2016-06-18 14:03:46 +00:00
|
|
|
"use strict";
|
2016-07-21 12:58:05 +00:00
|
|
|
const plugins = require("./cert.plugins");
|
|
|
|
const paths = require("./cert.paths");
|
2016-07-12 16:00:08 +00:00
|
|
|
;
|
2016-07-21 12:58:05 +00:00
|
|
|
class Cert {
|
|
|
|
/**
|
|
|
|
* Constructor for Cert object
|
|
|
|
*/
|
|
|
|
constructor(optionsArg) {
|
|
|
|
this.domainsCurrentlyRequesting = [];
|
|
|
|
/**
|
|
|
|
* Pulls already requested certificates from git origin
|
|
|
|
*/
|
|
|
|
this.sslGitOriginPull = () => {
|
|
|
|
if (this._gitOriginRepo) {
|
|
|
|
plugins.smartgit.pull(this._sslDir, "origin", "master");
|
2016-07-04 02:56:49 +00:00
|
|
|
}
|
|
|
|
};
|
2016-07-21 12:58:05 +00:00
|
|
|
/**
|
|
|
|
* Pushes all new requested certificates to git origin
|
|
|
|
*/
|
|
|
|
this.sslGitOriginAddCommitPush = () => {
|
|
|
|
if (this._gitOriginRepo) {
|
|
|
|
plugins.smartgit.add.addAll(this._sslDir);
|
|
|
|
plugins.smartgit.commit(this._sslDir, "added new SSL certificates and deleted obsolete ones.");
|
|
|
|
plugins.smartgit.push(this._sslDir, "origin", "master");
|
2016-07-04 02:56:49 +00:00
|
|
|
}
|
|
|
|
};
|
2016-06-28 07:32:01 +00:00
|
|
|
this._cfEmail = optionsArg.cfEmail;
|
|
|
|
this._cfKey = optionsArg.cfKey;
|
|
|
|
this._sslDir = optionsArg.sslDir;
|
2016-07-04 02:56:49 +00:00
|
|
|
this._gitOriginRepo = optionsArg.gitOriginRepo;
|
2016-07-04 06:41:58 +00:00
|
|
|
this._testMode = optionsArg.testMode;
|
|
|
|
// write hook config
|
2016-07-21 12:58:05 +00:00
|
|
|
let config = {
|
2016-06-28 07:32:01 +00:00
|
|
|
cfEmail: this._cfEmail,
|
|
|
|
cfKey: this._cfKey
|
2016-06-22 11:22:09 +00:00
|
|
|
};
|
2016-06-28 03:53:49 +00:00
|
|
|
plugins.smartfile.memory.toFsSync(JSON.stringify(config), plugins.path.join(__dirname, "assets/config.json"));
|
2016-07-13 10:09:34 +00:00
|
|
|
// setup sslDir
|
|
|
|
if (!this._sslDir)
|
|
|
|
this._sslDir = paths.defaultSslDir;
|
2016-07-04 06:41:58 +00:00
|
|
|
// setup Git
|
2016-07-04 02:56:49 +00:00
|
|
|
if (this._gitOriginRepo) {
|
|
|
|
plugins.smartgit.init(this._sslDir);
|
|
|
|
plugins.smartgit.remote.add(this._sslDir, "origin", this._gitOriginRepo);
|
|
|
|
this.sslGitOriginPull();
|
|
|
|
}
|
2016-07-04 06:41:58 +00:00
|
|
|
