Hosterra/domain-forward
Hosterra/domain-forward
1
1
Fork 0
Code Issues Pull requests Releases 1 Activity

Fix main process detect, refine lock, remove axios

Browse source
This commit is contained in:
Wildan M 2023-04-24 05:51:47 +07:00
commit 07de2fab78
8 changed files with 87 additions and 190 deletions
Download patch file Download diff file Expand all files Collapse all files

5
index.js
View file

@ -1,12 +1,11 @@
import { config } from "dotenv"; import { config } from "dotenv";
import http from "http"; import http from "http";
import listener from "./src/client.js"; import listener from "./src/client.js";
import { fileURLToPath } from "url"; import { isMainProcess } from "./src/util.js";
// development endpoint (use ngrok) // development endpoint (use ngrok)
const server = http.createServer(listener); const server = http.createServer(listener);
if (isMainProcess(import.meta.url)) {
if (process.argv[1] === fileURLToPath(import.meta.url)) {
config(); config();
const port = parseInt(process.env.HTTP_PORT || "3000"); const port = parseInt(process.env.HTTP_PORT || "3000");
server.listen(port, function () { server.listen(port, function () {

167
package-lock.json generated
View file

@ -11,13 +11,15 @@
"dependencies": { "dependencies": {
"async-lock": "^1.4.0", "async-lock": "^1.4.0",
"await-lock": "^2.2.2", "await-lock": "^2.2.2",
"axios": "^1.3.6",
"dotenv": "^16.0.3", "dotenv": "^16.0.3",
"jose": "^3.20.4", "jose": "^3.20.4",
"pem": "^1.14.7" "pem": "^1.14.7"
}, },
"devDependencies": { "devDependencies": {
"pm2": "^5.3.0" "pm2": "^5.3.0"
},
"engines": {
"node": ">=16.0.0"
} }
}, },
"node_modules/@opencensus/core": { "node_modules/@opencensus/core": {
@ -192,15 +194,6 @@
"lodash": "^4.17.14" "lodash": "^4.17.14"
} }
}, },
"node_modules/@pm2/js-api/node_modules/axios": {
"version": "0.21.4",
"resolved": "https://registry.npmjs.org/axios/-/axios-0.21.4.tgz",
"integrity": "sha512-ut5vewkiu8jjGBdqpM44XxjuCjq9LAKeHVmoVfHVzy8eHgxxq8SbAVQNovDA8mVi05kP0Ea/n/UzcSHcTJQfNg==",
"dev": true,
"dependencies": {
"follow-redirects": "^1.14.0"
}
},
"node_modules/@pm2/js-api/node_modules/eventemitter2": { "node_modules/@pm2/js-api/node_modules/eventemitter2": {
"version": "6.4.9", "version": "6.4.9",
"resolved": "https://registry.npmjs.org/eventemitter2/-/eventemitter2-6.4.9.tgz", "resolved": "https://registry.npmjs.org/eventemitter2/-/eventemitter2-6.4.9.tgz",
@ -376,24 +369,18 @@
"resolved": "https://registry.npmjs.org/async-lock/-/async-lock-1.4.0.tgz", "resolved": "https://registry.npmjs.org/async-lock/-/async-lock-1.4.0.tgz",
"integrity": "sha512-coglx5yIWuetakm3/1dsX9hxCNox22h7+V80RQOu2XUUMidtArxKoZoOtHUPuR84SycKTXzgGzAUR5hJxujyJQ==" "integrity": "sha512-coglx5yIWuetakm3/1dsX9hxCNox22h7+V80RQOu2XUUMidtArxKoZoOtHUPuR84SycKTXzgGzAUR5hJxujyJQ=="
}, },
"node_modules/asynckit": {
"version": "0.4.0",
"resolved": "https://registry.npmjs.org/asynckit/-/asynckit-0.4.0.tgz",
"integrity": "sha512-Oei9OH4tRh0YqU3GxhX79dM/mwVgvbZJaSNaRk+bshkj0S5cfHcgYakreBjrHwatXKbz+IoIdYLxrKim2MjW0Q=="
},
"node_modules/await-lock": { "node_modules/await-lock": {
"version": "2.2.2", "version": "2.2.2",
