Skip to content

Commit

Permalink
chore: add certificates for local testing (#4594)
Browse files Browse the repository at this point in the history
  • Loading branch information
@tlebon
tlebon authored Mar 4, 2024
1 parent c9cdb62 commit bdaa41a
Show file tree
Hide file tree
Showing 10 changed files with 145 additions and 5 deletions.
6 changes: 6 additions & 0 deletions README.md
View file
Original file line number Diff line number Diff line change
Expand Up @@ -26,6 +26,12 @@ No license is granted to the Wire trademark and its associated logos, all of whi
1. Run `yarn start`
1. Open [http://localhost:8081/](http://localhost:8081/)

If you would like your browser to trust the certificate from "local.zinfra.io":

1. Download [mkcert](https://github.com/FiloSottile/mkcert/releases/latest)
2. Set the `CAROOT` environment variable to `<TM App Dir>/server/certificate`
3. Run `mkcert -install`

## Deployment

Depending on the branch name it will be automatically deployed to the following environments:
Expand Down
6 changes: 3 additions & 3 deletions server/.env.localhost
View file
Original file line number Diff line number Diff line change
@@ -1,9 +1,9 @@
# https://github.com/wireapp/wire-account/wiki/Self-hosting

NODE_DEBUG="@wireapp/*"
PORT="8080"
PORT="8082"

APP_BASE="http://local.zinfra.io:8080"
BACKEND_REST="http://local.zinfra.io:8080/api"
APP_BASE="https://local.zinfra.io:8082"
BACKEND_REST="https://staging-nginz-https.zinfra.io"
ENFORCE_HTTPS="false"
IS_SELF_HOSTED="false"
14 changes: 13 additions & 1 deletion server/Server.ts
View file
Original file line number Diff line number Diff line change
Expand Up @@ -22,6 +22,8 @@ import * as express from 'express';
import * as helmet from 'helmet';
import * as nocache from 'nocache';
import * as http from 'http';
import * as fs from 'fs';
import * as https from 'https';
import * as path from 'path';

import HealthCheckRoute from './routes/_health/HealthCheckRoute';
Expand Down Expand Up @@ -202,7 +204,17 @@ class Server {
if (this.server) {
reject(new Error('Server is already running.'));
} else if (this.config.SERVER.PORT_HTTP) {
this.server = this.app.listen(this.config.SERVER.PORT_HTTP, () => resolve(this.config.SERVER.PORT_HTTP));
if (this.config.SERVER.ENVIRONMENT === 'development') {
const options = {
cert: fs.readFileSync(this.config.SERVER.SSL_CERTIFICATE_PATH),
key: fs.readFileSync(this.config.SERVER.SSL_CERTIFICATE_KEY_PATH),
};
this.server = https
.createServer(options, this.app)
.listen(this.config.SERVER.PORT_HTTP, () => resolve(this.config.SERVER.PORT_HTTP));
} else {
this.server = this.app.listen(this.config.SERVER.PORT_HTTP, () => resolve(this.config.SERVER.PORT_HTTP));
}
} else {
reject(new Error('Server port not specified.'));
}
Expand Down
2 changes: 2 additions & 0 deletions server/ServerConfig.ts
View file
Original file line number Diff line number Diff line change
Expand Up @@ -58,6 +58,8 @@ export interface ServerConfig {
CSP: Record<string, Iterable<string>>;
ENFORCE_HTTPS: boolean;
ENVIRONMENT: string;
SSL_CERTIFICATE_KEY_PATH?: string;
SSL_CERTIFICATE_PATH?: string;
PORT_HTTP: number;
ROBOTS: {
ALLOWED_HOSTS: string[];
Expand Down
2 changes: 1 addition & 1 deletion server/bin/copy_server_assets.js
View file
Original file line number Diff line number Diff line change
Expand Up @@ -25,7 +25,7 @@ const path = require('path');
const srcFolder = '../';
const distFolder = '../dist/';

const assetFolders = ['.ebextensions/', 'img/', 'robots/', 'templates/'];
const assetFolders = ['.ebextensions/', 'img/', 'robots/', 'templates/', 'certificate'];

