Doc updates on servers

This commit is contained in:
Bryan Ashby 2020-05-31 22:17:56 -06:00
parent 78b78e8c79
commit dd0a673061
No known key found for this signature in database
GPG Key ID: B49EB437951D2542
3 changed files with 40 additions and 36 deletions

View File

@ -15,7 +15,8 @@ Entries available under `config.loginServers.ssh`:
| `firstMenu` | :-1: | First menu an SSH connected user is presented with. Defaults to `sshConnected`. | | `firstMenu` | :-1: | First menu an SSH connected user is presented with. Defaults to `sshConnected`. |
| `firstMenuNewUser` | :-1: | Menu presented to user when logging in with one of the usernames found within `users.newUserNames` in your `config.hjson`. Examples include `new` and `apply`. | | `firstMenuNewUser` | :-1: | Menu presented to user when logging in with one of the usernames found within `users.newUserNames` in your `config.hjson`. Examples include `new` and `apply`. |
| `enabled` | :+1: | Set to `true` to enable the SSH server. | | `enabled` | :+1: | Set to `true` to enable the SSH server. |
| `port` | :-1: | Override the default port of `8443`. | | `port` | :-1: | Override the default port of `8443`. |
| `address` | :-1: | Sets an explicit bind address. |
| `algorithms` | :-1: | Configuration block for SSH algorithms. Includes keys of `kex`, `cipher`, `hmac`, and `compress`. See the algorithms section in the [ssh2-streams](https://github.com/mscdex/ssh2-streams#ssh2stream-methods) documentation for details. For defaults set by ENiGMA½, see `core/config.js`. | `algorithms` | :-1: | Configuration block for SSH algorithms. Includes keys of `kex`, `cipher`, `hmac`, and `compress`. See the algorithms section in the [ssh2-streams](https://github.com/mscdex/ssh2-streams#ssh2stream-methods) documentation for details. For defaults set by ENiGMA½, see `core/config.js`.
| `traceConnections` | :-1: | Set to `true` to enable full trace-level information on SSH connections. | `traceConnections` | :-1: | Set to `true` to enable full trace-level information on SSH connections.
@ -29,7 +30,7 @@ Entries available under `config.loginServers.ssh`:
port: 8889 port: 8889
privateKeyPem: /path/to/ssh_private_key.pem privateKeyPem: /path/to/ssh_private_key.pem
privateKeyPass: sup3rs3kr3tpa55 privateKeyPass: sup3rs3kr3tpa55
} }
} }
} }
``` ```

View File

@ -8,10 +8,11 @@ The Telnet *login server* provides a standard **non-secure** Telnet login experi
## Configuration ## Configuration
The following configuration can be made in `config.hjson` under the `loginServers.telnet` block: The following configuration can be made in `config.hjson` under the `loginServers.telnet` block:
| Item | Required | Description | | Key | Required | Description |
|------|----------|-------------| |------|----------|-------------|
| `enabled` | :-1: Defaults to `true`. Set to `false` to disable Telnet | | `enabled` | :-1: Defaults to `true`. Set to `false` to disable Telnet |
| `port` | :-1: | Override the default port of `8888`. | | `port` | :-1: | Override the default port of `8888`. |
| `address` | :-1: | Sets an explicit bind address. |
| `firstMenu` | :-1: | First menu a telnet connected user is presented with. Defaults to `telnetConnected`. | | `firstMenu` | :-1: | First menu a telnet connected user is presented with. Defaults to `telnetConnected`. |
### Example Configuration ### Example Configuration
@ -21,7 +22,7 @@ The following configuration can be made in `config.hjson` under the `loginServer
telnet: { telnet: {
enabled: true enabled: true
port: 8888 port: 8888
} }
} }
} }
``` ```