"resolved": "https://registry.npmjs.org/await-lock/-/await-lock-2.2.2.tgz", "resolved": "https://registry.npmjs.org/await-lock/-/await-lock-2.2.2.tgz",
"integrity": "sha512-aDczADvlvTGajTDjcjpJMqRkOF6Qdz3YbPZm/PyW6tKPkx2hlYBzxMhEywM/tU72HrVZjgl5VCdRuMlA7pZ8Gw==" "integrity": "sha512-aDczADvlvTGajTDjcjpJMqRkOF6Qdz3YbPZm/PyW6tKPkx2hlYBzxMhEywM/tU72HrVZjgl5VCdRuMlA7pZ8Gw=="
}, },
"node_modules/axios": { "node_modules/axios": {
"version": "1.3.6", "version": "0.21.4",
"resolved": "https://registry.npmjs.org/axios/-/axios-1.3.6.tgz", "resolved": "https://registry.npmjs.org/axios/-/axios-0.21.4.tgz",
"integrity": "sha512-PEcdkk7JcdPiMDkvM4K6ZBRYq9keuVJsToxm2zQIM70Qqo2WHTdJZMXcG9X+RmRp2VPNUQC8W1RAGbgt6b1yMg==", "integrity": "sha512-ut5vewkiu8jjGBdqpM44XxjuCjq9LAKeHVmoVfHVzy8eHgxxq8SbAVQNovDA8mVi05kP0Ea/n/UzcSHcTJQfNg==",
"dev": true,
"dependencies": { "dependencies": {
"follow-redirects": "^1.15.0", "follow-redirects": "^1.14.0"
"form-data": "^4.0.0",
"proxy-from-env": "^1.1.0"
} }
}, },
"node_modules/balanced-match": { "node_modules/balanced-match": {
@ -550,17 +537,6 @@
"integrity": "sha512-dOy+3AuW3a2wNbZHIuMZpTcgjGuLU/uBL/ubcZF9OXbDo8ff4O8yVp5Bf0efS8uEoYo5q4Fx7dY9OgQGXgAsQA==", "integrity": "sha512-dOy+3AuW3a2wNbZHIuMZpTcgjGuLU/uBL/ubcZF9OXbDo8ff4O8yVp5Bf0efS8uEoYo5q4Fx7dY9OgQGXgAsQA==",
"dev": true "dev": true
}, },
"node_modules/combined-stream": {
"version": "1.0.8",
"resolved": "https://registry.npmjs.org/combined-stream/-/combined-stream-1.0.8.tgz",
"integrity": "sha512-FQN4MRfuJeHf7cBbBMJFXhKSDq+2kAArBlmRBvcvFE5BB1HZKXtSFASDhdlz9zOYwxh8lDdnvmMOe/+5cdoEdg==",
"dependencies": {
"delayed-stream": "~1.0.0"
},
"engines": {
"node": ">= 0.8"
}
},
"node_modules/commander": { "node_modules/commander": {
"version": "2.15.1", "version": "2.15.1",
"resolved": "https://registry.npmjs.org/commander/-/commander-2.15.1.tgz", "resolved": "https://registry.npmjs.org/commander/-/commander-2.15.1.tgz",
@ -648,28 +624,20 @@
"dev": true "dev": true
}, },
"node_modules/degenerator": { "node_modules/degenerator": {
"version": "3.0.3", "version": "3.0.4",
"resolved": "https://registry.npmjs.org/degenerator/-/degenerator-3.0.3.tgz", "resolved": "https://registry.npmjs.org/degenerator/-/degenerator-3.0.4.tgz",
"integrity": "sha512-FTq/qYMeBJACu1gHcXJvzsRBTK6aw5zWCYbEnIOyamOt5UJufWJRQ5XfDb6OuayfJWvmWAHgcZyt43vm/hbj7g==", "integrity": "sha512-Z66uPeBfHZAHVmue3HPfyKu2Q0rC2cRxbTOsvmU/po5fvvcx27W4mIu9n0PUlQih4oUYvcG1BsbtVv8x7KDOSw==",
"dev": true, "dev": true,
"dependencies": { "dependencies": {
"ast-types": "^0.13.2", "ast-types": "^0.13.2",
"escodegen": "^1.8.1", "escodegen": "^1.8.1",
"esprima": "^4.0.0", "esprima": "^4.0.0",
"vm2": "^3.9.11" "vm2": "^3.9.17"
}, },
"engines": { "engines": {
"node": ">= 6" "node": ">= 6"
} }
}, },
"node_modules/delayed-stream": {
"version": "1.0.0",
"resolved": "https://registry.npmjs.org/delayed-stream/-/delayed-stream-1.0.0.tgz",
"integrity": "sha512-ZySD7Nf91aLB0RxL4KGrKHBXl7Eds1DAmEdcoVawXnLD7SDhpNgtuII2aAkg7a7QS41jxPSZ17p4VdGnMHk3MQ==",
"engines": {
"node": ">=0.4.0"
}
},
"node_modules/depd": { "node_modules/depd": {
"version": "2.0.0", "version": "2.0.0",