assetFolders.forEach(assetFolder => {
fs.copySync(path.resolve(__dirname, srcFolder, assetFolder), path.resolve(__dirname, distFolder, assetFolder));
Expand Down
24 changes: 24 additions & 0 deletions server/certificate/development-cert.pem
View file
Original file line number Diff line number Diff line change
@@ -0,0 +1,24 @@
-----BEGIN CERTIFICATE-----
MIIEEzCCAnugAwIBAgIQO5CaO6MvdspI1kpQM/qLVjANBgkqhkiG9w0BAQsFADA8
MRwwGgYDVQQKExNXaXJlIGRldmVsb3BtZW50IENBMQ0wCwYDVQQLEwRXaXJlMQ0w
CwYDVQQDEwRXaXJlMB4XDTE5MDYwMTAwMDAwMFoXDTMwMDUyNTEwMTMwMVowNjEl
MCMGA1UEChMcV2lyZSBkZXZlbG9wbWVudCBjZXJ0aWZpY2F0ZTENMAsGA1UECxME
V2lyZTCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoCggEBAOhlvNAlF3JGMH5e
5SRJtSBLYSdSB5jgYutouadLsqtsgI12PfXOdOJnO1qjjEq2WL0yan0eXRI/8Rvh
ZZ7HSF/2a8XSgHpi2Yxp8DbZ/IFLKw8mIN0BVCwVcxDIm/SBuYAzmKjx7uFAnksh
LBzwdlsgQUOtRryM1r0p5iX52YFM3ttBtA5/p2o7zvAIbKSJ6Lm6GrbM6cHx0nIS
v47TL+ILF1vQEOzwzU0jrRge4mtLLjExYZPfYV2bKGcsCgxl+fd8oxd50BTnn1Kg
0MQudnyJqh7n/chKSRwggTaUvYxyeGME0FcTXUiT+hNXVVwISmnmQulpK5g8jROe
WcY9g2cCAwEAAaOBljCBkzAOBgNVHQ8BAf8EBAMCBaAwEwYDVR0lBAwwCgYIKwYB
BQUHAwEwDAYDVR0TAQH/BAIwADAfBgNVHSMEGDAWgBTd1VNJ1jzIPGPx6hX4vo4X
0LNo3zA9BgNVHREENjA0gg9sb2NhbC56aW5mcmEuaW+CCWxvY2FsaG9zdIcQAAAA
AAAAAAAAAAAAAAAAAYcEfwAAATANBgkqhkiG9w0BAQsFAAOCAYEAZIjIzuJWxIcp
HtlivSkCuJjDOFc0+mCryKgwz+CakA0HP1n2ELVQp5IqIsGKDmKOYSJpBR8pq/VN
eP0nl0E4Y9ctL1G6RAZ6CFJXNUs+wRZjcD3Hx/GBgkQZ5fC7CeK3vEHciCt9rvHq
oGSbeGkckSpt+PIbfon0id6iuyIbamm8xkfug1SsYPEwv5Wa2wFl32NlswTww2lU
5VEX+pZAeAHEwV87wZp/JDDdGHlZdJjBMGL3zerByQEdaZNMkBQGEBRagG0m8HDF
q5U+9PGLgdbKhmNATKljwVOWdvSegadZbK/kkHVM9g9v7JwhYW3kYP27/84rOpB6
VBsSipZPwdyqcZ+TehYDFawdrIPKter6+mUfQ89AF3+daHnsizguj0zXJcBN1Lly
kUDl/2XGe2TDK2d8iVnP7ICqQUq9qWB2P6/cRkAnUGPgcspE9is/A39vy4F6FQ19
ghZO4QcJw6hjAWmzZ8eKFEO6u2e8uhxiXi4XuufIS0XFekEnecHC
-----END CERTIFICATE-----
