feat: add support for WSS (fixes #32)

mkg20001 · web-flow · commit 50a2e2ec3c61 · 2019-07-01T09:17:11.000+02:00
Add support for WSS
diff --git a/README.md b/README.md
@@ -64,6 +64,23 @@ A libp2p-websocket-star address, using the signalling server we provide, looks l
 Note: The address above indicates WebSockets Secure, which can be accessed from both http and https.
 
 
+### Using WSS
+
+To be able to interact with a rendezvous server from an HTTPS site, you will need to use websocket secure. To host a secure websocket server, you must provide a keypair to the server.
+
+#### Using key and certificate
+
+```bash
+> rendezvous --key="path/to/key.key" --cert="path/to/cert.cert"
+```
+
+#### Using PFX with passphrase
+
+```bash
+> rendezvous --pfx="path/to/pair.pfx" --passphrase="passphrase"
+```
+
+
 ### This module uses `pull-streams`
 
 We expose a streaming interface based on `pull-streams`, rather then on the Node.js core streams implementation (aka Node.js streams). `pull-streams` offers us a better mechanism for error handling and flow control guarantees. If you would like to know more about why we did this, see the discussion at this [issue](https://github.com/ipfs/js-ipfs/issues/362).
diff --git a/src/bin.js b/src/bin.js
@@ -12,6 +12,10 @@ let server
 signalling.start({
   port: argv.port || argv.p || process.env.PORT || 9090,
   host: argv.host || argv.h || process.env.HOST || '0.0.0.0',
+  key: argv.key || process.env.KEY,
+  cert: argv.cert || process.env.CERT,
+  pfx: argv.pfx || process.env.PFX,
+  passphrase: argv.passphrase || process.env.PFX_PASSPHRASE,
   cryptoChallenge: !(argv.disableCryptoChallenge || process.env.DISABLE_CRYPTO_CHALLENGE),
   strictMultiaddr: !(argv.disableStrictMultiaddr || process.env.DISABLE_STRICT_MULTIADDR),
   metrics: !(argv.disableMetrics || process.env.DISABLE_METRICS)
diff --git a/src/index.js b/src/index.js
@@ -5,6 +5,7 @@ const path = require('path')
 const epimetheus = require('epimetheus')
 const merge = require('merge-recursive').recursive
 const defaultConfig = require('./config')
+const { readFileSync } = require('fs')
 
 exports = module.exports
 
@@ -22,7 +23,21 @@ exports.start = (options, callback) => {
 
   const http = new Hapi.Server(config.hapi.options)
 
-  http.connection({ port, host })
+  let tls
+  if (options.key && options.cert) {
+    tls = {
+      key: readFileSync(options.key),
+      cert: readFileSync(options.cert),
+      passphrase: options.passphrase
+    }
+  } else if (options.pfx && options.passphrase) {
+    tls = {
+      pfx: readFileSync(options.pfx),
+      passphrase: options.passphrase
+    }
+  }
+
+  http.connection({ port, host, tls })
 
   http.register({ register: require('inert') }, (err) => {
     if (err) {
