|
|
|
/*
|
|
|
|
globals require console
|
|
|
|
*/
|
|
|
|
var Express = require('express');
|
|
|
|
var Http = require('http');
|
|
|
|
var Https = require('https');
|
|
|
|
var Fs = require('fs');
|
|
|
|
var WebSocketServer = require('ws').Server;
|
|
|
|
var NetfluxSrv = require('./NetfluxWebsocketSrv');
|
|
|
|
var WebRTCSrv = require('./WebRTCSrv');
|
|
|
|
|
|
|
|
var config = require('./config');
|
|
|
|
var websocketPort = config.websocketPort || config.httpPort;
|
|
|
|
|
|
|
|
// support multiple storage back ends
|
|
|
|
var Storage = require(config.storage||'./storage/file');
|
|
|
|
|
|
|
|
var app = Express();
|
|
|
|
|
|
|
|
var httpsOpts;
|
|
|
|
|
|
|
|
app.use(function (req, res, next) {
|
|
|
|
var host = req.headers.host;
|
|
|
|
if (config.websocketPort) {
|
|
|
|
host = host.replace(/\:[0-9]+/, ':' + config.websocketPort);
|
|
|
|
}
|
|
|
|
var proto = httpsOpts ? 'wss://' : 'ws://';
|
|
|
|
res.setHeader('Content-Security-Policy', [
|
|
|
|
"default-src 'none'",
|
|
|
|
"style-src 'unsafe-inline' 'self'",
|
|
|
|
|
|
|
|
// No way to load ckeditor without unsafe-eval and unsafe-inline
|
|
|
|
// https://dev.ckeditor.com/ticket/8584
|
|
|
|
"script-src 'self' 'unsafe-eval' 'unsafe-inline'",
|
|
|
|
|
|
|
|
"connect-src 'self' " + proto + host,
|
|
|
|
"child-src 'self'",
|
|
|
|
"font-src 'self'",
|
|
|
|
|
|
|
|
// data: is used by codemirror, (insecure remote) images are included by people making
|
|
|
|
// documents in ckeditor.
|
|
|
|
"img-src data: *"
|
|
|
|
].join('; '));
|
|
|
|
next();
|
|
|
|
});
|
|
|
|
|
|
|
|
app.use(Express.static(__dirname + '/www'));
|
|
|
|
|
|
|
|
Fs.exists(__dirname + "/customize", function (e) {
|
|
|
|
if (e) { return; }
|
|
|
|
console.log("Cryptpad is customizable, see customize.dist/readme.md for details");
|
|
|
|
});
|
|
|
|
|
|
|
|
app.use("/customize", Express.static(__dirname + '/customize'));
|
|
|
|
app.use("/customize", Express.static(__dirname + '/customize.dist'));
|
|
|
|
app.use(/^\/[^\/]*$/, Express.static('customize'));
|
|
|
|
app.use(/^\/[^\/]*$/, Express.static('customize.dist'));
|
|
|
|
|
|
|
|
if (config.privKeyAndCertFiles) {
|
|
|
|
var privKeyAndCerts = '';
|
|
|
|
config.privKeyAndCertFiles.forEach(function (file) {
|
|
|
|
privKeyAndCerts = privKeyAndCerts + Fs.readFileSync(file);
|
|
|
|
});
|
|
|
|
var array = privKeyAndCerts.split('\n-----BEGIN ');
|
|
|
|
for (var i = 1; i < array.length; i++) { array[i] = '-----BEGIN ' + array[i]; }
|
|
|
|
var privKey;
|
|
|
|
for (var i = 0; i < array.length; i++) {
|
|
|
|
if (array[i].indexOf('PRIVATE KEY-----\n') !== -1) {
|
|
|
|
privKey = array[i];
|
|
|
|
array.splice(i, 1);
|
|
|
|
break;
|
|
|
|
}
|
|
|
|
}
|
|
|
|
if (!privKey) { throw new Error("cannot find private key"); }
|
|
|
|
httpsOpts = {
|
|
|
|
cert: array.shift(),
|
|
|
|
key: privKey,
|
|
|
|
ca: array
|
|
|
|
};
|
|
|
|
}
|
|
|
|
|
|
|
|
app.get('/api/config', function(req, res){
|
|
|
|
var host = req.headers.host.replace(/\:[0-9]+/, '');
|
|
|
|
res.setHeader('Content-Type', 'text/javascript');
|
|
|
|
res.send('define(' + JSON.stringify({
|
|
|
|
websocketURL:'ws' + ((httpsOpts) ? 's' : '') + '://' + host + ':' +
|
|
|
|
websocketPort + '/cryptpad_websocket',
|
|
|
|
webrtcURL:'ws' + ((httpsOpts) ? 's' : '') + '://' + host + ':' +
|
|
|
|
websocketPort + '/cryptpad_webrtc',
|
|
|
|
}) + ');');
|
|
|
|
});
|
|
|
|
|
|
|
|
var httpServer = httpsOpts ? Https.createServer(httpsOpts, app) : Http.createServer(app);
|
|
|
|
|
|
|
|
httpServer.listen(config.httpPort,config.httpAddress,function(){
|
|
|
|
console.log('[%s] listening on port %s', new Date().toISOString(), config.httpPort);
|
|
|
|
});
|
|
|
|
|
|
|
|
var wsConfig = { server: httpServer };
|
|
|
|
if (websocketPort !== config.httpPort) {
|
|
|
|
console.log("setting up a new websocket server");
|
|
|
|
wsConfig = { port: websocketPort};
|
|
|
|
}
|
|
|
|
var wsSrv = new WebSocketServer(wsConfig);
|
|
|
|
Storage.create(config, function (store) {
|
|
|
|
NetfluxSrv.run(store, wsSrv, config);
|
|
|
|
WebRTCSrv.run(wsSrv);
|
|
|
|
});
|