| 
									
										
										
										
											2016-08-10 13:10:00 -04:00
										 |  |  | 'use strict'; | 
					
						
							|  |  |  | 
 | 
					
						
							|  |  |  | var cluster = require('cluster'); | 
					
						
							|  |  |  | 
 | 
					
						
							| 
									
										
										
										
											2016-08-10 13:39:58 -04:00
										 |  |  | function runMaster() { | 
					
						
							|  |  |  |   var numCores = 2; // // Math.max(2, require('os').cpus().length)
 | 
					
						
							|  |  |  |   var i; | 
					
						
							| 
									
										
										
										
											2016-08-10 22:33:12 -04:00
										 |  |  |   var master = require('./lib/master').create({ | 
					
						
							| 
									
										
										
										
											2016-08-10 13:10:00 -04:00
										 |  |  |     debug: true | 
					
						
							|  |  |  | 
 | 
					
						
							|  |  |  | 
 | 
					
						
							|  |  |  | 
 | 
					
						
							|  |  |  |   , server: 'staging' | 
					
						
							|  |  |  | 
 | 
					
						
							|  |  |  | 
 | 
					
						
							|  |  |  | 
 | 
					
						
							| 
									
										
										
										
											2016-08-10 22:33:12 -04:00
										 |  |  |   , approveDomains: function (domain, certs, cb) { | 
					
						
							| 
									
										
										
										
											2016-08-10 13:10:00 -04:00
										 |  |  |       // Depending on your setup it may be more efficient
 | 
					
						
							|  |  |  |       // for you to implement the approveDomains function
 | 
					
						
							|  |  |  |       // in your master or in your workers.
 | 
					
						
							|  |  |  |       //
 | 
					
						
							|  |  |  |       // Since we implement it in the worker (below) in this example
 | 
					
						
							|  |  |  |       // we'll give it an immediate approval here in the master
 | 
					
						
							| 
									
										
										
										
											2016-08-11 00:58:14 -04:00
										 |  |  |       var results = { domain: domain, options: { domains: [domain] }, certs: certs }; | 
					
						
							| 
									
										
										
										
											2016-08-10 22:33:12 -04:00
										 |  |  |       cb(null, results); | 
					
						
							| 
									
										
										
										
											2016-08-10 13:10:00 -04:00
										 |  |  |     } | 
					
						
							|  |  |  |   }); | 
					
						
							|  |  |  | 
 | 
					
						
							|  |  |  | 
 | 
					
						
							|  |  |  | 
 | 
					
						
							|  |  |  |   for (i = 0; i < numCores; i += 1) { | 
					
						
							|  |  |  |     master.addWorker(cluster.fork()); | 
					
						
							|  |  |  |   } | 
					
						
							|  |  |  | } | 
					
						
							| 
									
										
										
										
											2016-08-10 13:39:58 -04:00
										 |  |  | 
 | 
					
						
							|  |  |  | function runWorker() { | 
					
						
							| 
									
										
										
										
											2016-08-10 22:33:12 -04:00
										 |  |  |   var worker = require('./lib/worker').create({ | 
					
						
							| 
									
										
										
										
											2016-08-10 13:10:00 -04:00
										 |  |  |     debug: true | 
					
						
							|  |  |  | 
 | 
					
						
							|  |  |  |     // We want both to renew well before the expiration date
 | 
					
						
							|  |  |  |     // and also to stagger the renewals, just a touch
 | 
					
						
							|  |  |  |     // here we specify to renew between 10 and 15 days
 | 
					
						
							|  |  |  |   , notBefore: 15 * 24 * 60 * 60 * 1000 | 
					
						
							|  |  |  |   , notAfter: 10 * 24 * 60 * 60 * 1000 // optional
 | 
					
						
							|  |  |  | 
 | 
					
						
							| 
									
										
										
										
											2016-08-11 03:07:20 -04:00
										 |  |  |   , webrootPath: require('os').tmpdir() + require('path').sep + 'acme-challenge' | 
					
						
							| 
									
										
										