// setup leSh config;
|
2016-07-21 12:58:05 +00:00
|
|
|
let leShConfigString;
|
2016-07-04 06:41:58 +00:00
|
|
|
if (this._testMode) {
|
2016-07-21 12:58:05 +00:00
|
|
|
leShConfigString = `CA="https://acme-staging.api.letsencrypt.org/directory"\n`;
|
2016-07-04 06:41:58 +00:00
|
|
|
}
|
|
|
|
else {
|
|
|
|
leShConfigString = " ";
|
|
|
|
}
|
|
|
|
;
|
|
|
|
plugins.smartfile.memory.toFsSync(leShConfigString, paths.leShConfig);
|
2016-07-21 12:58:05 +00:00
|
|
|
plugins.shelljs.exec("chmod 700 " + paths.letsencryptSh);
|
|
|
|
plugins.shelljs.exec("chmod 700 " + paths.certHook);
|
|
|
|
plugins.shelljs.exec(`bash -c "${paths.letsencryptSh}`);
|
2016-06-18 14:03:46 +00:00
|
|
|
}
|
|
|
|
;
|
2016-07-21 12:58:05 +00:00
|
|
|
/**
|
|
|
|
* gets a ssl cert for a given domain
|
|
|
|
*/
|
|
|
|
getDomainCert(domainNameArg, optionsArg = { force: false }) {
|
|
|
|
let done = plugins.q.defer();
|
2016-07-04 06:41:58 +00:00
|
|
|
if (!checkDomainsStillValid(domainNameArg, this._sslDir) || optionsArg.force) {
|
|
|
|
plugins.smartfile.fs.ensureDir(paths.certDir);
|
2016-07-21 12:58:05 +00:00
|
|
|
plugins.beautylog.info(`getting cert for ${domainNameArg}`);
|
|
|
|
plugins.shelljs.exec(`bash -c "${paths.letsencryptSh} -c --no-lock -f ${paths.leShConfig} -d ${domainNameArg} -t dns-01 -k ${paths.certHook} -o ${paths.certDir}"`, {
|
|
|
|
silent: true,
|
|
|
|
async: true
|
|
|
|
}, (codeArg, stdoutArg) => {
|
|
|
|
console.log(stdoutArg);
|
|
|
|
let fetchedCertsArray = plugins.smartfile.fs.listFoldersSync(paths.certDir);
|
|
|
|
if (fetchedCertsArray.indexOf(domainNameArg) != -1) {
|
|
|
|
updateSslDirSync(this._sslDir, domainNameArg);
|
|
|
|
plugins.smartfile.fs.removeSync(plugins.path.join(paths.certDir, domainNameArg));
|
|
|
|
}
|
|
|
|
done.resolve();
|
|
|
|
});
|
2016-06-28 03:53:49 +00:00
|
|
|
}
|
|
|
|
else {
|
|
|
|
plugins.beautylog.info("certificate for " + domainNameArg + " is still valid! Not fetching new one!");
|
|
|
|
done.resolve();
|
|
|
|
}
|
2016-07-04 02:56:49 +00:00
|
|
|
;
|
2016-06-22 11:22:09 +00:00
|
|
|
return done.promise;
|
2016-07-21 12:58:05 +00:00
|
|
|
}
|
2016-06-18 14:03:46 +00:00
|
|
|
;
|
2016-07-21 12:58:05 +00:00
|
|
|
cleanOldCertificates() {
|
|
|
|
}
|
2016-07-04 06:41:58 +00:00
