serve-https
v2.2.1
Published
Serves HTTPS using TLS (SSL) certs for localhost.daplie.me - great for testing and development.
Downloads
58
Maintainers
Readme
About Daplie: We're taking back the Internet!
Down with Google, Apple, and Facebook!
We're re-decentralizing the web and making it read-write again - one home cloud system at a time.
Tired of serving the Empire? Come join the Rebel Alliance:
[email protected] | Invest in Daplie on Wefunder | Pre-order Cloud, The World's First Home Server for Everyone
serve-https
A simple HTTPS static file server with valid TLS (SSL) certs.
Comes bundled a valid certificate for localhost.daplie.me, which is great for testing and development, and you can specify your own.
Also great for testing ACME certs from letsencrypt.org.
Install
# v2.x
npm install --global [email protected]
# v1.x
npm install --global [email protected]
# master in git (via ssh)
npm install -g git+ssh://[email protected]:Daplie/serve-https
# master in git (unauthenticated)
npm install -g git+https://[email protected]:Daplie/serve-https
serve-https
Serving /Users/foo/ at https://localhost.daplie.me:8443
Usage
Examples:
# Install
npm install -g git+https://[email protected]:Daplie/serve-https
# Use tunnel
serve-https --sites jane.daplie.me --agree-tos --email [email protected] --tunnel
# BEFORE you access in a browser for the first time, use curl
# (because there's a concurrency bug in the greenlock setup)
curl https://jane.daplie.me
Options:
-p <port>
- i.e.sudo serve-https -p 443
(defaults to 80+443 or 8443)-d <dirpath>
- i.e.serve-https -d /tmp/
(defaults topwd
)- you can use
:hostname
as a template for multiple directories - Example A:
serve-https -d /srv/www/:hostname --sites localhost.foo.daplie.me,localhost.bar.daplie.me
- Example B:
serve-https -d ./:hostname/public/ --sites localhost.foo.daplie.me,localhost.bar.daplie.me
- you can use
-c <content>
- i.e.server-https -c 'Hello, World! '
(defaults to directory index)--express-app <path>
- path to a file the exports an express-style app (function (req, res, next) { ... }
)--livereload
- inject livereload into all html pages (see also: fswatch), but be careful if<dirpath>
has thousands of files it will spike your CPU usage to 100%--trust-proxy <x.x.x.x,y.y.y.y>
- by default your https redirect will be skipped if the X-Forwarded-Proto or Forwarded headers are specified by loopback, linklocal, or uniquelocal addresses (i.e. 127.0.0.1, 192.168.x.x, 169.x.x.x). You can override that here.--email <email>
- email to use for Let's Encrypt, Daplie DNS, Daplie Tunnel--agree-tos
- agree to terms for Let's Encrypt, Daplie DNS--sites <domain.tld>
comma-separated list of domains to respond to (default islocalhost.daplie.me
)- optionally you may include the path to serve with
|
such asexample.com|/tmp,example.net/srv/www
- optionally you may include the path to serve with
--tunnel
- make world-visible (must use--sites
)
Specifying a custom HTTPS certificate:
--key /path/to/privkey.pem
specifies the server private key--cert /path/to/fullchain.pem
specifies the bundle of server certificate and all intermediate certificates--root /path/to/root.pem
specifies the certificate authority(ies)
Note: --root
may specify single cert or a bundle, and may be used multiple times like so:
--root /path/to/primary-root.pem --root /path/to/cross-root.pem
Other options:
--serve-root true
alias for-c
with the contents of root.pem--sites example.com
changes the servername logged to the console--letsencrypt-certs example.com
sets and key, fullchain, and root to standard letsencrypt locations
Examples
serve-https -p 1443 -c 'Hello from 1443' &
serve-https -p 2443 -c 'Hello from 2443' &
serve-https -p 3443 -d /tmp &
curl https://localhost.daplie.me:1443
> Hello from 1443
curl --insecure https://localhost:2443
> Hello from 2443
curl https://localhost.daplie.me:3443
> [html index listing of /tmp]
And if you tested http://localhost.daplie.me:3443 in a browser, it would redirect to https://localhost.daplie.me:3443 (on the same port).
(in curl it would just show an error message)
Testing ACME Let's Encrypt certs
In case you didn't know, you can get free https certificates from letsencrypt.org (ACME letsencrypt) and even a free subdomain from https://freedns.afraid.org.
If you want to quickly test the certificates you installed, you can do so like this:
sudo serve-https -p 8443 \
--letsencrypt-certs test.mooo.com \
--serve-root true
which is equilavent to
sudo serve-https -p 8443 \
--sites test.mooo.com
--key /etc/letsencrypt/live/test.mooo.com/privkey.pem \
--cert /etc/letsencrypt/live/test.mooo.com/fullchain.pem \
--root /etc/letsencrypt/live/test.mooo.com/root.pem \
-c "$(cat 'sudo /etc/letsencrypt/live/test.mooo.com/root.pem')"
and can be tested like so
curl --insecure https://test.mooo.com:8443 > ./root.pem
curl https://test.mooo.com:8843 --cacert ./root.pem