Websocket config should be similar to web #176
This commit is contained in:
parent
6e94befd8b
commit
a0cd8fed83
|
@ -230,11 +230,19 @@ function getDefaultConfig() {
|
||||||
firstMenuNewUser : 'sshConnectedNewUser',
|
firstMenuNewUser : 'sshConnectedNewUser',
|
||||||
},
|
},
|
||||||
webSocket : {
|
webSocket : {
|
||||||
port : 8810, // ws://
|
ws : {
|
||||||
enabled : false,
|
// non-secure ws://
|
||||||
securePort : 8811, // wss:// - must provide certPem and keyPem
|
enabled : false,
|
||||||
certPem : paths.join(__dirname, './../config/https_cert.pem'),
|
port : 8810,
|
||||||
keyPem : paths.join(__dirname, './../config/https_cert_key.pem'),
|
},
|
||||||
|
wss : {
|
||||||
|
// secure ws://
|
||||||
|
// must provide valid certPem and keyPem
|
||||||
|
enabled : false,
|
||||||
|
port : 8811,
|
||||||
|
certPem : paths.join(__dirname, './../config/https_cert.pem'),
|
||||||
|
keyPem : paths.join(__dirname, './../config/https_cert_key.pem'),
|
||||||
|
},
|
||||||
},
|
},
|
||||||
},
|
},
|
||||||
|
|
||||||
|
|
|
@ -118,12 +118,15 @@ exports.getModule = class WebSocketLoginServer extends LoginServerModule {
|
||||||
// * insecure websocket (ws://)
|
// * insecure websocket (ws://)
|
||||||
// * secure (tls) websocket (wss://)
|
// * secure (tls) websocket (wss://)
|
||||||
//
|
//
|
||||||
const config = _.get(Config, 'loginServers.webSocket') || { enabled : false };
|
const config = _.get(Config, 'loginServers.webSocket');
|
||||||
if(!config || true !== config.enabled || !(config.port || config.securePort)) {
|
if(!_.isObject(config)) {
|
||||||
return;
|
return;
|
||||||
}
|
}
|
||||||
|
|
||||||
if(config.port) {
|
const wsPort = _.get(config, 'ws.port');
|
||||||
|
const wssPort = _.get(config, 'wss.port');
|
||||||
|
|
||||||
|
if(true === _.get(config, 'ws.enabled') && _.isNumber(wsPort)) {
|
||||||
const httpServer = http.createServer( (req, resp) => {
|
const httpServer = http.createServer( (req, resp) => {
|
||||||
// dummy handler
|
// dummy handler
|
||||||
resp.writeHead(200);
|
resp.writeHead(200);
|
||||||
|
@ -136,10 +139,10 @@ exports.getModule = class WebSocketLoginServer extends LoginServerModule {
|
||||||
};
|
};
|
||||||
}
|
}
|
||||||
|
|
||||||
if(config.securePort) {
|
if(_.isObject(config, 'wss') && true === _.get(config, 'wss.enabled') && _.isNumber(wssPort)) {
|
||||||
const httpServer = https.createServer({
|
const httpServer = https.createServer({
|
||||||
key : fs.readFileSync(Config.loginServers.webSocket.keyPem),
|
key : fs.readFileSync(config.wss.keyPem),
|
||||||
cert : fs.readFileSync(Config.loginServers.webSocket.certPem),
|
cert : fs.readFileSync(config.wss.certPem),
|
||||||
});
|
});
|
||||||
|
|
||||||
this.secure = {
|
this.secure = {
|
||||||
|
@ -157,7 +160,7 @@ exports.getModule = class WebSocketLoginServer extends LoginServerModule {
|
||||||
}
|
}
|
||||||
|
|
||||||
const serverName = `${ModuleInfo.name} (${serverType})`;
|
const serverName = `${ModuleInfo.name} (${serverType})`;
|
||||||
const port = parseInt(_.get(Config, [ 'loginServers', 'webSocket', 'secure' === serverType ? 'securePort' : 'port' ] ));
|
const port = parseInt(_.get(Config, [ 'loginServers', 'webSocket', 'secure' === serverType ? 'wss' : 'ws', 'port' ] ));
|
||||||
|
|
||||||
if(isNaN(port)) {
|
if(isNaN(port)) {
|
||||||
Log.error( { server : serverName, port : port }, 'Cannot load server (invalid port)' );
|
Log.error( { server : serverName, port : port }, 'Cannot load server (invalid port)' );
|
||||||
|
|
|
@ -27,11 +27,22 @@ don't already have it defined).
|
||||||
````hjson
|
````hjson
|
||||||
loginServers: {
|
loginServers: {
|
||||||
webSocket : {
|
webSocket : {
|
||||||
port: 8810
|
ws: {
|
||||||
enabled: true
|
// non-secure ws://
|
||||||
securePort: 8811
|
port: 8810
|
||||||
certPem: /path/to/https_cert.pem
|
enabled: true
|
||||||
keyPem: /path/to/https_cert_key.pem
|
}
|
||||||
|
wss: {
|
||||||
|
// secure-over-tls wss://
|
||||||
|
port: 8811
|
||||||
|
enabled: true
|
||||||
|
certPem: /path/to/https_cert.pem
|
||||||
|
keyPem: /path/to/https_cert_key.pem
|
||||||
|
}
|
||||||
|
// set proxied to true to allow TLS-terminated proxied connections
|
||||||
|
// containing the "X-Forwarded-Proto: https" header to be treated
|
||||||
|
// as secure
|
||||||
|
proxied: true
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
````
|
````
|
||||||
|
|
Loading…
Reference in New Issue