UNPKG

xfwd

Version:

github.com/Ty4ka/xfwd

Ty4ka/xfwd

126 lines 4.51 kB
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
/* tslint:disable:no-console */ import path from 'path'; import httpProxy from 'http-proxy'; import greenlock from 'greenlock-express'; import { ensureDirectoryExistence, saveText } from 'fs-extreme'; import { requiresTrySimport } from 'esm-requirer'; class XfwdServer { constructor(s) { this._settings = { sslConfigPath: path.join(s.appPath, 'greenlock.d'), ...s }; } async start() { const { email, appPath, sslConfigPath: sslConfigDir } = this._settings; const newSsl = await this.greenlock(); greenlock .init({ packageRoot: appPath, // contact for security and critical bug notices maintainerEmail: email, // where to look for configuration configDir: sslConfigDir, // whether or not to run at cloudscale cluster: false }) // Serves on 80 and 443 // Get's SSL certificates magically! .serve((glx) => this.httpsWorker(glx)); return newSsl; } httpsWorker(glx) { const { xfwdDomains } = this._settings; // we need the raw https server const server = glx.httpsServer(); const proxy = httpProxy.createProxyServer({ xfwd: true }); // catches error events during proxying proxy.on('error', (err, req, res) => { // console.error(err) try { ; res.statusCode = 500; res.end(); return; } catch (e) { console.log(e); } }); // We'll proxy websockets too server.on('upgrade', async (req, socket, head) => { try { const hostname = (req.hostname || req.host)?.toLowerCase(); const xfwdDomain = xfwdDomains[hostname]; if (xfwdDomain) { proxy.ws(req, socket, head, { ws: true, target: `ws://0.0.0.0:${xfwdDomain.port}` }); } } catch (e) { console.log(e); } }); // servers a node app that proxies requests to a localhost glx.serveApp(async (req, res) => { try { const hostname = (req.hostname || req.host)?.toLowerCase(); const xfwdDomain = xfwdDomains[hostname]; if (xfwdDomain) { proxy.web(req, res, { target: `http://0.0.0.0:${xfwdDomain.port}` }); } } catch (e) { console.log(e); } }); } async greenlock() { const { email, xfwdDomains, sslConfigPath } = this._settings; const greenlockPath = path.join(sslConfigPath, 'config.json'); ensureDirectoryExistence(greenlockPath); const config = (await requiresTrySimport({ modulesPaths: [greenlockPath] }))[0]; const greenlockConfig = { defaults: { store: { module: 'greenlock-store-fs' }, challenges: { 'http-01': { module: 'acme-http-01-standalone' } }, renewOffset: '-45d', renewStagger: '3d', accountKeyType: 'EC-P256', serverKeyType: 'RSA-2048', subscriberEmail: email || 'a@b.com' }, sites: [], ...config }; greenlockConfig.sites = (greenlockConfig.sites || []).filter((site) => xfwdDomains[site.subject]); const newSsl = []; for (const hostKey in xfwdDomains) { if (greenlockConfig.sites.some((site) => hostKey === site.subject)) { continue; } newSsl.push(hostKey); greenlockConfig.sites.push({ subject: hostKey, altnames: [hostKey], renewAt: 1 }); } await saveText(greenlockPath, JSON.stringify(greenlockConfig, null, 2)); return { newSsl, sites: greenlockConfig.sites }; } } export { XfwdServer }; //# sourceMappingURL=index.js.map