npm package discovery and stats viewer.

Discover Tips

  • General search

    [free text search, go nuts!]

  • Package details

    pkg:[package-name]

  • User packages

    @[username]

Sponsor

Optimize Toolset

I’ve always been into building performant and accessible sites, but lately I’ve been taking it extremely seriously. So much so that I’ve been building a tool to help me optimize and monitor the sites that I build to make sure that I’m making an attempt to offer the best experience to those who visit them. If you’re into performant, accessible and SEO friendly sites, you might like it too! You can check it out at Optimize Toolset.

About

Hi, 👋, I’m Ryan Hefner  and I built this site for me, and you! The goal of this site was to provide an easy way for me to check the stats on my npm packages, both for prioritizing issues and updates, and to give me a little kick in the pants to keep up on stuff.

As I was building it, I realized that I was actually using the tool to build the tool, and figured I might as well put this out there and hopefully others will find it to be a fast and useful way to search and browse npm packages as I have.

If you’re interested in other things I’m working on, follow me on Twitter or check out the open source projects I’ve been publishing on GitHub.

I am also working on a Twitter bot for this site to tweet the most popular, newest, random packages from npm. Please follow that account now and it will start sending out packages soon–ish.

Open Software & Tools

This site wouldn’t be possible without the immense generosity and tireless efforts from the people who make contributions to the world and share their work via open source initiatives. Thank you 🙏

© 2024 – Pkg Stats / Ryan Hefner

@matteocannata/greenlock-express

v4.0.4

Published

Free SSL and managed or automatic HTTPS for node.js with Express, Koa, Connect, Hapi, and all other middleware systems.

Downloads

7

Readme

Greenlock Express v4 is Let's Encrypt for Node

| Built by Root for Hub |

Greenlock Logo

Free SSL for Node Web Servers

Greenlock Express is a Web Server with Fully Automated HTTPS and renewals.

You define your app and let Greenlock handle issuing and renewing Free SSL Certificates.

npm init
npm install --save greenlock-express@v4

server.js:

"use strict";

var app = require("./app.js");

require("greenlock-express")
    .init({
        packageRoot: __dirname,
        configDir: "./greenlock.d",

        // contact for security and critical bug notices
        maintainerEmail: "[email protected]",

        // whether or not to run at cloudscale
        cluster: false
    })
    // Serves on 80 and 443
    // Get's SSL certificates magically!
    .serve(app);

./greenlock.d/config.json:

{ "sites": [{ "subject": "example.com", "altnames": ["example.com"] }] }

Let's Encrypt for...

  • IoT
  • Enterprise On-Prem
  • Local Development
  • Home Servers
  • Quitting Heroku

Features

  • [x] Let's Encrypt v2 (November 2019)
    • [x] ACME Protocol (RFC 8555)
    • [x] HTTP Validation (HTTP-01)
    • [x] DNS Validation (DNS-01)
    • [ ] ALPN Validation (TLS-ALPN-01)
  • [x] Automated HTTPS
    • [x] Fully Automatic Renewals every 45 days
    • [x] Free SSL
    • [x] Wildcard SSL
    • [x] Localhost certificates
    • [x] HTTPS-enabled Secure WebSockets (wss://)
    • [x] Cloud-ready with Node cluster.
  • [x] Fully customizable
    • [x] Reasonable defaults
    • [x] Domain Management
    • [x] Key and Certificate Management
    • [x] ACME Challenge Plugins

Compatibility

Works with any node http app, including

  • [x] Express
  • [x] Koa
  • [x] hapi
  • [x] rill
  • [x] http2
  • [x] cluster
  • [x] etc...

v4 QuickStart

Serving sites with Free SSL is as easy as 1, 2, 3... 4

Overview

  1. Create a Project with Greenlock Express
    • server.js
    • app.js
  2. Setup the config file (or database)
    • greenlock.d/config.json
  3. Add Domains
    • npx greenlock add --subject example.com --altnames example.com
  4. Hello, World!
    • npm start -- --staging

1. Create your Project

# Install the latest node, if needed
curl -fsL bit.ly/node-installer | bash

# Create your project, add Greenlock Express v4
npm init
npm install --save greenlock-express@v4

You can use local file storage or a database. The default is to use file storage.

