Skip to content

Commit 77f7b63

Browse files
64json64json
committed
Configure certbot automatically
1 parent 8307c5d commit 77f7b63

File tree

3 files changed

+40
-13
lines changed

3 files changed

+40
-13
lines changed

.env.production

Lines changed: 4 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -1,2 +1,6 @@
11
CREDENTIALS_ENABLED = 1
2+
CREDENTIALS_PATH = ~/.certbot/config/live/algorithm-visualizer.org
3+
CREDENTIALS_CA = fullchain.pem
4+
CREDENTIALS_KEY = privkey.pem
5+
CREDENTIALS_CERT = cert.pem
26
WEBHOOK_ENABLED = 1

certbot.ini

Lines changed: 7 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -0,0 +1,7 @@
1+
config-dir = ~/.certbot/config
2+
work-dir = ~/.certbot/work
3+
logs-dir = ~/.certbot/logs
4+
email = jason.park@gatech.edu
5+
authenticator = webroot
6+
webroot-path = ~/server/public/frontend-built
7+
domains = algorithm-visualizer.org

src/config/environments.ts

Lines changed: 29 additions & 13 deletions
Original file line numberDiff line numberDiff line change
@@ -1,15 +1,11 @@
11
import fs from 'fs';
22
import { ServerOptions } from 'https';
33
import path from 'path';
4+
import { spawn } from 'child_process';
5+
import { rootDir } from 'config/paths';
46

57
require('dotenv-flow').config();
68

7-
declare var process: {
8-
env: {
9-
[key: string]: string,
10-
}
11-
};
12-
139
const {
1410
NODE_ENV,
1511

@@ -30,7 +26,9 @@ const {
3026

3127
AWS_ACCESS_KEY_ID,
3228
AWS_SECRET_ACCESS_KEY,
33-
} = process.env;
29+
} = process.env as {
30+
[key: string]: string,
31+
};
3432

3533
const isEnabled = (v: string) => v === '1';
3634

@@ -67,12 +65,30 @@ export const webhookOptions = isEnabled(WEBHOOK_ENABLED) ? {
6765
secret: WEBHOOK_SECRET,
6866
} : undefined;
6967

70-
const readCredentials = (file: string) => fs.readFileSync(path.resolve(CREDENTIALS_PATH, file));
71-
export const credentials: ServerOptions | undefined = isEnabled(CREDENTIALS_ENABLED) ? {
72-
ca: readCredentials(CREDENTIALS_CA),
73-
key: readCredentials(CREDENTIALS_KEY),
74-
cert: readCredentials(CREDENTIALS_CERT),
75-
} : undefined;
68+
export let credentials: ServerOptions | undefined;
69+
if (isEnabled(CREDENTIALS_ENABLED)) {
70+
if (fs.existsSync(CREDENTIALS_PATH)) {
71+
const readCredentials = (file: string) => fs.readFileSync(path.resolve(CREDENTIALS_PATH, file));
72+
credentials = {
73+
ca: readCredentials(CREDENTIALS_CA),
74+
key: readCredentials(CREDENTIALS_KEY),
75+
cert: readCredentials(CREDENTIALS_CERT),
76+
};
77+
} else {
78+
const certbotIniPath = path.resolve(rootDir, 'certbot.ini');
79+
const childProcess = spawn('certbot', ['certonly', '--non-interactive', '--agree-tos', '--config', certbotIniPath]);
80+
childProcess.stdout.pipe(process.stdout);
81+
childProcess.stderr.pipe(process.stderr);
82+
childProcess.on('error', console.error);
83+
childProcess.on('exit', code => {
84+
if (code === 0) {
85+
process.exit(0);
86+
} else {
87+
console.error(new Error(`certbot failed with exit code ${code}.`));
88+
}
89+
});
90+
}
91+
}
7692

7793
export const githubClientId = GITHUB_CLIENT_ID;
7894
export const githubClientSecret = GITHUB_CLIENT_SECRET;

0 commit comments

Comments
 (0)