fix acme thing

c5af1036 · nanahira · 8b60f55e · c5af1036
Commit c5af1036 authored Apr 18, 2024 by nanahira
Hide whitespace changes
Inline Side-by-side

Showing with 22 additions and 15 deletions

src/acme.ts src/acme.ts +22 -15

No files found.
--- a/src/acme.ts
+++ b/src/acme.ts
-import { createServer, Server } from 'http';
+import { createServer } from 'http';
 import acme, { Client } from 'acme-client';
 import fs from 'fs';
+import path from 'path';

 let email: string;
 export const domainsToBeSigned: string[] = [];
@@ -35,6 +36,9 @@ export async function runSignCert() {
      // 404
      res.writeHead(404);
      res.end('Token not Found');
+      console.error(
+        `${req.socket.remoteAddress}: Invalid request for ${req.url}`,
+      );
      return;
    }
    const content = contentMap.get(token);
@@ -42,18 +46,30 @@ export async function runSignCert() {
      // 404
      res.writeHead(404);
      res.end('Content not Found');
+      console.error(
+        `${req.socket.remoteAddress}: Token not found for ${token}`,
+      );
      return;
    }
    res.writeHead(200);
+    console.error(
+      `${req.socket.remoteAddress}: Serving token for ${token}: ${content}`,
+    );
    res.end(content);
  }).listen(80);
-  await fs.promises.mkdir('/etc/nginx/acme', { recursive: true });
+  const certDir = `/etc/nginx/certs/${domainsToBeSigned[0]}`;
+  const accountFile = path.join(certDir, 'account.pem');
+  const fullchainFile = path.join(certDir, 'fullchain.pem');
+  const privkeyFile = path.join(certDir, 'privkey.pem');
+  await fs.promises.mkdir(certDir, {
+    recursive: true,
+  });
  let accountKey: Buffer;
  try {
-    accountKey = await fs.promises.readFile('/etc/nginx/acme/account.pem');
+    accountKey = await fs.promises.readFile(accountFile);
  } catch (e) {
    accountKey = await acme.forge.createPrivateKey();
-    await fs.promises.writeFile('/etc/nginx/acme/account.pem', accountKey);
+    await fs.promises.writeFile(accountFile, accountKey);
  }
  const acmeClient = new Client({
    directoryUrl: acme.directory.letsencrypt.production,
@@ -82,17 +98,8 @@ export async function runSignCert() {
    });
    console.error('Certificate signed');
    // save certificate as fullchain.pem and key as privkey.pem
-    await fs.promises.mkdir(`/etc/nginx/certs/${domainsToBeSigned[0]}`, {
-      recursive: true,
-    });
-    await fs.promises.writeFile(
-      `/etc/nginx/certs/${domainsToBeSigned[0]}/fullchain.pem`,
-      certificate,
-    );
-    await fs.promises.writeFile(
-      `/etc/nginx/certs/${domainsToBeSigned[0]}/privkey.pem`,
-      certificateKey,
-    );
+    await fs.promises.writeFile(fullchainFile, certificate);
+    await fs.promises.writeFile(privkeyFile, certificateKey);
  } catch (e) {
    console.error(
      `Failed to sign certificate for ${domainsToBeSigned.join(', ')}: ${