|
|
|
;
|
2016-07-21 12:58:05 +00:00
|
|
|
}
|
2016-06-18 14:03:46 +00:00
|
|
|
exports.Cert = Cert;
|
2016-07-21 12:58:05 +00:00
|
|
|
class Certificate {
|
|
|
|
constructor() {
|
2016-06-18 14:03:46 +00:00
|
|
|
}
|
|
|
|
;
|
2016-07-21 12:58:05 +00:00
|
|
|
}
|
2016-06-18 14:03:46 +00:00
|
|
|
exports.Certificate = Certificate;
|
2016-07-21 12:58:05 +00:00
|
|
|
let checkDomainsStillValid = (domainNameArg, sslDirArg) => {
|
|
|
|
let domainConfigPath = plugins.path.join(sslDirArg, domainNameArg, "config.json");
|
2016-07-04 06:41:58 +00:00
|
|
|
if (plugins.smartfile.fs.fileExistsSync(domainConfigPath)) {
|
2016-07-21 12:58:05 +00:00
|
|
|
let domainConfig = plugins.smartfile.fs.toObjectSync(domainConfigPath, "json");
|
2016-07-04 06:41:58 +00:00
|
|
|
if (Date.now() >= ((domainConfig.expires - 604800) * 1000)) {
|
|
|
|
return false;
|
|
|
|
}
|
|
|
|
else {
|
|
|
|
return true;
|
|
|
|
}
|
|
|
|
}
|
|
|
|
else {
|
|
|
|
return false;
|
|
|
|
}
|
2016-06-28 03:53:49 +00:00
|
|
|
};
|
2016-07-21 12:58:05 +00:00
|
|
|
let updateSslDirSync = (sslDirArg, domainNameArg) => {
|
2016-06-28 07:32:01 +00:00
|
|
|
plugins.smartfile.fs.ensureDirSync(sslDirArg);
|
2016-07-21 12:58:05 +00:00
|
|
|
let domainCertFolder = plugins.path.join(paths.certDir, domainNameArg);
|
2016-06-28 07:32:01 +00:00
|
|
|
if (plugins.smartfile.fs.listFoldersSync(paths.certDir).indexOf(domainNameArg) != -1) {
|
|
|
|
plugins.smartfile.fs.copySync(plugins.path.join(domainCertFolder, "fullchain.pem"), plugins.path.join(sslDirArg, domainNameArg, "fullchain.pem"));
|
|
|
|
plugins.smartfile.fs.copySync(plugins.path.join(domainCertFolder, "privkey.pem"), plugins.path.join(sslDirArg, domainNameArg, "privkey.pem"));
|
|
|
|
// create cert config
|
2016-07-21 12:58:05 +00:00
|
|
|
let certRegex = /.*\-([0-9]*)\.pem/;
|
|
|
|
let certFileNameWithTime = plugins.smartfile.fs.listFilesSync(domainCertFolder, certRegex)[0];
|
|
|
|
let certTime = parseInt(certRegex.exec(certFileNameWithTime)[1]);
|
|
|
|
let certConfig = {
|
2016-06-28 07:32:01 +00:00
|
|
|
domainName: domainNameArg,
|
|
|
|
created: certTime,
|
|
|
|
expires: certTime + 7776000
|
|
|
|
};
|
2016-07-04 06:41:58 +00:00
|
|
|