"resolved": "https://registry.npmjs.org/depd/-/depd-2.0.0.tgz", "resolved": "https://registry.npmjs.org/depd/-/depd-2.0.0.tgz",
@ -830,6 +798,7 @@
"version": "1.15.2", "version": "1.15.2",
"resolved": "https://registry.npmjs.org/follow-redirects/-/follow-redirects-1.15.2.tgz", "resolved": "https://registry.npmjs.org/follow-redirects/-/follow-redirects-1.15.2.tgz",
"integrity": "sha512-VQLG33o04KaQ8uYi2tVNbdrWp1QWxNNea+nmIB4EVM28v0hmP17z7aG1+wAkNzVq4KeXTq3221ye5qTJP91JwA==", "integrity": "sha512-VQLG33o04KaQ8uYi2tVNbdrWp1QWxNNea+nmIB4EVM28v0hmP17z7aG1+wAkNzVq4KeXTq3221ye5qTJP91JwA==",
"dev": true,
"funding": [ "funding": [
{ {
"type": "individual", "type": "individual",
@ -845,19 +814,6 @@
} }
} }
}, },
"node_modules/form-data": {
"version": "4.0.0",
"resolved": "https://registry.npmjs.org/form-data/-/form-data-4.0.0.tgz",
"integrity": "sha512-ETEklSGi5t0QMZuiXoA/Q6vcnxcLQP5vdugSpuAyi6SVGi2clPPp+xgEhuMaHC+zGgn31Kd235W35f7Hykkaww==",
"dependencies": {
"asynckit": "^0.4.0",
"combined-stream": "^1.0.8",
"mime-types": "^2.1.12"
},
"engines": {
"node": ">= 6"
}
},
"node_modules/fs-extra": { "node_modules/fs-extra": {
"version": "8.1.0", "version": "8.1.0",
"resolved": "https://registry.npmjs.org/fs-extra/-/fs-extra-8.1.0.tgz", "resolved": "https://registry.npmjs.org/fs-extra/-/fs-extra-8.1.0.tgz",
@ -1244,25 +1200,6 @@
"is-buffer": "~1.1.6" "is-buffer": "~1.1.6"
} }
}, },
"node_modules/mime-db": {
"version": "1.52.0",
"resolved": "https://registry.npmjs.org/mime-db/-/mime-db-1.52.0.tgz",
"integrity": "sha512-sPU4uV7dYlvtWJxwwxHD0PuihVNiE7TyAbQ5SWxDCB9mUYvOgroQOwYQQOKPJ8CIbE+1ETVlOoK1UC2nU3gYvg==",
"engines": {
"node": ">= 0.6"
}
},
"node_modules/mime-types": {
"version": "2.1.35",
"resolved": "https://registry.npmjs.org/mime-types/-/mime-types-2.1.35.tgz",
"integrity": "sha512-ZDY+bPm5zTTF+YpCrAU9nK0UgICYPT0QtT1NZWFv4s++TNkcgVaT0g6+4R2uI4MjQjzysHB1zxuWL50hzaeXiw==",
"dependencies": {
"mime-db": "1.52.0"
},
"engines": {
"node": ">= 0.6"
}
},
"node_modules/minimatch": { "node_modules/minimatch": {
"version": "3.1.2", "version": "3.1.2",
"resolved": "https://registry.npmjs.org/minimatch/-/minimatch-3.1.2.tgz", "resolved": "https://registry.npmjs.org/minimatch/-/minimatch-3.1.2.tgz",
@ -1660,7 +1597,8 @@
"node_modules/proxy-from-env": { "node_modules/proxy-from-env": {
"version": "1.1.0", "version": "1.1.0",
"resolved": "https://registry.npmjs.org/proxy-from-env/-/proxy-from-env-1.1.0.tgz", "resolved": "https://registry.npmjs.org/proxy-from-env/-/proxy-from-env-1.1.0.tgz",
"integrity": "sha512-D+zkORCbA9f1tdWRK0RaCR3GPv50cMxcrz4X8k5LTSUD1Dkw47mKJEZQNunItRTkWwgtaUSo1RVFRIG9ZXiFYg==" "integrity": "sha512-D+zkORCbA9f1tdWRK0RaCR3GPv50cMxcrz4X8k5LTSUD1Dkw47mKJEZQNunItRTkWwgtaUSo1RVFRIG9ZXiFYg==",
"dev": true
}, },
"node_modules/raw-body": { "node_modules/raw-body": {
"version": "2.5.2", "version": "2.5.2",
@ -2339,15 +2277,6 @@
"lodash": "^4.17.14" "lodash": "^4.17.14"
} }
}, },
"axios": {
"version": "0.21.4",
"resolved": "https://registry.npmjs.org/axios/-/axios-0.21.4.tgz",
"integrity": "sha512-ut5vewkiu8jjGBdqpM44XxjuCjq9LAKeHVmoVfHVzy8eHgxxq8SbAVQNovDA8mVi05kP0Ea/n/UzcSHcTJQfNg==",