View File

@ -2,13 +2,10 @@
layout: page layout: page
title: Web Server title: Web Server
--- ---
ENiGMA½ comes with a built in *content server* for supporting both HTTP and HTTPS. Currently the ENiGMA½ comes with a built in *content server* for supporting both HTTP and HTTPS. Currently the [File Bases](file_base.md) registers routes for file downloads, and static files can also be served for your BBS. Other features will likely come in the future or you can easily write your own!
[File Bases](file_base.md) registers routes for file downloads, and static files can also be served
for your BBS. Other features will likely come in the future or you can easily write your own!
## Configuration # Configuration
By default the web server is not enabled. To enable it, you will need to at a minimum configure two keys in By default the web server is not enabled. To enable it, you will need to at a minimum configure two keys in the `contentServers.web` section of `config.hjson`:
the `contentServers::web` section of `config.hjson`:
```hjson ```hjson
contentServers: { contentServers: {
@ -17,39 +14,44 @@ contentServers: {
http: { http: {
enabled: true enabled: true
port: 8080
} }
} }
} }
``` ```
This will configure HTTP for port 8080 (override with `port`). To additionally enable HTTPS, you will need a The following is a table of all configuration keys available under `contentServers.web`:
PEM encoded SSL certificate and private key. [LetsEncrypt](https://letsencrypt.org/) supply free trusted | Key | Required | Description |
certificates that work perfectly with ENiGMA½. |------|----------|-------------|
| `domain` | :+1: | Sets the domain, e.g. `bbs.yourdomain.com`. |
| `http` | :-1: | Sub configuration for HTTP (non-secure) connections. See **HTTP Configuration** below. |
| `overrideUrlPrefix` | :-1: | Instructs the system to be explicit when handing out URLs. Useful if your server is behind a transparent proxy. |
Once obtained, simply enable the HTTPS server: ### HTTP Configuration
Entries available under `contentServers.web.http`:
```hjson | Key | Required | Description |
contentServers: { |------|----------|-------------|
web: { | `enable` | :+1: | Set to `true` to enable this server.
domain: bbs.yourdomain.com | `port` | :-1: | Override the default port of `8080`. |
// set 'overrideUrlPrefix' if for example, you use a transparent proxy in front of ENiGMA and need to be explicit about URLs the system hands out | `address` | :-1: | Sets an explicit bind address. |
overrideUrlPrefix: https://bbs.yourdomain.com
https: {
enabled: true
port: 8443
certPem: /path/to/your/cert.pem
keyPem: /path/to/your/cert_private_key.pem
}
}
}
```
If no certificate paths are supplied, ENiGMA½ will assume the defaults of `/config/https_cert.pem` and ### HTTPS Configuration
`/config/https_cert_key.pem` accordingly. Entries available under `contentServers.web.htt2`:
### Static Routes | Key | Required | Description |
Static files live relative to the `contentServers::web::staticRoot` path which defaults to `enigma-bbs/www`. |------|----------|-------------|
| `enable` | :+1: | Set to `true` to enable this server.
| `port` | :-1: | Override the default port of `8080`. |
| `address` | :-1: | Sets an explicit bind address. |
| `certPem` | :+1: | Overrides the default certificate path of `/config/https_cert.pem`. Certificate must be in PEM format. See **Certificates** below. |
| `keyPem` | :+1: | Overrides the default certificate key path of `/config/https_cert_key.pem`. Key must be in PEM format. See **Certificates** below. |
### Custom Error Pages #### Certificates
Customized error pages can be created for [HTTP error codes](https://en.wikipedia.org/wiki/List_of_HTTP_status_codes#4xx_Client_Error) If you don't have a TLS certificate for your domain, a good source for a certificate can be [LetsEncrypt](https://letsencrypt.org/) who supplies free and trusted TLS certificates.
by providing a `<error_code>.html` file in the *static routes* area. For example: `404.html`.
## Static Routes
Static files live relative to the `contentServers.web.staticRoot` path which defaults to `enigma-bbs/www`.
## Custom Error Pages
Customized error pages can be created for [HTTP error codes](https://en.wikipedia.org/wiki/List_of_HTTP_status_codes#4xx_Client_Error) by providing a `<error_code>.html` file in the *static routes* area. For example: `404.html`.