npm package discovery and stats viewer.

Discover Tips

  • General search

    [free text search, go nuts!]

  • Package details

    pkg:[package-name]

  • User packages

    @[username]

Sponsor

Optimize Toolset

I’ve always been into building performant and accessible sites, but lately I’ve been taking it extremely seriously. So much so that I’ve been building a tool to help me optimize and monitor the sites that I build to make sure that I’m making an attempt to offer the best experience to those who visit them. If you’re into performant, accessible and SEO friendly sites, you might like it too! You can check it out at Optimize Toolset.

About

Hi, 👋, I’m Ryan Hefner  and I built this site for me, and you! The goal of this site was to provide an easy way for me to check the stats on my npm packages, both for prioritizing issues and updates, and to give me a little kick in the pants to keep up on stuff.

As I was building it, I realized that I was actually using the tool to build the tool, and figured I might as well put this out there and hopefully others will find it to be a fast and useful way to search and browse npm packages as I have.

If you’re interested in other things I’m working on, follow me on Twitter or check out the open source projects I’ve been publishing on GitHub.

I am also working on a Twitter bot for this site to tweet the most popular, newest, random packages from npm. Please follow that account now and it will start sending out packages soon–ish.

Open Software & Tools

This site wouldn’t be possible without the immense generosity and tireless efforts from the people who make contributions to the world and share their work via open source initiatives. Thank you 🙏

© 2024 – Pkg Stats / Ryan Hefner

ten-ply-crest

v1.0.0

Published

LetsEncrypt middleware for Express with pluggable data store

Downloads

1

Readme

ten-ply-crest

Dependency Status devDependency Status Downloads

LetsEncrypt middleware for Express with pluggable data store

NPM

Installation

npm install --save ten-ply-crest

Introduction

ten-ply-crest is a LetsEncrypt client that does not touch the filesystem or make assumptions about your architecture. Almost every existing client stores sensitive SSL keys, certs, and challenges in the filesystem, and assumes it is running on a public-facing server.

In reality many of us these days are using a containerized architecture with a sharable, secured data store. Containers are designed to be disposable and there may be reasons to run more than one instance of a LetsEncrypt client in tandem.

Therefore, ten-ply-crest:

  • Can be run behind any load-balancer
  • Can work independently or in a cluster (just set Store.cacheEnabled = false)
  • Can be attached to any existing Express app as simple middleware
  • Can use any backend data store (defaults to hashicorp/vault)
  • Can self-register route with hashicorp/consul
  • Can watch Consul service list to automatically generate certs for new domains
  • Designed for use in a HA, containerized environment (i.e. Joyent Cloud, Docker, Heroku)
  • Designed not to interfere with any of the existing stack, only responding to specific LetsEncrypt calls and routes
  • Never needs to alter the filesystem
  • Completely customizable and extendable class structure
  • Cleanly separates concerns:
    • controller (Express routes)
    • model (data store for certs)
    • adapter (LetsEncrypt client)

Usage

Standalone

npm start

Middleware

From src/server.coffee

    options =
      logger:         console
      advertise_addr: EXPRESS_APP_IP
      advertise_port: EXPRESS_APP_PORT
      consul_addr:    CONSUL_ADDR or "127.0.0.1"

    tpc = new TenPly options
    app.use tpc.middleware()
> we register ourselves for route http://*/.well-known/*

< when a service registers, it registers tag ssl

> we watch the list of services tagged ssl
when this list changes, we get all these services and their tags
we keep all the tags that are urlprefix
for each domain + its subdomains
we get the unique list of domains+subdomains
if we don't have this domain in our vault list, we generate a letsencrypt cert
we store the cert in the vault with a lease 15 days before expiration, and we cache it
when the load-balancer asks for the cert we hand it the cert

License

MIT