"dev": true,
"requires": {
"follow-redirects": "^1.14.0"
}
},
"eventemitter2": { "eventemitter2": {
"version": "6.4.9", "version": "6.4.9",
"resolved": "https://registry.npmjs.org/eventemitter2/-/eventemitter2-6.4.9.tgz", "resolved": "https://registry.npmjs.org/eventemitter2/-/eventemitter2-6.4.9.tgz",
@ -2495,24 +2424,18 @@
"resolved": "https://registry.npmjs.org/async-lock/-/async-lock-1.4.0.tgz", "resolved": "https://registry.npmjs.org/async-lock/-/async-lock-1.4.0.tgz",
"integrity": "sha512-coglx5yIWuetakm3/1dsX9hxCNox22h7+V80RQOu2XUUMidtArxKoZoOtHUPuR84SycKTXzgGzAUR5hJxujyJQ==" "integrity": "sha512-coglx5yIWuetakm3/1dsX9hxCNox22h7+V80RQOu2XUUMidtArxKoZoOtHUPuR84SycKTXzgGzAUR5hJxujyJQ=="
}, },
"asynckit": {
"version": "0.4.0",
"resolved": "https://registry.npmjs.org/asynckit/-/asynckit-0.4.0.tgz",
"integrity": "sha512-Oei9OH4tRh0YqU3GxhX79dM/mwVgvbZJaSNaRk+bshkj0S5cfHcgYakreBjrHwatXKbz+IoIdYLxrKim2MjW0Q=="
},
"await-lock": { "await-lock": {
"version": "2.2.2", "version": "2.2.2",
"resolved": "https://registry.npmjs.org/await-lock/-/await-lock-2.2.2.tgz", "resolved": "https://registry.npmjs.org/await-lock/-/await-lock-2.2.2.tgz",
"integrity": "sha512-aDczADvlvTGajTDjcjpJMqRkOF6Qdz3YbPZm/PyW6tKPkx2hlYBzxMhEywM/tU72HrVZjgl5VCdRuMlA7pZ8Gw==" "integrity": "sha512-aDczADvlvTGajTDjcjpJMqRkOF6Qdz3YbPZm/PyW6tKPkx2hlYBzxMhEywM/tU72HrVZjgl5VCdRuMlA7pZ8Gw=="
}, },
"axios": { "axios": {
"version": "1.3.6", "version": "0.21.4",
"resolved": "https://registry.npmjs.org/axios/-/axios-1.3.6.tgz", "resolved": "https://registry.npmjs.org/axios/-/axios-0.21.4.tgz",
"integrity": "sha512-PEcdkk7JcdPiMDkvM4K6ZBRYq9keuVJsToxm2zQIM70Qqo2WHTdJZMXcG9X+RmRp2VPNUQC8W1RAGbgt6b1yMg==", "integrity": "sha512-ut5vewkiu8jjGBdqpM44XxjuCjq9LAKeHVmoVfHVzy8eHgxxq8SbAVQNovDA8mVi05kP0Ea/n/UzcSHcTJQfNg==",
"dev": true,
"requires": { "requires": {
"follow-redirects": "^1.15.0", "follow-redirects": "^1.14.0"
"form-data": "^4.0.0",
"proxy-from-env": "^1.1.0"
} }
}, },
"balanced-match": { "balanced-match": {
@ -2631,14 +2554,6 @@
"integrity": "sha512-dOy+3AuW3a2wNbZHIuMZpTcgjGuLU/uBL/ubcZF9OXbDo8ff4O8yVp5Bf0efS8uEoYo5q4Fx7dY9OgQGXgAsQA==", "integrity": "sha512-dOy+3AuW3a2wNbZHIuMZpTcgjGuLU/uBL/ubcZF9OXbDo8ff4O8yVp5Bf0efS8uEoYo5q4Fx7dY9OgQGXgAsQA==",
"dev": true "dev": true
}, },
"combined-stream": {
"version": "1.0.8",
"resolved": "https://registry.npmjs.org/combined-stream/-/combined-stream-1.0.8.tgz",
"integrity": "sha512-FQN4MRfuJeHf7cBbBMJFXhKSDq+2kAArBlmRBvcvFE5BB1HZKXtSFASDhdlz9zOYwxh8lDdnvmMOe/+5cdoEdg==",
"requires": {
"delayed-stream": "~1.0.0"
}
},
"commander": { "commander": {
"version": "2.15.1", "version": "2.15.1",
"resolved": "https://registry.npmjs.org/commander/-/commander-2.15.1.tgz", "resolved": "https://registry.npmjs.org/commander/-/commander-2.15.1.tgz",
@ -2712,22 +2627,17 @@
"dev": true "dev": true
}, },
"degenerator": { "degenerator": {
"version": "3.0.3", "version": "3.0.4",
"resolved": "https://registry.npmjs.org/degenerator/-/degenerator-3.0.3.tgz", "resolved": "https://registry.npmjs.org/degenerator/-/degenerator-3.0.4.tgz",
