Skip to content

Commit 77f7b63

Browse files
64json64json
committed
Configure certbot automatically
1 parent 8307c5d commit 77f7b63

File tree

3 files changed

+40
-13
lines changed

3 files changed

+40
-13
lines changed

.env.production

Lines changed: 4 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -1,2 +1,6 @@
11
CREDENTIALS_ENABLED = 1
2+
CREDENTIALS_PATH = ~/.certbot/config/live/algorithm-visualizer.org
3+
CREDENTIALS_CA = fullchain.pem
4+
CREDENTIALS_KEY = privkey.pem
5+
CREDENTIALS_CERT = cert.pem
26
WEBHOOK_ENABLED = 1

certbot.ini

Lines changed: 7 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -0,0 +1,7 @@
1+
config-dir = ~/.certbot/config
2+
work-dir = ~/.certbot/work
3+
logs-dir = ~/.certbot/logs
4+
email = jason.park@gatech.edu
5+
authenticator = webroot
6+
webroot-path = ~/server/public/frontend-built
7+
domains = algorithm-visualizer.org

src/config/environments.ts

Lines changed: 29 additions & 13 deletions
Original file line numberDiff line numberDiff line change
@@ -1,15 +1,11 @@
11
import fs from 'fs';
22
import { ServerOptions } from 'https';
33
import path from 'path';
4+
import { spawn } from 'child_process';
5+
import { rootDir } from 'config/paths';
46

57
require('dotenv-flow').config();
68

7-
declare var process: {
8-
env: {
9-
[key: string]: string,
10-
}
11-
};
12-
139
const {
1410
NODE_ENV,
1511

@@ -30,7 +26,9 @@ const {
3026

3127
AWS_ACCESS_KEY_ID,
3228
AWS_SECRET_ACCESS_KEY,
33-
} = process.env;
29+
} = process.env as {
30+
[key: string]: string,
31+
};
3432

3533
const isEnabled = (v: string) => v === '1';
3634

@@ -67,12 +65,30 @@ export const webhookOptions = isEnabled(WEBHOOK_ENABLED) ? {
6765
secret: WEBHOOK_SECRET,
6866
} : undefined;
6967

70-
const readCredentials = (file: string) => fs.readFileSync(path.resolve(CREDENTIALS_PATH, file));
71-
export const credentials: ServerOptions | undefined = isEnabled(CREDENTIALS_ENABLED) ? {
72-
ca: readCredentials(CREDENTIALS_CA),
73-
key: readCredentials(CREDENTIALS_KEY),
74-
cert: readCredentials(CREDENTIALS_CERT),
75-
} : undefined;
68+
export let credentials: ServerOptions | undefined;
69+
if (isEnabled(CREDENTIALS_ENABLED)) {
70+
if (fs.existsSync(CREDENTIALS_PATH)) {
71+
const readCredentials = (file: string) => fs.readFileSync(path.resolve(CREDENTIALS_PATH, file));
72+
credentials = {
73+
ca: readCredentials(CREDENTIALS_CA),
74+
key: readCredentials(CREDENTIALS_KEY),
75+
cert: readCredentials(CREDENTIALS_CERT),
76+
};
77+
} else {
78+
const certbotIniPath = path.resolve(rootDir, 'certbot.ini');
79+
const childProcess = spawn('certbot', ['certonly', '--non-interactive', '--agree-tos', '--config', certbotIniPath]);
80+
childProcess.stdout.pipe(process.stdout);
81+
childProcess.stderr.pipe(process.stderr);
82+
childProcess.on('error', console.error);
83+
childProcess.on('exit', code => {
84+
if (code === 0) {
85+
process.exit(0);
86+
} else {
87+
console.error(new Error(`certbot failed with exit code ${code}.`));
88+
}
89+
});
90+
}
91+
}
7692

7793
export const githubClientId = GITHUB_CLIENT_ID;
7894
export const githubClientSecret = GITHUB_CLIENT_SECRET;

0 commit comments

Comments
 (0)
pFad - Phonifier reborn

Pfad - The Proxy pFad of © 2024 Garber Painting. All rights reserved.

Note: This service is not intended for secure transactions such as banking, social media, email, or purchasing. Use at your own risk. We assume no liability whatsoever for broken pages.


Alternative Proxies:

Alternative Proxy

pFad Proxy

pFad v3 Proxy

pFad v4 Proxy