2. Initialize and Config (Dir or DB)

# Note: you can use the CLI to create `server.js` and `greenlock.d/config.json`
npx greenlock init --config-dir ./greenlock.d --maintainer-email '[email protected]'

server.js:

"use strict";

var app = require("./app.js");

require("greenlock-express")
    .init({
        packageRoot: __dirname,

        // contact for security and critical bug notices
        configDir: "./greenlock.d",

        // whether or not to run at cloudscale
        cluster: false
    })
    // Serves on 80 and 443
    // Get's SSL certificates magically!
    .serve(app);

app.js:

"use strict";

// Here's a vanilla HTTP app to start,
// but feel free to replace it with Express, Koa, etc
var app = function(req, res) {
    res.end("Hello, Encrypted World!");
};

module.exports = app;

3. Add Sites

# Note: you can use the CLI to edit the config file
npx greenlock add --subject example.com --altnames example.com

greenlock.d/config.json:

{ "sites": [{ "subject": "example.com", "altnames": ["example.com"] }] }

4. Hello, Encrypted World!

# Note: you can use npm start to run server.js with the --staging flag set
npm start -- --staging
> [email protected] start /srv/www/my-project
> node server.js

Listening on 0.0.0.0:80 for ACME challenges and HTTPS redirects
Listening on 0.0.0.0:443 for secure traffic

Walkthrough

For a more detail read the full WALKTHROUGH.

Examples

To see all of the examples, just browse greenlock-express.js/examples/

| Example | Location + Description | | :--------------------: | :----------------------------------------------------------------------------------------------------------------------------------------- | | Express | ./examples/express/ how to export an express app | | Node's http2 | ./examples/http2/ how to use Node's built-in http2 server | | Node's https | ./examples/https how to customize the https server | | WebSockets | ./examples/websockets/ how to use on('upgrade') | | Socket.IO | ./examples/socket.io how to overcomplicate a persistent connection | | Cluster | ./examples/cluster/ how to use Node's built-in clustering with master and worker processes | | Wildcards | coming someday (ask to help create this) how to use DNS-01 for wildcard certs | | Localhost | coming someday (ask to help create this) how to use DNS-01 for domains that resolve to private networks, such as 127.0.0.1 | | CI/CD | coming someday (ask to help create this) how to use the --staging environment for test deployments | | HTTP Proxy | examples/http-proxy how to (reverse) proxy decrypted traffic to another server | | - | Build your ownBe sure to tell me about it (open an issue) |

Troubleshooting

What if the example didn't work?

Double check the following:

  • Public Facing IP for http-01 challenges
    • Are you running this as a public-facing webserver (good)? or localhost (bad)?
    • Does ifconfig show a public address (good)? or a private one - 10.x, 192.168.x, etc (bad)?
    • If you're on a non-public server, are you using the dns-01 challenge?
  • valid email
    • You MUST set maintainerEmail to a valid address
    • MX records must validate (dig MX example.com for '[email protected]')
  • valid DNS records
    • Must have public DNS records (test with dig +trace A example.com; dig +trace www.example.com for [ 'example.com', 'www.example.com' ])
  • write access
    • You MUST set configDir to a writeable location (test with touch ./greenlock.d/config.json)
  • port binding privileges
    • You MUST be able to bind to ports 80 and 443
    • You can do this via sudo or setcap
  • API limits
    • You MUST NOT exceed the API usage limits per domain, certificate, IP address, etc
  • Red Lock, Untrusted
    • You MUST switch from npm start -- --staging to npm start to use the production server
    • The API URL should not have 'acme-staging-v02', but should have 'acme-v02'

Using a Database, S3, etc

If you have a small site, the default file storage will work well for you.

If you have many sites with many users, you'll probably want to store config in a database of some sort.

See the section on Custom callbacks and plugins below.

Advanced Configuration

All of the advanced configuration is done by replacing the default behavior with callbacks.

You can whip up your own, or you can use something that's published to npm.

See the section on Custom callbacks and plugins below.

