
| 1213 } | 1219 } |
| 1214 | 1220 |
| 1221 var tls_options = { | |
| 1222 key: fs.readFileSync(keyfile), | |
| 1223 cert: fs.readFileSync(certfile), | |
| 1224 ca: fs.readFileSync(cafile) | |
| 1225 }; | |
| 1226 | |
| 1215 /* Open the control socket before chrooting where it can't be found */ | 1227 /* Open the control socket before chrooting where it can't be found */ |
| 1216 var ctlServer = net.createServer(function (sock) { | 1228 var ctlServer = net.createServer(function (sock) { |
| 1217 sock.on('data', consoleHandler); | 1229 sock.on('data', consoleHandler); |
| 1218 }); | 1230 }); |
| 1219 ctlServer.listen(ctlsocket, function () { | 1231 ctlServer.listen(ctlsocket, function () { |
| 1240 httpServer.listen(httpPort); | 1252 httpServer.listen(httpPort); |
| 1241 tslog('rlgwebd running on port %d', httpPort); | 1253 tslog('rlgwebd running on port %d', httpPort); |
| 1242 wsServer = new WebSocketServer({"httpServer": httpServer}); | 1254 wsServer = new WebSocketServer({"httpServer": httpServer}); |
| 1243 wsServer.on("request", wsHandler); | 1255 wsServer.on("request", wsHandler); |
| 1244 tslog('WebSockets are online'); | 1256 tslog('WebSockets are online'); |
| 1257 var httpsServer = https.createServer(tls_options, webHandler); | |
| 1258 httpsServer.listen(httpsPort); | |
| 1259 tslog('TLS running on port %d', httpsPort); | |
| 1260 wssServer = new WebSocketServer({"httpServer": httpsServer}); | |
| 1261 wssServer.on("request", wsHandler); | |
| 1262 tslog('Secure WebSockets are online'); | |
| 1245 progressWatcher = startProgressWatcher(); | 1263 progressWatcher = startProgressWatcher(); |
| 1246 setInterval(pushStatus, 40000); | 1264 setInterval(pushStatus, 40000); |
| 1247 }); | 1265 }); |
| 1248 | 1266 |