"integrity": "sha512-FTq/qYMeBJACu1gHcXJvzsRBTK6aw5zWCYbEnIOyamOt5UJufWJRQ5XfDb6OuayfJWvmWAHgcZyt43vm/hbj7g==", "integrity": "sha512-Z66uPeBfHZAHVmue3HPfyKu2Q0rC2cRxbTOsvmU/po5fvvcx27W4mIu9n0PUlQih4oUYvcG1BsbtVv8x7KDOSw==",
"dev": true, "dev": true,
"requires": { "requires": {
"ast-types": "^0.13.2", "ast-types": "^0.13.2",
"escodegen": "^1.8.1", "escodegen": "^1.8.1",
"esprima": "^4.0.0", "esprima": "^4.0.0",
"vm2": "^3.9.11" "vm2": "^3.9.17"
} }
}, },
"delayed-stream": {
"version": "1.0.0",
"resolved": "https://registry.npmjs.org/delayed-stream/-/delayed-stream-1.0.0.tgz",
"integrity": "sha512-ZySD7Nf91aLB0RxL4KGrKHBXl7Eds1DAmEdcoVawXnLD7SDhpNgtuII2aAkg7a7QS41jxPSZ17p4VdGnMHk3MQ=="
},
"depd": { "depd": {
"version": "2.0.0", "version": "2.0.0",
"resolved": "https://registry.npmjs.org/depd/-/depd-2.0.0.tgz", "resolved": "https://registry.npmjs.org/depd/-/depd-2.0.0.tgz",
@ -2841,17 +2751,8 @@
"follow-redirects": { "follow-redirects": {
"version": "1.15.2", "version": "1.15.2",
"resolved": "https://registry.npmjs.org/follow-redirects/-/follow-redirects-1.15.2.tgz", "resolved": "https://registry.npmjs.org/follow-redirects/-/follow-redirects-1.15.2.tgz",
"integrity": "sha512-VQLG33o04KaQ8uYi2tVNbdrWp1QWxNNea+nmIB4EVM28v0hmP17z7aG1+wAkNzVq4KeXTq3221ye5qTJP91JwA==" "integrity": "sha512-VQLG33o04KaQ8uYi2tVNbdrWp1QWxNNea+nmIB4EVM28v0hmP17z7aG1+wAkNzVq4KeXTq3221ye5qTJP91JwA==",
}, "dev": true
"form-data": {
"version": "4.0.0",
"resolved": "https://registry.npmjs.org/form-data/-/form-data-4.0.0.tgz",
"integrity": "sha512-ETEklSGi5t0QMZuiXoA/Q6vcnxcLQP5vdugSpuAyi6SVGi2clPPp+xgEhuMaHC+zGgn31Kd235W35f7Hykkaww==",
"requires": {
"asynckit": "^0.4.0",
"combined-stream": "^1.0.8",
"mime-types": "^2.1.12"
}
}, },
"fs-extra": { "fs-extra": {
"version": "8.1.0", "version": "8.1.0",
@ -3169,19 +3070,6 @@
"is-buffer": "~1.1.6" "is-buffer": "~1.1.6"
} }
}, },
"mime-db": {
"version": "1.52.0",
"resolved": "https://registry.npmjs.org/mime-db/-/mime-db-1.52.0.tgz",
"integrity": "sha512-sPU4uV7dYlvtWJxwwxHD0PuihVNiE7TyAbQ5SWxDCB9mUYvOgroQOwYQQOKPJ8CIbE+1ETVlOoK1UC2nU3gYvg=="
},
"mime-types": {
"version": "2.1.35",
"resolved": "https://registry.npmjs.org/mime-types/-/mime-types-2.1.35.tgz",
"integrity": "sha512-ZDY+bPm5zTTF+YpCrAU9nK0UgICYPT0QtT1NZWFv4s++TNkcgVaT0g6+4R2uI4MjQjzysHB1zxuWL50hzaeXiw==",
"requires": {
"mime-db": "1.52.0"
}
},
"minimatch": { "minimatch": {
"version": "3.1.2", "version": "3.1.2",
"resolved": "https://registry.npmjs.org/minimatch/-/minimatch-3.1.2.tgz", "resolved": "https://registry.npmjs.org/minimatch/-/minimatch-3.1.2.tgz",
@ -3505,7 +3393,8 @@
"proxy-from-env": { "proxy-from-env": {
"version": "1.1.0", "version": "1.1.0",
"resolved": "https://registry.npmjs.org/proxy-from-env/-/proxy-from-env-1.1.0.tgz", "resolved": "https://registry.npmjs.org/proxy-from-env/-/proxy-from-env-1.1.0.tgz",
"integrity": "sha512-D+zkORCbA9f1tdWRK0RaCR3GPv50cMxcrz4X8k5LTSUD1Dkw47mKJEZQNunItRTkWwgtaUSo1RVFRIG9ZXiFYg==" "integrity": "sha512-D+zkORCbA9f1tdWRK0RaCR3GPv50cMxcrz4X8k5LTSUD1Dkw47mKJEZQNunItRTkWwgtaUSo1RVFRIG9ZXiFYg==",
"dev": true
}, },
"raw-body": { "raw-body": {
"version": "2.5.2", "version": "2.5.2",

