Mercurial > hg > rlgwebd
diff rlgwebd @ 202:7f25bb89b59c
Move RLGWebD configuration options into a configuration file.
On startup, rlgwebd now reads /etc/rlgwebd.conf. If the options for
HTTPS are not found, it will only use HTTP.
author | John "Elwin" Edwards |
---|---|
date | Wed, 04 Jan 2017 20:28:29 -0500 |
parents | f3843245a35e |
children | 5491ca3a335b |
line wrap: on
line diff
--- a/rlgwebd Sun Jan 01 20:18:01 2017 -0500 +++ b/rlgwebd Wed Jan 04 20:28:29 2017 -0500 @@ -13,18 +13,35 @@ var pty = require("pty.js"); var WebSocketServer = require("websocket").server; -/* Configuration variables */ -// These first files are NOT in the chroot. -var domain_name = "rlgallery.org"; -var ctlsocket = "/var/run/rlgwebd.sock"; -var keyfile = "/etc/letsencrypt/live/" + domain_name + "/privkey.pem"; -var certfile = "/etc/letsencrypt/live/" + domain_name + "/cert.pem"; -var cafile = "/etc/letsencrypt/live/" + domain_name + "/chain.pem"; -var httpPort = 8080; -var httpsPort = 8081; -var chrootDir = "/var/dgl/"; -var dropToUser = "rodney"; -var serveStaticRoot = "/var/www/"; // inside the chroot +/* Default options */ +var rlgwebd_options = { + control_socket: "/var/run/rlgwebd.sock", + http_port: 8080, + https_port: 8081, + chrootDir: "/var/dgl/", + username: "rodney", + static_root: "/var/www/" +}; + +/* Read configuration from a file */ +var config_file = "/etc/rlgwebd.conf"; +var config_lines = fs.readFileSync(config_file).toString().split('\n'); +for (var i = 0; i < config_lines.length; i++) { + if (config_lines[i].length > 0 && config_lines[i][0] != '#') { + var config_fields = config_lines[i].split('='); + if (config_fields.length < 2) + continue; + var option_name = config_fields[0].trim(); + // This can't handle values containing '=' or whitespace at the end + var option_value = config_fields[1].trim(); + rlgwebd_options[option_name] = option_value; + } +} + +/* Should HTTPS be enabled? */ +if ("domain_name" in rlgwebd_options && "keyfile" in rlgwebd_options && + "certfile" in rlgwebd_options) + rlgwebd_options["use_https"] = true; var clearbufs = [ new Buffer([27, 91, 72, 27, 91, 50, 74]), // xterm: CSI H CSI 2J @@ -800,7 +817,7 @@ nname = "index.html"; if (nname.match(/\/$/)) path.join(nname, "index.html"); /* it was a directory */ - var realname = path.join(serveStaticRoot, nname); + var realname = path.join(rlgwebd_options.static_root, nname); var extension = path.extname(realname); fs.exists(realname, function (exists) { var resheaders = {}; @@ -1206,37 +1223,38 @@ var pwent; try { - pwent = posix.getpwnam(dropToUser); + pwent = posix.getpwnam(rlgwebd_options.username); } catch (err) { - tslog("Could not drop to user %s: user does not exist", dropToUser); + tslog("Could not drop to user %s: user does not exist", rlgwebd_options.username); process.exit(1); } /* This could be nonblocking, but nothing else can start yet anyway. */ -if (fs.existsSync(ctlsocket)) { - fs.unlinkSync(ctlsocket); +if (fs.existsSync(rlgwebd_options.control_socket)) { + fs.unlinkSync(rlgwebd_options.control_socket); } -var tls_options = { - key: fs.readFileSync(keyfile), - cert: fs.readFileSync(certfile), - ca: fs.readFileSync(cafile) +var tls_options = {}; +if (rlgwebd_options.use_https) { + tls_options.key = fs.readFileSync(rlgwebd_options.keyfile), + tls_options.cert = fs.readFileSync(rlgwebd_options.certfile), + tls_options.ca = fs.readFileSync(rlgwebd_options.cafile) }; /* Open the control socket before chrooting where it can't be found */ var ctlServer = net.createServer(function (sock) { sock.on('data', consoleHandler); }); -ctlServer.listen(ctlsocket, function () { +ctlServer.listen(rlgwebd_options.control_socket, function () { /* rlgwebd.js now assumes that it has been started by the rlgwebd shell * script, or some other method that detaches it and sets up stdio. */ /* chroot and drop permissions. posix.chroot() does chdir() itself. */ try { - posix.chroot(chrootDir); + posix.chroot(rlgwebd_options.chrootDir); } catch (err) { - tslog("chroot to %s failed: %s", chrootDir, err); + tslog("chroot to %s failed: %s", rlgwebd_options.chrootDir, err); process.exit(1); } try { @@ -1249,17 +1267,19 @@ process.exit(1); } httpServer = http.createServer(webHandler); - httpServer.listen(httpPort); - tslog('rlgwebd running on port %d', httpPort); + httpServer.listen(rlgwebd_options.http_port); + tslog('rlgwebd running on port %d', rlgwebd_options.http_port); wsServer = new WebSocketServer({"httpServer": httpServer}); wsServer.on("request", wsHandler); tslog('WebSockets are online'); + if (rlgwebd_options.use_https) { var httpsServer = https.createServer(tls_options, webHandler); - httpsServer.listen(httpsPort); - tslog('TLS running on port %d', httpsPort); - wssServer = new WebSocketServer({"httpServer": httpsServer}); - wssServer.on("request", wsHandler); - tslog('Secure WebSockets are online'); + httpsServer.listen(rlgwebd_options.https_port); + tslog('TLS running on port %d', rlgwebd_options.https_port); + wssServer = new WebSocketServer({"httpServer": httpsServer}); + wssServer.on("request", wsHandler); + tslog('Secure WebSockets are online'); + } progressWatcher = startProgressWatcher(); setInterval(pushStatus, 40000); });