plugins.smartfile.memory.toFsSync(JSON.stringify(certConfig), plugins.path.join(sslDirArg, domainNameArg, "config.json"));
|
2016-06-28 07:32:01 +00:00
|
|
|
}
|
|
|
|
;
|
2016-06-28 03:53:49 +00:00
|
|
|
};
|
2016-07-21 12:58:05 +00:00
|
|
|
let updateGitOrigin = (syncDirectionArg) => {
|
2016-06-28 03:53:49 +00:00
|
|
|
};
|
2016-07-04 02:56:49 +00:00
|
|
|
updateGitOrigin(0 /* toOrigin */);
|
2016-07-21 12:58:05 +00:00
|
|
|
//# sourceMappingURL=data:application/json;base64,eyJ2ZXJzaW9uIjozLCJmaWxlIjoiaW5kZXguanMiLCJzb3VyY2VSb290IjoiIiwic291cmNlcyI6WyIuLi90cy9pbmRleC50cyJdLCJuYW1lcyI6W10sIm1hcHBpbmdzIjoiO0FBQUEsTUFBWSxPQUFPLFdBQU0sZ0JBQWdCLENBQUMsQ0FBQTtBQUMxQyxNQUFZLEtBQUssV0FBTSxjQUFjLENBQUMsQ0FBQTtBQVFyQyxDQUFDO0FBRUY7SUFVSTs7T0FFRztJQUNILFlBQVksVUFBa0M7UUFQOUMsK0JBQTBCLEdBQWEsRUFBRSxDQUFDO1FBOEMxQzs7V0FFRztRQUNILHFCQUFnQixHQUFHO1lBQ2YsRUFBRSxDQUFDLENBQUMsSUFBSSxDQUFDLGNBQWMsQ0FBQyxDQUFDLENBQUM7Z0JBQ3RCLE9BQU8sQ0FBQyxRQUFRLENBQUMsSUFBSSxDQUFDLElBQUksQ0FBQyxPQUFPLEVBQUUsUUFBUSxFQUFFLFFBQVEsQ0FBQyxDQUFDO1lBQzVELENBQUM7UUFDTCxDQUFDLENBQUM7UUFFRjs7V0FFRztRQUNILDhCQUF5QixHQUFHO1lBQ3hCLEVBQUUsQ0FBQyxDQUFDLElBQUksQ0FBQyxjQUFjLENBQUMsQ0FBQyxDQUFDO2dCQUN0QixPQUFPLENBQUMsUUFBUSxDQUFDLEdBQUcsQ0FBQyxNQUFNLENBQUMsSUFBSSxDQUFDLE9BQU8sQ0FBQyxDQUFDO2dCQUMxQyxPQUFPLENBQUMsUUFBUSxDQUFDLE1BQU0sQ0FBQyxJQUFJLENBQUMsT0FBTyxFQUFFLHVEQUF1RCxDQUFDLENBQUM7Z0JBQy9GLE9BQU8sQ0FBQyxRQUFRLENBQUMsSUFBSSxDQUFDLElBQUksQ0FBQyxPQUFPLEVBQUUsUUFBUSxFQUFFLFFBQVEsQ0FBQyxDQUFDO1lBQzVELENBQUM7UUFDTCxDQUFDLENBQUM7UUF4REUsSUFBSSxDQUFDLFFBQVEsR0FBRyxVQUFVLENBQUMsT0FBTyxDQUFDO1FBQ25DLElBQUksQ0FBQyxNQUFNLEdBQUcsVUFBVSxDQUFDLEtBQUssQ0FBQztRQUMvQixJQUFJLENBQUMsT0FBTyxHQUFHLFVBQVUsQ0FBQyxNQUFNLENBQUM7UUFDakMsSUFBSSxDQUFDLGNBQWMsR0FBRyxVQUFVLENBQUMsYUFBYSxDQUFDO1FBQy9DLElBQUksQ0FBQyxTQUFTLEdBQUcsVUFBVSxDQUFDLFFBQVEsQ0FBQztRQUNyQyxvQkFBb0I7UUFDcEIsSUFBSSxNQUFNLEdBQUc7WUFDVCxPQUFPLEVBQUUsSUFBSSxDQUFDLFFBQVE7WUFDdEIsS0FBSyxFQUFFLElBQUksQ0FBQyxNQUFNO1NBQ3JCLENBQUE7UUFDRCxPQUFPLENBQUMsU0FBUyxDQUFDLE1BQU0sQ0FBQyxRQUFRLENBQzdCLElBQUksQ0FBQyxTQUFTLENBQUMsTUFBTSxDQUFDLEVBQ3RCLE9BQU8sQ0FBQyxJQUFJLENBQUMsSUFBSSxDQUFDLFNBQVMsRUFBRSxvQkFBb0IsQ0FBQyxDQUNyRCxDQUFDO1FBQ0YsZUFBZTtRQUNmLEVBQUUsQ0FBQyxDQUFDLENBQUMsSUFBSSxDQUFDLE9BQU8sQ0FBQztZQUFDLElBQUksQ0FBQyxPQUFPLEdBQUcsS0FBSyxDQUFDLGFBQWEsQ0FBQztRQUN0RCxZQUFZO1FBQ1osRUFBRSxDQUFDLENBQUMsSUFBSSxDQUFDLGNBQWMsQ0FBQyxDQUFDLENBQUM7WUFDdEIsT0FBTyxDQUFDLFFBQVEsQ0FBQyxJQUFJLENBQUMsSUFBSSxDQUFDLE9BQU8sQ0FBQyxDQUFDO1lBQ3BDLE9BQU8sQ0FBQyxRQUFRLENBQUMsTUFBTSxDQUFDLEdBQUcsQ0FBQyxJQUFJLENBQUMsT0FBTyxFQUFFLFFBQVEsRUFBRSxJQUFJLENBQUMsY0FBYyxDQUFDLENBQUM7WUFDekUsSUFBSSxDQUFDLGdCQUFnQixFQUFFLENBQUM7UUFDNUIsQ0FBQztRQUNELHFCQUFxQjtRQUNyQixJQUFJLGdCQUFnQixDQUFDO1FBQ3JCLEVBQUUsQ0FBQyxDQUFDLElBQUksQ0FBQyxTQUFTLENBQUMsQ0FBQyxDQUFDO1lBQ2pCLGdCQUFnQixHQUFHLDJEQUEyRCxDQUFDO1FBQ25GLENBQUM7UUFBQyxJQUFJLENBQUMsQ0FBQztZQUNKLGdCQUFnQixHQUFHLEdBQUcsQ0FBQztRQUMzQixDQUFDO1FBQUEsQ0FBQztRQUNGLE9BQU8sQ0FBQyxTQUFTLENBQUMsTUFBTSxDQUFDLFFBQVEsQ0FDN0IsZ0JBQWdCLEVBQ2hCLEtBQUssQ0FBQyxVQUFVLENBQ25CLENBQUM7UUFDRixPQUFPLENBQUMsT0FBTyxDQUFDLElBQUksQ0FBQyxZQUFZLEdBQUcsS0FBSyxDQUFDLGFBQWEsQ0FBQyxDQUFDO1FBQ3pELE9BQU8sQ0FBQyxPQUFPLENBQUMsSUFBSSxDQUFDLFlBQVksR0FBRyxLQUFLLENBQUMsUUFBUSxDQUFDLENBQUM7UUFDcEQsT0FBTyxDQUFDLE9BQU8sQ0FBQyxJQUFJLENBQUMsWUFBWSxLQUFLLENBQUMsYUFBYSxFQUFFLENBQUMsQ0FBQztJQUM1RCxDQUFDOztJQXNCRDs7T0FFRztJQUNILGFBQWEsQ0FBQyxhQUFxQixFQUFFLFVBQVUsR0FBdUIsRUFBRSxLQUFLLEVBQUUsS0FBSyxFQUFFO1FBQ2xGLElBQUksSUFBSSxHQUFHLE9BQU8sQ0FBQyxDQUFDLENBQUMsS0FBSyxFQUFFLENBQUM7UUFDN0IsRUFBRSxDQUFDLENBQUMsQ0FBQyxzQkFBc0IsQ0FBQyxhQUFhLEVBQUUsSUFBSSxDQUFDLE9BQU8sQ0FBQyxJQUFJLFVBQVUsQ0FBQyxLQUFLLENBQUMsQ0FBQyxDQUFDO1lBQzNFLE9BQU8sQ0FBQyxTQUFTLENBQUMsRUFBRSxDQUFDLFNBQVMsQ0FBQyxLQUFLLENBQUMsT0FBTyxDQUFDLENBQUM7WUFDOUMsT0FBTyxDQUFDLFNBQVMsQ0FBQyxJQUFJLENBQUMsb0JBQW9CLGFBQWEsRUFBRSxDQUFDLENBQUM7WUFDNUQsT0FBTyxDQUFDLE9BQU8sQ0FBQyxJQUFJLENBQ2hCLFlBQVksS0FBSyxDQUFDLGFBQWEsb0JBQW9CLEtBQUssQ0FBQyxVQUFVLE9BQU8sYUFBYSxpQkFBaUIsS0FBSyxDQUFDLFFBQVEsT0FBTyxLQUFLLENBQUMsT0FBTyxHQUFHLEVBQzdJO2dCQUNJLE1BQU0sRUFBRSxJQUFJO2dCQUNaLEtBQUssRUFBQyxJQUFJO2FBQ2IsRUFDRCxDQUFDLE9BQU8sRUFBRSxTQUFTO2dCQUNmLE9BQU8sQ0FBQyxHQUFHLENBQUMsU0FBUyxDQUFDLENBQUM7Z0JBQ3ZCLElBQUksaUJBQWlCLEdBQWEsT0FBTyxDQUFDLFNBQVMsQ0FBQyxFQUFFLENBQUMsZUFBZSxDQUFDLEtBQUssQ0FBQyxPQUFPLENBQUMsQ0FBQztnQkFDdEYsRUFBRSxDQUFDLENBQUMsaUJBQWlCLENBQUMsT0FBTyxDQUFDLGFBQWEsQ0FBQyxJQUFJLENBQUMsQ0FBQyxDQUFDLENBQUMsQ0FBQztvQkFDakQsZ0JBQWdCLENBQUMsSUFBSSxDQUFDLE9BQU8sRUFBRSxhQUFhLENBQUMsQ0FBQztvQkFDOUMsT0FBTyxDQUFDLFNBQVMsQ0FBQyxFQUFFLENBQUMsVUFBVSxDQUFDLE9BQU8sQ0FBQyxJQUFJLENBQUMsS
|