First ssl real try and documentation update.

Seems to not working under node versions over 11.1.0 because of spdy bug: spdy-http2/node-spdy#350 Tested to work on node v10.16.3 Previous commits should work too (under node versions prior to 11.1.0). Code were ported from a working project and there is no reason for it to fail. This commit only improves error handling and completes documentation.
bitifet · Jan 10, 2020 · 1982e0b · 1982e0b
1 parent 5cb0677
commit 1982e0b
Show file tree

Hide file tree

Showing 3 changed files with 59 additions and 6 deletions.
diff --git a/README.md b/README.md
@@ -14,6 +14,7 @@ Webpack powered Express project boilerplate.
 <!-- vim-markdown-toc GitLab -->
 
 * [Setup](#setup)
+    * [Enable SSL](#enable-ssl)
 * [Goals](#goals)
     * [History API based routing](#history-api-based-routing)
     * [Clever, plain and manageable project structure](#clever-plain-and-manageable-project-structure)
@@ -68,9 +69,27 @@ Check:
 sudo mkdir -p /etc/<brand>/<name>
 npm start config-file-template | sudo tee /etc/<brand>/<name>/<name>.yaml
 ```
-
 ...where ``<brand>`` and ``<name>`` are those you've chosen in previous step.
 
+This will create a full configuration file with some default values.
+
+Edit it and adjust as you need.
+
+> 📌 **Handling configuration tip**
+> 
+> At the top of that file you will find the *useDefaults* set to `false`.
+> 
+> I recommend you to switch it to `true` and comment out all sections that you
+> don't need to change.
+> 
+> Previous `npm start config-file-template` command uses
+> *Server/etc/config.sample.js* to generate its output.
+> 
+> As project grows and you need to add more configuration options/sections, best
+> practice is to add its default values to that file so all instances of your
+> project having *useDefaults* set to `true`, will automatically load that
+> default values unless explicitly overridden.
+
 
 5. Start playing...
 
@@ -86,6 +105,32 @@ And open ``http://localhost:1080`` in your preferred browser.
 > You can also modify your project default en `models/www.js`.
 
 
+### Enable SSL
+
+In order to enable SSL (https protocol) you will need a valid SSL certificate.
+
+Meanwhile you can create a self-signed one with the following command.
+
+    openssl req -nodes -new -x509 -keyout private.key -out public.cert
+
+Next, edit your configuration file and uncomment the `www -> files` section.
+
+> 📌 In case of not having one, run `npm start config-file-template` and copy
+> it from its output.
+
+You can change paths if you prefer. Either case you will net to place required
+files in order to SSL work.
+
+Finally, in the section `www -> protocols`, uncomment the row corresponding to
+'h2' (or 'http2': both are synonyms) protocol to enable it.
+
+> 📌 Only in case you really need it, enable 'https' instead: http2 works
+> always over ssl and is supposed to be backward compatible with https for all
+> browsers not supporting it.
+
+You will need to restart the server after those changes.
+
+
 Goals
 -----
 

diff --git a/Server/etc/config.sample.js b/Server/etc/config.sample.js
@@ -1,5 +1,5 @@
 const Path = require("path");
-const {name, cfgFile} = require("@models/app.js");
+const {name, cfgFile, cfgPath} = require("@models/app.js");
 module.exports = (
 /* @@yaml@@ */
 `# ${name.toUpperCase()} configuration file
@@ -16,6 +16,12 @@ module.exports = (
       http: 1080
       # https: 1443
       # h2: 1443
+    # files:
+    #     privateKey: ${cfgPath}/ssl/private.key
+    #     certificate: ${cfgPath}/ssl/public.cert
+    #     # HINT: You will need to get a valid SSL certificate files.
+    #     #   Meanwhile you can create a self-signed pair using following command:
+    #     #   openssl req -nodes -new -x509 -keyout private.key -out public.cert
   db:
     exposito:
       type: "postgresql"

diff --git a/Server/main/www.js b/Server/main/www.js
@@ -3,6 +3,7 @@
  * Module dependencies.
  */
 
+const Fs = require('fs');
 const {name} = require('@models/app');
 const model = require('@models/www');
 const app = require('./app');
@@ -42,9 +43,11 @@ const servers = Object.keys(model.protocols).map(function(protocol){
         };
         var args = [app];
         if (protocol != 'http') {
+            const {privateKey, certificate} = model.files || {};
+            if (! privateKey || ! certificate) throw "SSL Key or Cert file not specified";
             args.unshift({
-                key: model.files.privateKey,
-                cert: model.files.certificate,
+                key: String(Fs.readFileSync(privateKey, 'utf8')),
+                cert: String(Fs.readFileSync(certificate, 'utf8')),
             });
         };
 
@@ -59,8 +62,7 @@ const servers = Object.keys(model.protocols).map(function(protocol){
         }
 
     } catch (err) {
-        console.error("Unsuported protocol: " + protocol);
-        process.exit(1);
+        onError(err);
     };
 });