From 90e64408afcfcfa0b8b7c244ad9d60769580bdce Mon Sep 17 00:00:00 2001 From: Danilo Hoffmann Date: Wed, 15 Jan 2020 14:05:13 +0100 Subject: [PATCH] feat: HTTPS deployment for universal server (#99) --- dist/.gitignore | 2 ++ dist/server.crt | 23 +++++++++++++++++++++++ dist/server.key | 28 ++++++++++++++++++++++++++++ server.ts | 26 ++++++++++++++++++-------- 4 files changed, 71 insertions(+), 8 deletions(-) create mode 100644 dist/server.crt create mode 100644 dist/server.key diff --git a/dist/.gitignore b/dist/.gitignore index 7fd7aa6c38..9b877d90bd 100644 --- a/dist/.gitignore +++ b/dist/.gitignore @@ -3,3 +3,5 @@ !/*.sh !/healthcheck.js !/robots.txt +!/server.crt +!/server.key diff --git a/dist/server.crt b/dist/server.crt new file mode 100644 index 0000000000..3c16edbe0e --- /dev/null +++ b/dist/server.crt @@ -0,0 +1,23 @@ +-----BEGIN CERTIFICATE----- +MIIDxDCCAqygAwIBAgIJAJYvMbbAjzehMA0GCSqGSIb3DQEBCwUAMIGNMQswCQYD +VQQGEwJERTELMAkGA1UECAwCVEgxDTALBgNVBAcMBEplbmExEjAQBgNVBAoMCUlu +dGVyc2hvcDEUMBIGA1UECwwLRW5naW5lZXJpbmcxJDAiBgkqhkiG9w0BCQEWFXN1 +cHBvcnRAaW50ZXJzaG9wLmNvbTESMBAGA1UEAwwJbG9jYWxob3N0MB4XDTIwMDEx +NDA4NDExOVoXDTIxMDExMzA4NDExOVowgY0xCzAJBgNVBAYTAkRFMQswCQYDVQQI +DAJUSDENMAsGA1UEBwwESmVuYTESMBAGA1UECgwJSW50ZXJzaG9wMRQwEgYDVQQL +DAtFbmdpbmVlcmluZzEkMCIGCSqGSIb3DQEJARYVc3VwcG9ydEBpbnRlcnNob3Au +Y29tMRIwEAYDVQQDDAlsb2NhbGhvc3QwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAw +ggEKAoIBAQDRXcHHCh2XNXdsH3zy8OQK+T6H6K29HoRus0wzv8Hp8jSbdOrF2RuH +9EeEbdrZe+EXhiuLGg76xvxD1dLwANA5fgVIo0/nrIR7Hj1m3fAFiKGBPNSCF0UX +P9ljWPH0U6WhHVcb+EinQdISQHObT0/OLefPZDQg5ymlZV/+fvlBV0hFkBvpSO30 +541EjUm3BubwvyciREOo1PKxnhAyUAZd7SjdM5+ORjfCX3GutTLIv7+XKUABHJ9f +AzJ8uig60hpcsx2cceNlTQ92uEReT5qAadDwLDwVNl5DZ2jhUvjhVlZZWHtW045D +YxCbxCjnanbn+0cydsgSxv9zvMxwB+x1AgMBAAGjJTAjMCEGA1UdEQQaMBiCCyou +bG9jYWxob3N0gglsb2NhbGhvc3QwDQYJKoZIhvcNAQELBQADggEBAA55lAtHrxzS +095HRl/5PQ/M1zUjgOUvLlR5WKKxdzU/nbc/n8wuZqfPL4CHD7s8EJ442yvw+WgP +mqaiXlPBqDCQkrDgHwWnjyT7ndrl7N52bKue14i32nTlsLn/pf+FOMoDnimghQeL +DqFzcLkHacgaxIHt5A0xy3cU/64gMeiL52V+PrgQCD4heeimIjtxGAB4c97GB7TR +FIkk2a4iUzHs5NEv60hKm+Ksgw48wI/jHrCfcxvXJ07f5Qt57IjZkoNmCEq6NX0V +5vvneRQjdFiprE/uiFusdSYGV1Hz2E9HrY0x/LLseS+CGWTBUlWZkOZTpdsnaqDh +DTNpH0moNzI= +-----END CERTIFICATE----- diff --git a/dist/server.key b/dist/server.key new file mode 100644 index 0000000000..5261b2d0c6 --- /dev/null +++ b/dist/server.key @@ -0,0 +1,28 @@ +-----BEGIN PRIVATE KEY----- +MIIEvwIBADANBgkqhkiG9w0BAQEFAASCBKkwggSlAgEAAoIBAQDRXcHHCh2XNXds +H3zy8OQK+T6H6K29HoRus0wzv8Hp8jSbdOrF2RuH9EeEbdrZe+EXhiuLGg76xvxD +1dLwANA5fgVIo0/nrIR7Hj1m3fAFiKGBPNSCF0UXP9ljWPH0U6WhHVcb+EinQdIS +QHObT0/OLefPZDQg5ymlZV/+fvlBV0hFkBvpSO30541EjUm3BubwvyciREOo1PKx +nhAyUAZd7SjdM5+ORjfCX3GutTLIv7+XKUABHJ9fAzJ8uig60hpcsx2cceNlTQ92 +uEReT5qAadDwLDwVNl5DZ2jhUvjhVlZZWHtW045DYxCbxCjnanbn+0cydsgSxv9z +vMxwB+x1AgMBAAECggEAWZmFR3g1x7NzA0vKfnHHNkcKksFqMShxRqrm7rKe+07T +YsA7hSZv2NQbEzqsUSzp3NZnpiUlyf8EkMdeeaXvdttOyZJSrPQw0jvTzUUn5kZd +z+BHldD9mYCSuSiki4qMtJHI6Mht116c14DLuOjNX5BXx3K7uGUVdpoW5eRTKbm5 +X4UIfa8eBtfZA063mc00/RC5s1AM4rBCr+p4xsQLOL1G4YBQk9Tdjme2VNjML37N +HYPLTjE5tALvyDYSscAW4hXCdzzJh8JErOWw+E8W5OkkCc8eUsfw1vAovbOaJw9Y +400Xd8ABXpJwYyg2WADwN3NGyoCFzJHj7J15nFlFQQKBgQDz8+8oIRhhlD8BNrgD +xc0xExGcXZ5GhVQ14Xp4YBxpnXWiE5mlORJczfBfk8vwWtH5qdC7JkZsTEy/vJvu +HglORDxYKNaHVnJNrVvhnjPICudOvaI8yLDlz5d7++3ddV/K6Hv4blXN10BYJS0B +OjGTzUtiYZ6PtwK6PwgEXrkEBQKBgQDbtJOd6aeepGLHCzv1dcb6rQo0+mTC+vwC +uB9/Ym/DTKSeuNBsQuqDEosMjOwLCB7RpzOU2wOxLU3y76yCBVHHC+O0EqI1FmxP +UQ5+GLWJflX3d+zWkEp5PQwIexMD8I3hNNbBBcJHtJnTflo+C9hFKGa5rAVxwGaN +rIUK3VGhsQKBgQClSb3cvq+6TatysxRy2e5xNa5U98lplqS77Q4ByXz2wk0Vh5ou +rECYyJ/44jbnn2Fte3WFmCVW80t9DdnIuGktsmYAhYr1H8lKgA8lCv+ipmCapTnr +XT8eNk05IDTGO+Svol18saVJVnKuRmH71uYIcqyE+Adq8GDUuChCbbuF0QKBgQCi +ilyvdh55InqlcS1BsomsCPrFKP4EtjRdOqSq1EOFBB3CA07G2Vav87cFaPh0TOSo +DH//v2xi1vaVJTXF13Ohw60JGsQAbH9iyr/jEBq2Bs5Iz+Na9dLzEPPnDk6KGpyM +oU/D66PI8tbe/dp7jr3IpFQjRx2cA1CbvaeL2yK6cQKBgQCiuWwjsi0NhmWDPEIe +09PWiJ8ZsZpvAqRs32qM3erskcRwzvxmegbtTByvP59kTmwiGHkquotmN5ifqJHe +2let3V6NCMEZ0qU6LKG6GTBaBZhHuHzuyPBhDW/6i1qZZxRNV73HteluQgXWkmVQ +UZoOi8uheodOmR4V9Mf9MREUmg== +-----END PRIVATE KEY----- diff --git a/server.ts b/server.ts index f27fe34f7f..46df7b9c74 100644 --- a/server.ts +++ b/server.ts @@ -110,11 +110,21 @@ app.get('*', (req: express.Request, res: express.Response) => { ); }); -// Start up the Node server -app.listen(PORT, () => { - console.log(`Node Express server listening on http://localhost:${PORT}`); - const icmBaseUrl = process.env.ICM_BASE_URL; - if (icmBaseUrl) { - console.log('ICM_BASE_URL is', icmBaseUrl); - } -}); +if (process.env.SSL) { + const https = require('https'); + const privateKey = fs.readFileSync(join(DIST_FOLDER, 'server.key'), 'utf8'); + const certificate = fs.readFileSync(join(DIST_FOLDER, 'server.crt'), 'utf8'); + const credentials = { key: privateKey, cert: certificate }; + + https.createServer(credentials, app).listen(PORT); + + console.log(`Node Express server listening on https://${require('os').hostname()}:${PORT}`); +} else { + const http = require('http'); + + http.createServer(app).listen(PORT); + + console.log(`Node Express server listening on http://${require('os').hostname()}:${PORT}`); +} + +console.log('ICM_BASE_URL is', ICM_BASE_URL);