Easy to Customize

  • Custom Domain Management
    • edit server.js and/or .greenlockrc to switch from the default configDir manager to your config system or database
    • CLI example: npx greenlock init --manager ./path-or-npm-name.js --manager-FOO 'set option FOO'
  • Custom Key & Cert Storage
    • edit the defaults section of greenlock.d/config.json to change the certificate store or database
    • CLI example: npx greenlock defaults --store greenlock-store-fs --store-base-path ./greenlock.d
  • Custom ACME HTTP-01 Challenges
    • edit the defaults section of greenlock.d/config.json to change the challenges by hand
    • CLI example: npx greenlock defaults --challenge-http-01 ./you-http-01.js
  • Custom ACME DNS-01 Challenges
    • edit the defaults section of greenlock.d/config.json to change the challenges by hand
    • CLI example: npx greenlock defaults --challenge-dns-01 acme-dns-01-ovh --challenge-dns-01-token xxxx
    • Per-site example: npx greenlock update --subject example.com --challenge-dns-01 ./your-dns-01.js
    • API example:
      greenlock.sites.set({
          subject: "example.com",
          challenges: {
              "dns-01": {
                  module: "my-npm-module-name",
                  foo: "some option",
                  bar: "some other option"
              }
          }
      });

If you're using the default configDir management you can edit greenlock.d/config.json by hand to change which default and per-site modules are used.

You can use the CLI, even if you're using a database, buckets, or your own file storage.

You can also use the API, particularly if you need to set values dynamically per-site or per-user rather than using the global defaults. The certificate store and all challenges can be set per-site, but most per-site use cases are for DNS-01.

Ready-made Integrations

Greenlock Express integrates between Let's Encrypt's ACME Challenges and many popular services.

| Type | Service | Plugin | | ----------- | ----------------------------------------------------------------------------------- | ------------------------ | | dns-01 | CloudFlare | acme-dns-01-cloudflare | | dns-01 | Digital Ocean | acme-dns-01-digitalocean | | dns-01 | DNSimple | acme-dns-01-dnsimple | | dns-01 | DuckDNS | acme-dns-01-duckdns | | http-01 | File System / Web Root | acme-http-01-webroot | | dns-01 | GoDaddy | acme-dns-01-godaddy | | dns-01 | Gandi | acme-dns-01-gandi | | dns-01 | NameCheap | acme-dns-01-namecheap | | dns-01 | Name.com | acme-dns-01-namedotcom | | dns-01 | Route53 (AWS) | acme-dns-01-route53 | | http-01 | S3 (AWS, Digital Ocean, Scaleway) | acme-http-01-s3 | | dns-01 | Vultr | acme-dns-01-vultr | | dns-01 | Build your own | acme-dns-01-test | | http-01 | Build your own | acme-http-01-test | | tls-alpn-01 | Contact us | - |

Example Usage:

npx greenlock defaults --challenge-dns-01 acme-dns-01-ovh --challenge-dns-01-token xxxx
npx greenlock defaults --challenge-http-01 acme-http-01-s3 --challenge-http-01-bucket my-bucket

Search acme-http-01- or acme-dns-01- on npm to find more.

Full Documentation

Most of the documentation is done by use-case examples, as shown up at the top of the README.

We're working on more comprehensive documentation for this newly released version. Please open an issue with questions in the meantime.

Commercial Support

Do you need...

  • training?
  • specific features?
  • different integrations?
  • bugfixes, on your timeline?
  • custom code, built by experts?
  • commercial support and licensing?

You're welcome to contact us in regards to IoT, On-Prem, Enterprise, and Internal installations, integrations, and deployments.

We have both commercial support and commercial licensing available.

We also offer consulting for all-things-ACME and Let's Encrypt.

Legal & Rules of the Road

Greenlock™ is a trademark of AJ ONeal

The rule of thumb is "attribute, but don't confuse". For example:

Built with Greenlock Express (a Root project).

Please contact us if you have any questions in regards to our trademark, attribution, and/or visible source policies. We want to build great software and a great community.

Greenlock™ | MPL-2.0 | Terms of Use | Privacy Policy