Closed JGoutin closed 4 years ago
noSupportedVersion
• This seems reasonable, although maybe with a shorter variable name :)
• The trick with this is that I'm not sure I want to increase the size of every template for something that would be used only a fraction of the time. It's also pretty tricky in that presumably you would want to have more than one place to insert user config? Or maybe that's not true?The first thing probably isn't impossible, but would make some things difficult, e.g.
noSupportedVersion
In the python code, I convert the config.js as JSON and replace noSupporterVersion
by null
. Then, in the state.js
equivalent, I handle theses null values when selecting the max supported TLS version. That work good in my case and should be reproducible in javascript.
The trick with this is that I'm not sure I want to increase the size of every template for something that would be used only a fraction of the time. It's also pretty tricky in that presumably you would want to have more than one place to insert user config? Or maybe that's not true?
I guess I don't need more than one variable per template (And, this may not be relevant at all for some server software). In the beginning I am mainly interested by web servers. A single value in the HTTPS server/virtual host part should be sufficient to add almost any site specific config and some extra security headers.
I close this issue and cancel my requests for following reasons:
Hello,
After, #35, I decided to implement a Python + CLI version of this awesome SSL generator to be able to generate configuration locally easily and in a scriptable way. The generator can be found here and work well (I currently successfully generate the same configuration files as the Javascript generator).
When implementing this new utility. I found some ideas to improve the original one to make it more reusable by third parties:
ssl-config-generator/src/js/configs.js
) is currently a Javascript file. Converting it to a JSON file would make it easier to read from other languages.ssl_certificate /path/to/signed_cert_plus_intermediates
). Replacing theses place holders by variables would help to use real path or values in utilities (Examplessl_certificate {{output.pathToSignedCertPlusIntermediates}}
). Current placeholder values may be stored in adefault
section of the servers configuration specification.userConfig
variable (defaulted to an empty string) in template would help to merge the generated SSL configuration with some user configuration (Example, site specific Nginx configuration lines or extra security headers).If you agree with this, I can do some PR to implement this.
Also, a question: Is there a way to run
npm run watch
without open the browser ? I use this command to start the server in test to compare generated outputs, and the browser is not used or may be missing in the CI case.