Closed davethetallguy closed 1 year ago
tagyoureit
commented
1 year ago If you want to create a PR for what you did, that would be good. Thanks.
There are lots of articles on how to create a PR. Probably easiest to Google one of them instead of me outlining it for you here. But feel free to attach your changes if that is too much of a lift.
davethetallguy
commented
1 year ago Will do on the PR.
davethetallguy
commented
1 year ago PR submitted! Let me know if it's useful / if I can help.
rstrouse
commented
1 year ago I will add options so this can be configured in the UI. What needs to be set up to get it all to work?
davethetallguy
commented
1 year ago Wrote the instructions this morning, then followed them myself this afternoon to make sure they worked!
config.json
Suggested locations: /ssl/<privkey>and/ssl/<cert>. For clarity, this will be the ~/nodejs-poolController-dashPanel/ssl directory on the host OS.
Pro Tip: consider placing actual cert & privkey in a common directory on the host like /etc/ssl/mycerts, then symlink the cert and private-key file locations in the nodejs-poolController-dashPanel/ssl directory, as well as the nodejs-poolController/ssl directory (if on the same host), so that cert files remain consistent (and easily updatable) across all apps on the host. Example:
cd ~/nodejs-poolController-dashPanel
mkdir ssl
cd ~/nodejs-poolController-dashPanel/ssl
ln -s /etc/ssl/mycerts/privkey.pem privkey.pem
ln -s /etc/ssl/mycerts/cert.pem cert.pem"enabled": true)npm start (or reboot, if your system is configured to start on reboot)Note: njspc and njspc-dashPanel can both run ssl, one or the other can, or neither can. The effect of running ssl on only one appears to be that either the GUI interface is encrypted in transit, but the data in the fields is not, or vice versa. It seems like it would be good to alert users if they have set it up only on one or the other. Perhaps an “are you sure?” prompt should pop up if configuring SSL on one but not the other.
Also: The server field in njspc-dp is only long enough for a typical IP address, and connecting with an SSL cert (validated) requires a FQDN. One can directly edit the information into config.json, but it would be good to extend the input field to permit this to be configured in the interface.
Let me know what else I can provide, and I'm always open to constructive critique as well.
rstrouse
commented
1 year ago Thanks, I created a wiki from your instructions. You should have access to edit it.
davethetallguy
commented
1 year ago Wiki looks great!! Closed as far as I'm concerned.
Unless I've missed something, I don't believe v 8.0.0 has implemented support for SSL, including certificates, keys etc. If I have indeed missed something, please point me to where I should have configured this.
I've borrowed the https server code from njsPC, spliced it and edited it into my own Server.ts file, installed cert & key, and now can use HTTPS to access the dashPanel. If it's helpful, I'm glad to share the Server.ts that I came up with.
Note that to add a(n) FQDN that matches a cert on njsPC, the configuration field in dashPanel isn't long enough, so I had to add this directly in config.json (which I also had to edit to add the sslKeyFile and sslCertFile locations.)
I realize most people are probably running dashPanel and njsPC locally, but I thought it would be good to have the option for consistency with other apps, if nothing else. Let me know if you'd like the contribution (I have not made formal contributions to any other project on github before, so you have have to talk me through this, or I can just attach files to another comment.)