1
package.json
View file

@ -19,7 +19,6 @@
"dependencies": { "dependencies": {
"async-lock": "^1.4.0", "async-lock": "^1.4.0",
"await-lock": "^2.2.2", "await-lock": "^2.2.2",
"axios": "^1.3.6",
"dotenv": "^16.0.3", "dotenv": "^16.0.3",
"jose": "^3.20.4", "jose": "^3.20.4",
"pem": "^1.14.7" "pem": "^1.14.7"

32
src/certnode/lib/common.js
View file

@ -1,24 +1,24 @@
import crypto from "crypto"; import crypto from "crypto";
import fs from "fs"; import fs from "fs";
const ACCOUNT_KEY_ALGORITHM = 'ES256'; export const ACCOUNT_KEY_ALGORITHM = 'ES256';
const CERTIFICATE_KEY_ALGORITHM = 'RS256'; export const CERTIFICATE_KEY_ALGORITHM = 'RS256';
const env = (process.env.NODE_ENV || '').trim().toLowerCase(); const env = (process.env.NODE_ENV || '').trim().toLowerCase();
const DIRECTORY_URL = ['development', 'test'].includes(env) export const DIRECTORY_URL = ['development', 'test'].includes(env)
? 'https://acme-staging-v02.api.letsencrypt.org/directory' ? 'https://acme-staging-v02.api.letsencrypt.org/directory'
: 'https://acme-v02.api.letsencrypt.org/directory'; : 'https://acme-v02.api.letsencrypt.org/directory';
const PRIVATE_KEY_CIPHER = 'aes-256-cbc'; export const PRIVATE_KEY_CIPHER = 'aes-256-cbc';
const PRIVATE_KEY_FORMAT = 'pem'; export const PRIVATE_KEY_FORMAT = 'pem';
const PRIVATE_KEY_PERMISSIONS = 0o600; export const PRIVATE_KEY_PERMISSIONS = 0o600;
const PRIVATE_KEY_TYPE = 'pkcs8'; export const PRIVATE_KEY_TYPE = 'pkcs8';
const PUBLIC_KEY_FORMAT = 'pem'; export const PUBLIC_KEY_FORMAT = 'pem';
const PUBLIC_KEY_PERMISSIONS = 0o666; export const PUBLIC_KEY_PERMISSIONS = 0o666;
const PUBLIC_KEY_TYPE = 'spki'; export const PUBLIC_KEY_TYPE = 'spki';
/** /**
* @param {crypto.KeyObject} privateKey * @param {crypto.KeyObject} privateKey
* @param {String} [passphrase] * @param {String} [passphrase]
* *
*/ */
const exportPrivateKey = (privateKey, passphrase) => { export const exportPrivateKey = (privateKey, passphrase) => {
/** @type {crypto.KeyExportOptions<'pem'>} */ /** @type {crypto.KeyExportOptions<'pem'>} */
const privateKeyOpts = { const privateKeyOpts = {
type: PRIVATE_KEY_TYPE, type: PRIVATE_KEY_TYPE,
@ -33,7 +33,7 @@ const exportPrivateKey = (privateKey, passphrase) => {
/** /**
* @param {crypto.KeyObject} publicKey * @param {crypto.KeyObject} publicKey
*/ */
const exportPublicKey = publicKey => { export const exportPublicKey = publicKey => {
/** @type {crypto.KeyExportOptions<'pem'>} */ /** @type {crypto.KeyExportOptions<'pem'>} */
return publicKey.export({ return publicKey.export({
type: PUBLIC_KEY_TYPE, type: PUBLIC_KEY_TYPE,
@ -46,7 +46,7 @@ const exportPublicKey = publicKey => {
* *
* @return {crypto.KeyObject} * @return {crypto.KeyObject}
*/ */