										
											2016-08-10 13:39:58 -04:00
										 |  |  |     /* | 
					
						
							|  |  |  |   , getChallenge: function (domain, token, cb) { | 
					
						
							|  |  |  |       // the default behavior is to pass a message to master,
 | 
					
						
							|  |  |  |       // but if needed for performance, that can be overwritten here
 | 
					
						
							|  |  |  |       cb(null, ); | 
					
						
							|  |  |  |     } | 
					
						
							|  |  |  |     */ | 
					
						
							| 
									
										
										
										
											2016-08-10 22:33:12 -04:00
										 |  |  |   , approveDomains: function (domain, certs, cb) { | 
					
						
							| 
									
										
										
										
											2016-08-10 13:10:00 -04:00
										 |  |  |       // opts = { domains, email, agreeTos, tosUrl }
 | 
					
						
							|  |  |  |       // certs = { subject, altnames, expiresAt, issuedAt }
 | 
					
						
							| 
									
										
										
										
											2016-08-11 00:58:14 -04:00
										 |  |  |       var results = { domain: domain, options: { domains: [domain] }, certs: certs }; | 
					
						
							| 
									
										
										
										
											2016-08-10 13:10:00 -04:00
										 |  |  | 
 | 
					
						
							|  |  |  | 
 | 
					
						
							|  |  |  | 
 | 
					
						
							|  |  |  |       // We might want to do a check to make sure that all of the domains
 | 
					
						
							|  |  |  |       // specified in altnames are still approved to be renewed and have
 | 
					
						
							|  |  |  |       // the correct dns entries, but generally speaking it's probably okay
 | 
					
						
							|  |  |  |       // for renewals to be automatic
 | 
					
						
							|  |  |  |       if (certs) { | 
					
						
							|  |  |  |         // modify opts.domains to overwrite certs.altnames in renewal
 | 
					
						
							| 
									
										
										
										
											2016-08-10 22:33:12 -04:00
										 |  |  |         cb(null, results); | 
					
						
							| 
									
										
										
										
											2016-08-10 13:10:00 -04:00
										 |  |  |         return; | 
					
						
							|  |  |  |       } | 
					
						
							|  |  |  | 
 | 
					
						
							|  |  |  | 
 | 
					
						
							|  |  |  | 
 | 
					
						
							|  |  |  | 
 | 
					
						
							|  |  |  |       // This is where we would check our database to make sure that
 | 
					
						
							|  |  |  |       // this user (specified by email address) has agreed to the terms
 | 
					
						
							|  |  |  |       // and do some check that they have access to this domain
 | 
					
						
							| 
									
										
										
										
											2016-08-10 22:33:12 -04:00
										 |  |  |       cb(null, results); | 
					
						
							| 
									
										
										
										
											2016-08-10 13:10:00 -04:00
										 |  |  |     } | 
					
						
							|  |  |  |   }); | 
					
						
							| 
									
										
										
										
											2016-08-10 13:39:58 -04:00
										 |  |  | 
 | 
					
						
							|  |  |  |   function app(req, res) { | 
					
						
							|  |  |  |     res.end("Hello, World!"); | 
					
						
							|  |  |  |   } | 
					
						
							|  |  |  | 
 | 
					
						
							| 
									
										
										
										
											2016-08-11 00:58:14 -04:00
										 |  |  | 
 | 
					
						
							|  |  |  |   // worker.handleAcmeOrRedirectToHttps()
 | 
					
						
							|  |  |  |   // worker.handleAcmeOrUse(app)
 | 
					
						
							|  |  |  |   var redirectHttps = require('redirect-https')(); | 
					
						
							|  |  |  |   var plainServer = require('http').createServer(worker.middleware(redirectHttps)); | 
					
						
							|  |  |  |   var server = require('https').createServer(worker.httpsOptions, worker.middleware(app)); | 
					
						
							| 
									
										
										
										
											2016-08-10 13:39:58 -04:00
										 |  |  |   plainServer.listen(80); | 
					
						
							|  |  |  |   server.listen(443); | 
					
						
							|  |  |  | } | 
					
						
							|  |  |  | 
 | 
					
						
							|  |  |  | if (cluster.isMaster) { | 
					
						
							|  |  |  |   runMaster(); | 
					
						
							|  |  |  | } | 
					
						
							|  |  |  | else { | 
					
						
							|  |  |  |   runWorker(); | 
					
						
							| 
									
										
										
										
											2016-08-10 13:10:00 -04:00
										 |  |  | } |