From 569828f54965979e6f98b7646a125584b157f071 Mon Sep 17 00:00:00 2001
From: Noah Loomans <noahloomans@gmail.com>
Date: Wed, 1 Mar 2017 12:34:27 +0100
Subject: Add redirect to HTTPS

TODO: use 301 instaid of 302 when this feature is has been proven to
work.
---
 bin/www | 124 ++++++++++++++++++++++++++++++----------------------------------
 1 file changed, 59 insertions(+), 65 deletions(-)

(limited to 'bin')

diff --git a/bin/www b/bin/www
index df15b1f..ef9dae5 100755
--- a/bin/www
+++ b/bin/www
@@ -1,68 +1,45 @@
 #!/usr/bin/env node
 
-/**
- * Module dependencies.
- */
+const fs = require('fs')
+const app = require('../app')
+const http = require('http')
+const https = require('https')
 
-var fs = require('fs')
-var app = require('../app')
-var debug = require('debug')('rooster:server')
-var http = require('http')
-var https = require('https')
+function setupHTTPS () {
+  const certificate = fs.readFileSync('/etc/letsencrypt/live/rooster.hetmml.nl/fullchain.pem', 'utf8')
+  const privateKey = fs.readFileSync('/etc/letsencrypt/live/rooster.hetmml.nl/privkey.pem', 'utf8')
+  const credentials = { key: privateKey, cert: certificate }
 
-var shouldUseHTTPS = true
-try {
-  fs.accessSync('/etc/letsencrypt/live/rooster.hetmml.nl/privkey.pem')
-} catch (e) {
-  shouldUseHTTPS = false
-}
+  const httpsPort = normalizePort(process.env.PORT_HTTPS || '3001')
+  const httpsServer = https.createServer(credentials, app)
 
-var privateKey = ''
-var certificate = ''
-var credentials = {}
+  httpsServer.listen(httpsPort)
+  httpsServer.on('error', error => onError(error, httpsPort))
+  httpsServer.on('listening', _ => onListening(httpsServer))
 
-if (shouldUseHTTPS) {
-  privateKey = fs.readFileSync('/etc/letsencrypt/live/rooster.hetmml.nl/privkey.pem', 'utf8')
-  certificate = fs.readFileSync('/etc/letsencrypt/live/rooster.hetmml.nl/fullchain.pem', 'utf8')
-  credentials = {key: privateKey, cert: certificate}
+  app.set('port', httpsPort)
 }
 
-/**
- * Get port from environment and store in Express.
- */
-
-var port = normalizePort(process.env.PORT || '3000')
-var httpsPort
-if (shouldUseHTTPS) httpsPort = normalizePort(process.env.PORT_HTTPS || '3001')
-app.set('port', port)
+function setupHTTPSRedirect () {
+  const httpPort = normalizePort(process.env.PORT || '3000')
+  const httpServer = http.createServer(redirectToHTTPS)
 
-/**
- * Create HTTP server.
- */
-
-var server = http.createServer(app)
-var httpsServer
-if (shouldUseHTTPS) httpsServer = https.createServer(credentials, app)
+  httpServer.listen(httpPort)
+  httpServer.on('error', error => onError(error, httpPort))
+  httpServer.on('listening', _ => onListening(httpServer))
+}
 
-/**
- * Listen on provided port, on all network interfaces.
- */
+function setupHTTP () {
+  const httpPort = normalizePort(process.env.PORT || '3000')
+  const httpServer = http.createServer(app)
 
-server.listen(port)
-server.on('error', onError)
-server.on('listening', onListening)
-if (shouldUseHTTPS) {
-  httpsServer.listen(httpsPort)
-  httpsServer.on('error', onError)
-  httpsServer.on('listening', onListening)
+  httpServer.listen(httpPort)
+  httpServer.on('error', error => onError(error, httpPort))
+  httpServer.on('listening', _ => onListening(httpServer))
 }
 
-/**
- * Normalize a port into a number, string, or false.
- */
-
 function normalizePort (val) {
-  var port = parseInt(val, 10)
+  const port = parseInt(val, 10)
 
   if (isNaN(port)) {
     // named pipe
@@ -77,16 +54,12 @@ function normalizePort (val) {
   return false
 }
 
-/**
- * Event listener for HTTP server "error" event.
- */
-
-function onError (error) {
+function onError (error, port) {
   if (error.syscall !== 'listen') {
     throw error
   }
 
-  var bind = typeof port === 'string'
+  const bind = typeof port === 'string'
     ? 'Pipe ' + port
     : 'Port ' + port
 
@@ -105,14 +78,35 @@ function onError (error) {
   }
 }
 
-/**
- * Event listener for HTTP server "listening" event.
- */
-
-function onListening () {
-  var addr = server.address()
-  var bind = typeof addr === 'string'
+function onListening (server) {
+  const addr = server.address()
+  const bind = typeof addr === 'string'
     ? 'pipe ' + addr
     : 'port ' + addr.port
-  debug('Listening on ' + bind)
+  console.log('Listening on ' + bind)
+}
+
+let useHTTPS = true
+try {
+  fs.accessSync('/etc/letsencrypt/live/rooster.hetmml.nl/privkey.pem')
+} catch (e) {
+  useHTTPS = false
+}
+
+if (useHTTPS) {
+  try {
+    setupHTTPS()
+    setupHTTPSRedirect()
+  } catch (e) {
+    console.warn('NOT USING HTTPS! Error occured while setting up HTTPS')
+    setupHTTP()
+  }
+} else {
+  console.warn('NOT USING HTTPS! Could not read /etc/letsencrypt/live/rooster.hetmml.nl/privkey.pem')
+  setupHTTP()
+}
+
+function redirectToHTTPS (req, res) {
+  res.writeHead(302, { 'Location': 'https://' + req.headers['host'] + req.url })
+  res.end()
 }
-- 
cgit v1.1