const importPrivateKey = (privateKeyData, passphrase) => { export const importPrivateKey = (privateKeyData, passphrase) => {
/** @type {crypto.PrivateKeyInput} */ /** @type {crypto.PrivateKeyInput} */
const privateKeyOpts = { const privateKeyOpts = {
key: privateKeyData, key: privateKeyData,
@ -68,7 +68,7 @@ const importPrivateKey = (privateKeyData, passphrase) => {
* *
* @return {crypto.KeyObject} * @return {crypto.KeyObject}
*/ */
const importPublicKey = publicKeyData => { export const importPublicKey = publicKeyData => {
try { try {
return crypto.createPublicKey({ return crypto.createPublicKey({
key: publicKeyData, key: publicKeyData,
@ -87,7 +87,7 @@ const importPublicKey = publicKeyData => {
* *
* @return {Promise} * @return {Promise}
*/ */
const writeKeyToFile = async (filename, key, passphrase) => { export const writeKeyToFile = async (filename, key, passphrase) => {
if (typeof key === 'string') { if (typeof key === 'string') {
key = key.includes('PRIVATE KEY') key = key.includes('PRIVATE KEY')
? importPrivateKey(key, passphrase) ? importPrivateKey(key, passphrase)
@ -103,4 +103,4 @@ const writeKeyToFile = async (filename, key, passphrase) => {
const mode = isPrivateKey ? PRIVATE_KEY_PERMISSIONS : PUBLIC_KEY_PERMISSIONS; const mode = isPrivateKey ? PRIVATE_KEY_PERMISSIONS : PUBLIC_KEY_PERMISSIONS;
await fs.promises.writeFile(filename, keyData, { mode }); await fs.promises.writeFile(filename, keyData, { mode });
}; };
export { ACCOUNT_KEY_ALGORITHM, CERTIFICATE_KEY_ALGORITHM, DIRECTORY_URL, PRIVATE_KEY_CIPHER, PRIVATE_KEY_FORMAT, PRIVATE_KEY_PERMISSIONS, PRIVATE_KEY_TYPE, PUBLIC_KEY_FORMAT, PUBLIC_KEY_PERMISSIONS, PUBLIC_KEY_TYPE, env, exportPrivateKey, exportPublicKey, importPrivateKey, importPublicKey, writeKeyToFile };

10
src/certnode/lib/request.js
View file

@ -1,5 +1,11 @@
import https from "https"; import https from "https";
const request = (/** @type {string | import("url").URL} */ url, /** @type {https.RequestOptions&{data?: string}} */ { data = '', ...options } = {}, /** @type {() => any} */ cb) => { /**
* @param {string | URL} url
* @param {import('https').RequestOptions & {data?: string}} [options]
* @param {() => void} [cb]
* @return {Promise<{data: any, headers: import('http').IncomingHttpHeaders, statusCode: number}>}
*/
const request = (url, { data = '', ...options } = {}, cb) => {
return new Promise((resolve, reject) => { return new Promise((resolve, reject) => {
try { try {
url = new URL(url); url = new URL(url);
@ -24,7 +30,7 @@ const request = (/** @type {string | import("url").URL} */ url, /** @type {https
return; return;
} }
} }
resolve({ data, headers, statusCode }); resolve({ data, headers, statusCode: statusCode || 0 });
}) })
.once('error', reject); .once('error', reject);
}) })

20
src/sni.js
View file

@ -56,6 +56,8 @@ async function buildCache(host) {
}; };
} }
catch (error) { catch (error) {
// only one process can generate certificate at a time
return await lock.acquire('cert', async () => {
const { certificate, privateKeyData } = await client.generateCertificate(host); const { certificate, privateKeyData } = await client.generateCertificate(host);
await fs.promises.writeFile(certP, certificate); await fs.promises.writeFile(certP, certificate);
await writeKeyToFile(keyP, privateKeyData, ''); await writeKeyToFile(keyP, privateKeyData, '');
@ -66,31 +68,21 @@ async function buildCache(host) {
key: privateKeyData, key: privateKeyData,
expire expire
}; };
});
} }
} }
/** /**
* @param {string} servername * @param {string} servername
* @param {AsyncLock} lock
*/ */
async function getKeyCert(servername, lock) { async function getKeyCert(servername) {
// Had to use lock because the best authenticator // Had to use lock because the best authenticator
// library seems don't yet fully stateless. // library seems don't yet fully stateless.
servername = servername.toLowerCase(); servername = servername.toLowerCase();
let cache = resolveCache[servername]; let cache = resolveCache[servername];
await ensureDir(certsDir); await ensureDir(certsDir);
if (!cache || (Date.now() > cache.expire)) { if (!cache || (Date.now() > cache.expire)) {
cache = await lock.acquire(servername, (cb) => { cache = await buildCache(servername);
if (!resolveCache[servername] || (Date.now() > resolveCache[servername].expire)) {
buildCache(servername).then((cache) => {
resolveCache[servername] = cache; resolveCache[servername] = cache;
cb(null, cache);
}).catch((error) => {
cb(error, undefined);
});
} else {
cb(null, resolveCache[servername]);
}
});
} }
return { return {
key: cache.key, key: cache.key,
@ -104,7 +96,7 @@ async function getKeyCert(servername, lock) {
async function SniListener(servername, ctx) { async function SniListener(servername, ctx) {
// Generate fresh account keys for Let's Encrypt // Generate fresh account keys for Let's Encrypt
try { try {
ctx(null, tls.createSecureContext(await getKeyCert(servername, lock))); ctx(null, tls.createSecureContext(await getKeyCert(servername)));
} }
catch (error) { catch (error) {
console.log(error); console.log(error);

16
src/util.js
View file

@ -1,6 +1,7 @@
import { default as axios } from "axios"; import request from "./certnode/lib/request.js";
import crypto from "crypto"; import crypto from "crypto";
import fs from "fs"; import fs from "fs";
import { fileURLToPath } from "url";
const recordParamDestUrl = 'forward-domain'; const recordParamDestUrl = 'forward-domain';
const recordParamHttpStatus = 'http-status'; const recordParamHttpStatus = 'http-status';
@ -59,7 +60,7 @@ const parseTxtRecordData = (value) => {
* @return {Promise<{url: string, httpStatus?: string} | null>} * @return {Promise<{url: string, httpStatus?: string} | null>}
*/ */
export async function findTxtRecord(host) { export async function findTxtRecord(host) {
const resolve = await axios(`https://dns.google/resolve?name=_.${encodeURIComponent(host)}&type=TXT`); const resolve = await request(`https://dns.google/resolve?name=_.${encodeURIComponent(host)}&type=TXT`);
if (resolve.data.Answer) { if (resolve.data.Answer) {
for (const head of resolve.data.Answer) { for (const head of resolve.data.Answer) {
const txtData = parseTxtRecordData(head.data); const txtData = parseTxtRecordData(head.data);
@ -73,8 +74,19 @@ export async function findTxtRecord(host) {
return null; return null;
} }
/**
* @param {string} baseURL
* @param {string} relativeURL
*/
export function combineURLs(baseURL, relativeURL) { export function combineURLs(baseURL, relativeURL) {
return relativeURL return relativeURL
? baseURL.replace(/\/+$/, '') + '/' + relativeURL.replace(/^\/+/, '') ? baseURL.replace(/\/+$/, '') + '/' + relativeURL.replace(/^\/+/, '')
: baseURL; : baseURL;
} }
/**
* @param {string} metaURL
*/
export function isMainProcess(metaURL) {
return [process.argv[1], process.env.pm_exec_path].includes(fileURLToPath(metaURL));
}

4
stat.js
View file

@ -1,7 +1,7 @@
import { config } from "dotenv"; import { config } from "dotenv";
import { execSync } from "child_process"; import { execSync } from "child_process";
import http from "http"; import http from "http";
import { fileURLToPath } from "url"; import { isMainProcess } from "./src/util";
const updateStat = function () { const updateStat = function () {
// run npm stat // run npm stat
@ -58,7 +58,7 @@ const listener = async function (/** @type {import('http').IncomingMessage} */ r
const server = http.createServer(listener); const server = http.createServer(listener);
if (process.argv[1] === fileURLToPath(import.meta.url)) { if (isMainProcess(import.meta.url)) {
config(); config();
const port = parseInt(process.env.STAT_PORT || "3000"); const port = parseInt(process.env.STAT_PORT || "3000");
server.listen(port, function () { server.listen(port, function () {