HTTPS_PORT and HTTPS_HOST in .env
This commit is contained in:
parent
a8766b0a08
commit
49a3319e58
19
README.md
19
README.md
@ -80,7 +80,7 @@ npm start
|
|||||||
```
|
```
|
||||||
This will run the app on TCP port 3000 by default. If port 3000 is already in use, you can specify a different port in the `.env` file (see 3B above), e.g.:
|
This will run the app on TCP port 3000 by default. If port 3000 is already in use, you can specify a different port in the `.env` file (see 3B above), e.g.:
|
||||||
```
|
```
|
||||||
PORT=3456
|
HTTP_PORT=3456
|
||||||
```
|
```
|
||||||
|
|
||||||
##### 6. Start the app automatically
|
##### 6. Start the app automatically
|
||||||
@ -113,9 +113,22 @@ curl http://localhost:3000
|
|||||||
```
|
```
|
||||||
You should see the front page of the app (or the raw HTML with curl).
|
You should see the front page of the app (or the raw HTML with curl).
|
||||||
|
|
||||||
##### 8. Remote access:
|
##### 8. Remote access via HTTPS
|
||||||
For security reasons (until this app is battle-hardened and has been scrutinized by the ZT community), it currently listens only on the looback interface. It can be reverse proxied by something like Nginx, but it would be best to access over an SSH tunnel at this stage.
|
This app listens for HTTP requests on the looback interface (default port 3000). It can be reverse proxied by Nginx (which can proxy the HTTP as HTTPS), or accessed over an SSH tunnel as described below.
|
||||||
|
|
||||||
|
The app can be made to listen on all interfaces for HTTPS requests by specifying HTTPS_PORT in the .env file, e.g.:
|
||||||
|
```
|
||||||
|
HTTPS_PORT=3443
|
||||||
|
```
|
||||||
|
If HTTPS_PORT is not specified, then the app will only listen for HTTP requests on localhost.
|
||||||
|
|
||||||
|
The app can be made to listen on a specific interface for HTTPS requests by specifying HTTPS_HOST (the host name or IP address of the interface) in the .env file, e.g.:
|
||||||
|
```
|
||||||
|
HTTPS_HOST=12.34.56.78
|
||||||
|
```
|
||||||
|
If HTTPS_HOST is not specified, but HTTPS_PORT is specified, then the app will listen for HTTPS requests on all interfaces.
|
||||||
|
|
||||||
|
##### 9. Remote access via SSH
|
||||||
###### SSH tunnel from Linux / Unix / macOS client
|
###### SSH tunnel from Linux / Unix / macOS client
|
||||||
An SSH tunnel can be established with:
|
An SSH tunnel can be established with:
|
||||||
```shell
|
```shell
|
||||||
|
52
bin/www
52
bin/www
@ -16,22 +16,38 @@ const options = {
|
|||||||
}
|
}
|
||||||
|
|
||||||
/**
|
/**
|
||||||
* Get port from environment and store in Express.
|
* Get ports from environment and store in Express.
|
||||||
*/
|
*/
|
||||||
|
|
||||||
const port = normalizePort(process.env.PORT || '3000');
|
const http_port = normalizePort(process.env.HTTP_PORT || '3000');
|
||||||
app.set('port', port);
|
app.set('http_port', http_port);
|
||||||
const sport = normalizePort(process.env.SPORT || '3443');
|
const https_port = normalizePort(process.env.HTTPS_PORT || null);
|
||||||
app.set('sport', sport);
|
app.set('https_port', https_port);
|
||||||
|
|
||||||
/**
|
/**
|
||||||
* Create HTTPS server and listen on localhost only for HTTP and on all network interfaces for HTTPS
|
* Get interface address on which to listen for HTTPS requests from env.
|
||||||
|
*/
|
||||||
|
const https_host = process.env.HTTPS_HOST || null;
|
||||||
|
app.set('https_host', https_host);
|
||||||
|
|
||||||
|
/**
|
||||||
|
* Create HTTPS server and listen on localhost only for HTTP and
|
||||||
|
* on all network interfaces for HTTPS if HTTPS_PORT is set in env,
|
||||||
|
* or on specific interface if HTTPS_HOST is set in env.
|
||||||
*/
|
*/
|
||||||
|
|
||||||
app.listen(port, 'localhost');
|
app.listen(http_port, 'localhost');
|
||||||
const server = https.createServer(options, app);
|
const server = https.createServer(options, app);
|
||||||
|
|
||||||
server.listen(sport);
|
if (https_port) {
|
||||||
|
if (https_host) {
|
||||||
|
console.log('Listening for HTTPS requests on port ' + https_port + ' on address ' + https_host);
|
||||||
|
} else {
|
||||||
|
console.log('Listening for HTTPS requests on port ' + https_port + ' on all interfaces');
|
||||||
|
}
|
||||||
|
server.listen(https_port, https_host);
|
||||||
|
}
|
||||||
|
|
||||||
server.on('error', onError);
|
server.on('error', onError);
|
||||||
server.on('listening', onListening);
|
server.on('listening', onListening);
|
||||||
|
|
||||||
@ -40,7 +56,7 @@ server.on('listening', onListening);
|
|||||||
*/
|
*/
|
||||||
|
|
||||||
function normalizePort(val) {
|
function normalizePort(val) {
|
||||||
let port = parseInt(val, 10);
|
const port = parseInt(val, 10);
|
||||||
|
|
||||||
if (isNaN(port)) {
|
if (isNaN(port)) {
|
||||||
// named pipe
|
// named pipe
|
||||||
@ -56,7 +72,7 @@ function normalizePort(val) {
|
|||||||
}
|
}
|
||||||
|
|
||||||
/**
|
/**
|
||||||
* Event listener for HTTP server "error" event.
|
* Event listener for HTTP/S server "error" event.
|
||||||
*/
|
*/
|
||||||
|
|
||||||
function onError(error) {
|
function onError(error) {
|
||||||
@ -64,13 +80,13 @@ function onError(error) {
|
|||||||
throw error;
|
throw error;
|
||||||
}
|
}
|
||||||
|
|
||||||
let bind = typeof port === 'string'
|
const bind = typeof http_port === 'string'
|
||||||
? 'Pipe ' + port
|
? 'Pipe ' + http_port
|
||||||
: 'Port ' + port;
|
: 'Port ' + http_port;
|
||||||
|
|
||||||
let sbind = typeof sport === 'string'
|
const sbind = typeof https_port === 'string'
|
||||||
? 'Pipe ' + sport
|
? 'Pipe ' + https_port
|
||||||
: 'Port ' + sport;
|
: 'Port ' + https_port;
|
||||||
|
|
||||||
// handle specific listen errors with friendly messages
|
// handle specific listen errors with friendly messages
|
||||||
switch (error.code) {
|
switch (error.code) {
|
||||||
@ -92,8 +108,8 @@ function onError(error) {
|
|||||||
*/
|
*/
|
||||||
|
|
||||||
function onListening() {
|
function onListening() {
|
||||||
let addr = server.address();
|
const addr = server.address();
|
||||||
let bind = typeof addr === 'string'
|
const bind = typeof addr === 'string'
|
||||||
? 'pipe ' + addr
|
? 'pipe ' + addr
|
||||||
: 'port ' + addr.port;
|
: 'port ' + addr.port;
|
||||||
debug('Listening on ' + bind);
|
debug('Listening on ' + bind);
|
||||||
|
Loading…
Reference in New Issue
Block a user