chore: several improvements

Author: chrisbbreuer

bin/cli.ts

@@ -1,3 +1,4 @@
+import type { TlsOption } from '../src/types'
 import os from 'node:os'
 import { log } from '@stacksjs/cli'
 import { CAC } from 'cac'
@@ -7,35 +8,39 @@ import { config } from '../src/config'
 
 const cli = new CAC('tlsx')
 
-interface Options {
-  domain: string
-  output: string
-  key: string
-  cert: string
-  ca: string
-  verbose: boolean
-}
-
 cli
   .command('secure [domain]', 'Auto generate a self-signed SSL certificate/s')
-  .option('-d, --domain [domain]', 'Domain name', { default: 'localhost' })
-  .option('-o, --output <output>', 'Output directory', { default: os.tmpdir() })
-  .option('-k, --key <key>', 'Output key file name', { default: 'key.pem' })
-  .option('-c, --cert <cert>', 'Output certificate file name', { default: 'cert.pem' })
-  .option('-ca, --ca <ca>', 'Output CA file name', { default: 'ca.pem' })
-  .option('--verbose', 'Enable verbose logging', { default: false })
+  .option('-k, --key-path <key>', 'Output key file name', { default: config.keyPath })
+  .option('-c, --cert-path <cert>', 'Output certificate file name', { default: config.certPath })
+  .option('-ca, --ca-path <ca>', 'Output CA file name', { default: config.caCertPath })
+  .option('--alt-name-ips <ips>', 'Alternative Name IPs (comma-separated)', { default: config.altNameIPs.join(',') })
+  .option('--alt-name-uris <uris>', 'Alternative Name URIs (comma-separated)', { default: config.altNameURIs.join(',') })
+  .option('--common-name <name>', 'Common Name for the certificate', { default: config.commonName })
+  .option('--country-name <name>', 'Country Name for the certificate', { default: config.countryName })
+  .option('--state-name <name>', 'State Name for the certificate', { default: config.stateName })
+  .option('--locality-name <name>', 'Locality Name for the certificate', { default: config.localityName })
+  .option('--organization-name <name>', 'Organization Name for the certificate', { default: config.organizationName })
+  .option('--validity-days <days>', 'Validity Days for the certificate', { default: config.validityDays })
+  .option('--verbose', 'Enable verbose logging', { default: config.verbose })
   .usage('tlsx secure <domain> [options]')
   .example('tlsx secure example.com --output /etc/ssl')
-  .action(async (domain: string, options?: Options) => {
+  .action(async (domain: string, options?: TlsOption) => {
     domain = domain ?? config?.altNameURIs[0]
 
     log.info(`Generating a self-signed SSL certificate for: ${domain}`)
     log.debug('Options:', options)
 
     const caCert = await createRootCA()
     const hostCert = await generateCert({
-      hostCertCN: config?.commonName ?? domain,
+      hostCertCN: options?.commonName ?? config.commonName ?? domain,
       domain,
+      altNameIPs: typeof options?.altNameIPs === 'string' ? (options.altNameIPs as string).split(',') : config.altNameIPs,
+      altNameURIs: typeof options?.altNameURIs === 'string' ? (options.altNameURIs as string).split(',') : config.altNameURIs,
+      countryName: options?.countryName || config.countryName,
+      stateName: options?.stateName || config.stateName,
+      localityName: options?.localityName || config.localityName,
+      organizationName: options?.organizationName || config.organizationName,
+      validityDays: Number(options?.validityDays) || config.validityDays,
       rootCAObject: {
         certificate: caCert.certificate,
         privateKey: caCert.privateKey,

package.json

@@ -62,9 +62,9 @@
     "release": "bun run changelog && bunx bumpp package.json --all",
     "test": "bun test",
     "typecheck": "bun --bun tsc --noEmit",
-    "dev:docs": "vitepress dev docs",
-    "build:docs": "vitepress build docs",
-    "preview:docs": "vitepress preview docs"
+    "dev:docs": "bunx --bun vitepress dev docs",
+    "build:docs": "bunx --bun vitepress build docs",
+    "preview:docs": "bunx --bun vitepress preview docs"
   },
   "dependencies": {
     "@stacksjs/cli": "^0.68.2",

src/certificate.ts

@@ -24,7 +24,7 @@ export function getCertNotBefore(): Date {
   const year = twoDaysAgo.getFullYear()
   const month = (twoDaysAgo.getMonth() + 1).toString().padStart(2, '0')
   const day = twoDaysAgo.getDate().toString().padStart(2, '0')
-  return new Date(`${year}-${month}-${day}T00:00:00Z`)
+  return new Date(`${year}-${month}-${day}T23:59:59Z`)
 }
 
 /**

src/config.ts

@@ -1,13 +1,11 @@
 import type { TlsConfig } from './types'
 import os from 'node:os'
 import path from 'node:path'
-import process from 'node:process'
 import { loadConfig } from 'bun-config'
 
 // eslint-disable-next-line antfu/no-top-level-await
 export const config: TlsConfig = await loadConfig({
   name: 'tls',
-  cwd: process.cwd(),
   defaultConfig: {
     altNameIPs: ['127.0.0.1'],
     altNameURIs: ['localhost'],

src/types.ts

@@ -4,7 +4,7 @@ export interface TlsConfig {
   caCertPath: string
   certPath: string
   keyPath: string
-  rootCAObject: { certificate: string, privateKey: string }
+  rootCAObject?: { certificate: string, privateKey: string }
   altNameIPs: string[]
   altNameURIs: string[]
   commonName: string
@@ -13,6 +13,7 @@ export interface TlsConfig {
   localityName: string
   organizationName: string
   validityDays: number
+  verbose: boolean
 }
 
 export interface CertOption {

tls.config.ts

@@ -8,10 +8,6 @@ const config: TlsConfig = {
   caCertPath: path.join(os.homedir(), '.stacks', 'ssl', `tlsx.localhost.ca.crt`),
   certPath: path.join(os.homedir(), '.stacks', 'ssl', `tlsx.localhost.crt`),
   keyPath: path.join(os.homedir(), '.stacks', 'ssl', `tlsx.localhost.crt.key`),
-  rootCAObject: {
-    certificate: '',
-    privateKey: '',
-  },
   altNameIPs: ['127.0.0.1'],
   altNameURIs: ['localhost'],
   organizationName: 'stacksjs.org',