From edddbbfc72e47d6e6681c52391489f177bed34db Mon Sep 17 00:00:00 2001 From: Magnus Henoch Date: Fri, 26 Aug 2016 18:41:37 +0100 Subject: [PATCH 1/3] Pass tls option to Hapi --- index.js | 3 ++- 1 file changed, 2 insertions(+), 1 deletion(-) diff --git a/index.js b/index.js index dab8ecb..8ff9c2b 100644 --- a/index.js +++ b/index.js @@ -11,7 +11,8 @@ nconf.argv().env().file({ file: 'local.json' }); var users = 0; -var server = Hapi.createServer(nconf.get('domain'), nconf.get('port')); +var hapiOptions = {tls: nconf.get('tls')}; +var server = Hapi.createServer(nconf.get('domain'), nconf.get('port'), hapiOptions); server.views({ engines: { jade: require('jade') From d05a227ddb127251204aa37256a5a40c66c876a7 Mon Sep 17 00:00:00 2001 From: Magnus Henoch Date: Sat, 27 Aug 2016 03:44:07 +0100 Subject: [PATCH 2/3] Read TLS private key and certificate from files If the 'tls' option contains the keys 'keyFile' and 'certFile', read the contents of those files and store it as 'key' and 'cert'. --- index.js | 12 +++++++++++- 1 file changed, 11 insertions(+), 1 deletion(-) diff --git a/index.js b/index.js index 8ff9c2b..dfa4d57 100644 --- a/index.js +++ b/index.js @@ -4,6 +4,7 @@ var Hapi = require('hapi'); var nconf = require('nconf'); var SocketIO = require('socket.io'); var crypto = require('crypto'); +var fs = require('fs'); var services = require('./lib/services'); @@ -11,7 +12,16 @@ nconf.argv().env().file({ file: 'local.json' }); var users = 0; -var hapiOptions = {tls: nconf.get('tls')}; +var tlsOptions = nconf.get('tls'); +if (tlsOptions) { + if ('keyFile' in tlsOptions) { + tlsOptions['key'] = fs.readFileSync(tlsOptions['keyFile']); + } + if ('certFile' in tlsOptions) { + tlsOptions['cert'] = fs.readFileSync(tlsOptions['certFile']); + } +} +var hapiOptions = {tls: tlsOptions}; var server = Hapi.createServer(nconf.get('domain'), nconf.get('port'), hapiOptions); server.views({ engines: { From 48fc39c7524fd0915ff66e9eb0aadda0f2c611c6 Mon Sep 17 00:00:00 2001 From: Magnus Henoch Date: Wed, 31 Aug 2016 18:58:14 +0100 Subject: [PATCH 3/3] Describe how to use TLS in README.md --- README.md | 19 +++++++++++++++++++ 1 file changed, 19 insertions(+) diff --git a/README.md b/README.md index 5a2e733..ecda9de 100644 --- a/README.md +++ b/README.md @@ -28,6 +28,25 @@ Everything else: [https://trac.ffmpeg.org/wiki/CompilationGuide](https://trac.ff cp local.json-dist local.json npm start +## Using TLS + +You can configure the server to use TLS by including a `tls` option in `local.json`. The `tls` option eventually gets passed as the "options" object to [`tls.createServer`](https://nodejs.org/api/tls.html#tls_tls_createserver_options_secureconnectionlistener). + +Within the `tls` option, you can either specify `key` and `cert` using the PEM-formatted data of the private key and the certificate, respectively, or `keyFile` and `certFile`, in which case the private key and the certificate will be read from files. + +Sample config file: + +``` +{ + "domain": "localhost", + "port": 3000, + "wsServer": "ws://localhost:3000", + "tls": {"keyFile": "key.pem", "certFile": "cert.pem"} +} +``` + +Using TLS can be desirable, since recent versions of Chrome don't allow accessing the camera unless the web site is either accessed as `localhost` or uses TLS. + ## Accessing the API This is using the latest version of [socket.io](http://socket.io) and will not work with the old version from the previous meatspace API.