mirror of https://git.tuxpa.in/a/code-server.git
src/node/cli.ts: Add --cert-host to configure generated certificate hostname
This commit is contained in:
parent
8b85006996
commit
bae28727bd
|
@ -26,6 +26,7 @@ export interface Args extends VsArgs {
|
||||||
readonly auth?: AuthType
|
readonly auth?: AuthType
|
||||||
readonly password?: string
|
readonly password?: string
|
||||||
readonly cert?: OptionalString
|
readonly cert?: OptionalString
|
||||||
|
readonly "cert-host"?: string
|
||||||
readonly "cert-key"?: string
|
readonly "cert-key"?: string
|
||||||
readonly "disable-telemetry"?: boolean
|
readonly "disable-telemetry"?: boolean
|
||||||
readonly help?: boolean
|
readonly help?: boolean
|
||||||
|
@ -101,7 +102,11 @@ const options: Options<Required<Args>> = {
|
||||||
cert: {
|
cert: {
|
||||||
type: OptionalString,
|
type: OptionalString,
|
||||||
path: true,
|
path: true,
|
||||||
description: "Path to certificate. Generated if no path is provided.",
|
description: "Path to certificate. A self signed certificate is generated if none is provided.",
|
||||||
|
},
|
||||||
|
"cert-host": {
|
||||||
|
type: "string",
|
||||||
|
description: "Hostname to use when generating a self signed certificate.",
|
||||||
},
|
},
|
||||||
"cert-key": { type: "string", path: true, description: "Path to certificate key when using non-generated cert." },
|
"cert-key": { type: "string", path: true, description: "Path to certificate key when using non-generated cert." },
|
||||||
"disable-telemetry": { type: "boolean", description: "Disable telemetry." },
|
"disable-telemetry": { type: "boolean", description: "Disable telemetry." },
|
||||||
|
|
|
@ -160,7 +160,7 @@ const main = async (args: Args, configArgs: Args): Promise<void> => {
|
||||||
proxyDomains: args["proxy-domain"],
|
proxyDomains: args["proxy-domain"],
|
||||||
socket: args.socket,
|
socket: args.socket,
|
||||||
...(args.cert && !args.cert.value
|
...(args.cert && !args.cert.value
|
||||||
? await generateCertificate()
|
? await generateCertificate(args["cert-host"] || "localhost")
|
||||||
: {
|
: {
|
||||||
cert: args.cert && args.cert.value,
|
cert: args.cert && args.cert.value,
|
||||||
certKey: args["cert-key"],
|
certKey: args["cert-key"],
|
||||||
|
|
|
@ -54,9 +54,9 @@ export function humanPath(p?: string): string {
|
||||||
return p.replace(os.homedir(), "~")
|
return p.replace(os.homedir(), "~")
|
||||||
}
|
}
|
||||||
|
|
||||||
export const generateCertificate = async (): Promise<{ cert: string; certKey: string }> => {
|
export const generateCertificate = async (hostname: string): Promise<{ cert: string; certKey: string }> => {
|
||||||
const certPath = path.join(paths.data, "self-signed.crt")
|
const certPath = path.join(paths.data, `${hostname.replace(/\./g, "_")}.crt`)
|
||||||
const certKeyPath = path.join(paths.data, "self-signed.key")
|
const certKeyPath = path.join(paths.data, `${hostname.replace(/\./g, "_")}.key`)
|
||||||
|
|
||||||
const checks = await Promise.all([fs.pathExists(certPath), fs.pathExists(certKeyPath)])
|
const checks = await Promise.all([fs.pathExists(certPath), fs.pathExists(certKeyPath)])
|
||||||
if (!checks[0] || !checks[1]) {
|
if (!checks[0] || !checks[1]) {
|
||||||
|
@ -67,6 +67,7 @@ export const generateCertificate = async (): Promise<{ cert: string; certKey: st
|
||||||
pem.createCertificate(
|
pem.createCertificate(
|
||||||
{
|
{
|
||||||
selfSigned: true,
|
selfSigned: true,
|
||||||
|
commonName: hostname,
|
||||||
config: `
|
config: `
|
||||||
[req]
|
[req]
|
||||||
req_extensions = v3_req
|
req_extensions = v3_req
|
||||||
|
@ -76,7 +77,7 @@ extendedKeyUsage = serverAuth
|
||||||
subjectAltName = @alt_names
|
subjectAltName = @alt_names
|
||||||
|
|
||||||
[alt_names]
|
[alt_names]
|
||||||
DNS.1 = localhost
|
DNS.1 = ${hostname}
|
||||||
`,
|
`,
|
||||||
},
|
},
|
||||||
(error, result) => {
|
(error, result) => {
|
||||||
|
|
|
@ -45,7 +45,7 @@ describe("SocketProxyProvider", () => {
|
||||||
}
|
}
|
||||||
|
|
||||||
before(async () => {
|
before(async () => {
|
||||||
const cert = await generateCertificate()
|
const cert = await generateCertificate("localhost")
|
||||||
const options = {
|
const options = {
|
||||||
cert: fs.readFileSync(cert.cert),
|
cert: fs.readFileSync(cert.cert),
|
||||||
key: fs.readFileSync(cert.certKey),
|
key: fs.readFileSync(cert.certKey),
|
||||||
|
|
Loading…
Reference in New Issue