From eed6b752d4acd68b902030e216f38e744a3b8fd2 Mon Sep 17 00:00:00 2001 From: Wikinaut Date: Thu, 22 Nov 2012 10:12:58 +0100 Subject: [PATCH 1/3] initial https version fix #1148 --- .gitignore | 2 ++ settings.json.template | 13 ++++++++++++- src/node/hooks/express.js | 24 ++++++++++++++++++++++-- src/node/utils/Settings.js | 7 +++++++ 4 files changed, 43 insertions(+), 3 deletions(-) diff --git a/.gitignore b/.gitignore index 4f3152245..b93678674 100644 --- a/.gitignore +++ b/.gitignore @@ -12,3 +12,5 @@ src/static/js/jquery.js npm-debug.log *.DS_Store .ep_initialized +*.crt +*.key diff --git a/settings.json.template b/settings.json.template index 66192e4b9..901ff812c 100644 --- a/settings.json.template +++ b/settings.json.template @@ -14,7 +14,18 @@ //Ip and port which etherpad should bind at "ip": "0.0.0.0", "port" : 9001, - + + /* + // Node native SSL support + // make sure to have the correct file access permissions set + + "ssl" : { + "key" : "/path-to-your/server.key", + "cert" : "/path-to-your/server.crt" + }, + + */ + //The Type of the database. You can choose between dirty, postgres, sqlite and mysql //You shouldn't use "dirty" for for anything else than testing or development "dbType" : "dirty", diff --git a/src/node/hooks/express.js b/src/node/hooks/express.js index 1900a86a8..2bbb5eec8 100644 --- a/src/node/hooks/express.js +++ b/src/node/hooks/express.js @@ -1,5 +1,4 @@ var hooks = require("ep_etherpad-lite/static/js/pluginfw/hooks"); -var http = require('http'); var express = require('express'); var settings = require('../utils/Settings'); var fs = require('fs'); @@ -50,7 +49,28 @@ exports.restartServer = function () { } var app = express(); // New syntax for express v3 - server = http.createServer(app); + + if (settings.ssl) { + + console.log( "SSL -- enabled"); + console.log( "SSL -- server key file: " + settings.ssl.key ); + console.log( "SSL -- Certificate Authority's certificate file: " + settings.ssl.cert ); + + options = { + key: fs.readFileSync( settings.ssl.key ), + cert: fs.readFileSync( settings.ssl.cert ) + }; + + var https = require('https'); + server = https.createServer(options, app); + + } else { + + console.log( "SSL -- not enabled!" ); + + var http = require('http'); + server = http.createServer(app); + } app.use(function (req, res, next) { res.header("Server", serverName); diff --git a/src/node/utils/Settings.js b/src/node/utils/Settings.js index 2ed76d0bd..9caa2b0be 100644 --- a/src/node/utils/Settings.js +++ b/src/node/utils/Settings.js @@ -48,6 +48,13 @@ exports.ip = "0.0.0.0"; * The Port ep-lite should listen to */ exports.port = process.env.PORT || 9001; + +/** + * The SSL signed server key and the Certificate Authority's own certificate + * default case: ep-lite does *not* use SSL. A signed server key is not required in this case. + */ +exports.ssl = false; + /* * The Type of the database */ From e8bca8ea04c7f6f00c849aefcbb6ebd61c118d8d Mon Sep 17 00:00:00 2001 From: Wikinaut Date: Fri, 23 Nov 2012 21:15:52 +0100 Subject: [PATCH 2/3] Ip => IP typo fix; +comment for SSL --- settings.json.template | 7 +++++-- 1 file changed, 5 insertions(+), 2 deletions(-) diff --git a/settings.json.template b/settings.json.template index 901ff812c..9691d6298 100644 --- a/settings.json.template +++ b/settings.json.template @@ -11,13 +11,16 @@ // alternatively, set up a fully specified Url to your own favicon "favicon": "favicon.ico", - //Ip and port which etherpad should bind at + //IP and port which etherpad should bind at "ip": "0.0.0.0", "port" : 9001, /* // Node native SSL support - // make sure to have the correct file access permissions set + // this is disabled by default + // + // make sure to have the minimum and correct file access permissions set + // so that the Etherpad server can access them "ssl" : { "key" : "/path-to-your/server.key", From 43980ffe11c59645120524cfbf6e096ac3f5a14e Mon Sep 17 00:00:00 2001 From: Wikinaut Date: Fri, 23 Nov 2012 21:18:05 +0100 Subject: [PATCH 3/3] chg server.key to epl-server.key --- settings.json.template | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/settings.json.template b/settings.json.template index 9691d6298..4894f897d 100644 --- a/settings.json.template +++ b/settings.json.template @@ -23,8 +23,8 @@ // so that the Etherpad server can access them "ssl" : { - "key" : "/path-to-your/server.key", - "cert" : "/path-to-your/server.crt" + "key" : "/path-to-your/epl-server.key", + "cert" : "/path-to-your/epl-server.crt" }, */