Adds https support; Fixes prod config

2025-09-11 05:46:28 +02:00 · 2021-11-23 22:55:03 +01:00
parent 02be480cca
commit 3ac9c72a8b
8 changed files with 134 additions and 45 deletions
--- a/src/config/prod.ts
+++ b/src/config/prod.ts
@@ -1,5 +1,6 @@
 const PORT = 4000
-const HOST = process.env.INTRANET_HOST || "fo.parisestludique.fr"
+const HOST =
+    __SERVER__ && !__DEV__ ? process.env.INTRANET_HOST || "fo.parisestludique.fr" : "localhost"

 export default {
    PORT,
--- a/src/routes/certbot.ts
+++ b/src/routes/certbot.ts
@@ -0,0 +1,15 @@
+/* Copyright Coplay. All Rights Reserved. Use of this source code is governed by an MIT-style license that can be found in the LICENSE file at https://coplay.org/colicense */
+import { NextFunction, Request, Response, Router } from "express"
+import * as path from "path"
+
+const certbotRouter: Router = Router()
+
+certbotRouter.use((request: Request, response: Response, _next: NextFunction) => {
+    const filename = request.originalUrl.replace(/.*\//, "")
+    const resolvedPath: string = path.resolve(`../certbot/.well-known/acme-challenge/${filename}`)
+    console.log("response", resolvedPath)
+    response.setHeader("Content-Type", "text/html")
+    return response.sendFile(resolvedPath)
+})
+
+export default certbotRouter
--- a/src/server/devServer.ts
+++ b/src/server/devServer.ts
@@ -1,8 +1,6 @@
 import { Express } from "express"
 import chalk from "chalk"

-import config from "../config"
-
 export default (app: Express): void => {
    const webpack = require("webpack")
    const webpackConfig = require("../../webpack/client.config").default
@@ -22,7 +20,6 @@ export default (app: Express): void => {
    )

    instance.waitUntilValid(() => {
-        const url = `http://${config.HOST}:${config.PORT}`
-        console.info(chalk.green(`==> 🌎  Listening at ${url}`))
+        console.info(chalk.green("webpack-dev-middleware activated"))
    })
 }
--- a/src/server/index.ts
+++ b/src/server/index.ts
@@ -6,10 +6,15 @@ import helmet from "helmet"
 import hpp from "hpp"
 import favicon from "serve-favicon"
 import chalk from "chalk"
+import * as http from "http"
+import * as https from "https"
+import * as fs from "fs"
+import _ from "lodash"

 import devServer from "./devServer"
 import ssr from "./ssr"

+import certbotRouter from "../routes/certbot"
 import { jeuJavListGet } from "../gsheets/jeuJav"
 import { envieListGet, envieAdd } from "../gsheets/envies"
 import { membreGet, membreSet } from "../gsheets/membres"
@@ -24,8 +29,13 @@ app.use(hpp())
 // Compress all requests
 app.use(compression())

+// Https with certbot and Let's Encrypt
+if (!__DEV__) {
+    app.use("/.well-known/acme-challenge", certbotRouter)
+}
+
 // Use for http request debug (show errors only)
-app.use(logger("dev", { skip: (_, res) => res.statusCode < 400 }))
+app.use(logger("dev", { skip: (_req, res) => res.statusCode < 400 }))
 app.use(favicon(path.resolve(process.cwd(), "public/favicon.ico")))
 app.use(express.static(path.resolve(process.cwd(), "public")))

@@ -43,7 +53,62 @@ app.post("/EnvieAdd", envieAdd)
 // Use React server-side rendering middleware
 app.get("*", ssr)

-// @ts-expect-error
-app.listen(config.PORT, config.HOST, (error) => {
-    if (error) console.error(chalk.red(`==> 😭  OMG!!! ${error}`))
+/**
+ * Create HTTP and HTTPS server.
+ */
+
+const servers = [{ protocol: "http", server: http.createServer(app) }]
+
+interface Cert {
+    key: string
+    cert: string
+}
+const certPaths: Cert[] = [
+    {
+        // Prod
+        key: "/root/certbot/config/live/fo.parisestludique.fr/privkey.pem",
+        cert: "/root/certbot/config/live/fo.parisestludique.fr/fullchain.pem",
+    },
+    {
+        // Local
+        key: "../certbot/key.pem",
+        cert: "../certbot/cert.pem",
+    },
+]
+const validCertPath: Cert | undefined = certPaths.find((certPath: Cert) =>
+    _.every(certPath, (pemPath: string) => fs.existsSync(pemPath))
+)
+if (validCertPath) {
+    const httpsOptions = _.mapValues(validCertPath, (pemPath: string) => fs.readFileSync(pemPath))
+
+    servers.push({ protocol: "https", server: https.createServer(httpsOptions, app) })
+}
+
+/**
+ * Listen on provided port, on all network interfaces.
+ */
+servers.forEach(({ protocol, server }) => {
+    server.listen(protocol === "http" ? config.PORT : <number>config.PORT + 2)
+    server.on("error", onError)
+    server.on("listening", () => onListening(server))
 })
+
+/**
+ * Event listener for HTTP server 'error' event.
+ */
+
+function onError(error: any) {
+    if (error) {
+        console.error(chalk.red(`==> 😭  OMG!!! ${error}`))
+    }
+}
+
+/**
+ * Event listener for HTTP server 'listening' event.
+ */
+
+function onListening(server: any) {
+    const addr = server.address()
+    const bind = typeof addr === "string" ? `pipe ${addr}` : `port ${addr.port}`
+    console.error(chalk.green(`\nServer listening on ${bind}`))
+}