28 changes: 28 additions & 0 deletions server/certificate/development-key.pem
View file
Original file line number Diff line number Diff line change
@@ -0,0 +1,28 @@
-----BEGIN PRIVATE KEY-----
MIIEvQIBADANBgkqhkiG9w0BAQEFAASCBKcwggSjAgEAAoIBAQDoZbzQJRdyRjB+
XuUkSbUgS2EnUgeY4GLraLmnS7KrbICNdj31znTiZztao4xKtli9Mmp9Hl0SP/Eb
4WWex0hf9mvF0oB6YtmMafA22fyBSysPJiDdAVQsFXMQyJv0gbmAM5io8e7hQJ5L
ISwc8HZbIEFDrUa8jNa9KeYl+dmBTN7bQbQOf6dqO87wCGykiei5uhq2zOnB8dJy
Er+O0y/iCxdb0BDs8M1NI60YHuJrSy4xMWGT32FdmyhnLAoMZfn3fKMXedAU559S
oNDELnZ8iaoe5/3ISkkcIIE2lL2McnhjBNBXE11Ik/oTV1VcCEpp5kLpaSuYPI0T
nlnGPYNnAgMBAAECggEAMeSVssIj1H7JLnhFDZNddX95bi2oP+P8mLm1EfuocjEr
MDOwfbNDWM/86CqwleGsD4JhZlc8eAyOQQQVAw+ZtDB9Vs0olB3gwsqDreMC2OdA
aVIwQAJnBcfdGj9XbBjlsGZjYfH+7REoaszGYbgmUM4N9O+gfh5mg9oY9RI85gso
FMOhdy/++dbD1wWzIoUWkD2BPRksV5aAqko/n30OCBUWkLs8FdNMiNUHbkUSm0ic
c9IhPNv5w41/XPJPWt+KNN6me+MA9cV395+Itc63RtFnX9V9WJSH5oseSsT93Wl1
PncYuYCCALRYg4qyDh8+Wu7qCPeMknHpdPG9fMis4QKBgQD4szzi5/k1SE6cS+Yb
dkZbd1DHRoRl+w92Y7k2/nLjIi3mcaUOy0Pl34c8sZbRec5M3Mo8tkMsDyzAWxvW
QlrvEQtjIYygVmQV4C/CZ0FRpVoduRI4qIGHzaZksK5ooZs+0VWPED68vREmgxTR
9HQWgPGRBFBDwRKZfdLazIvoPwKBgQDvN//BMm8womwqo6tbZvRijOZCsD+cCOpu
9tNUpBZBhVRRheHZwZ5OJz3k+AHrKh/DqhbsHdDHmcVcUlZbEX7sZfjP+v50wszL
LtbLhwoXGAT4H+D03aqwSwmwaXTI9MBATXK3tqte1wNLpp4KSRjoEjLLTAOpnVUJ
1wT7yCDa2QKBgGdWGmNx3dOs4rUAuHEKuPtCXXcfrt2s7uTTVN8r5NLJnebVq660
+NZoBYpLhA4wHW9Egmetl8WT3JVkhfGGCsCxBVlAVG0+2EFasJ2HR9XD7ejRwGd4
ZLHn2k6WNzHUjGwSkQlrx5WmvZyR9LG0cBP1qeoGr88nRzIt3NH7EdsDAoGAa5Oj
UB5+IkDoo8Q2q0QBYtA6PINGF8Vqp7wYDVg9KfnrkT3D80k/B6ZeDzn4ouiuoC89
X7GI0jo0pu/gJdQYX/b7jYwyIg/4SOcncR+pSfljQrITWArXV7BnCw5hln16d3Bc
xoE/T8chlEO5jqaQrMyCSypD+2LleydW9mNpYwECgYEA4q6V8CscoNqRlyAXCwVG
vyEMA+HJ8VGqeVkzGSr+4439NvNSoy0SodQDt8Hd9TArHKv1aTrze+EHvs0CTyB0
23SYki+q+r41buZjni8q/dDGcGeAdh8dAZM0qQA1mLRBMZkaORKfWNYcI6907QTh
ce/Qrf+fEpCiSrM9vMmF1bw=
-----END PRIVATE KEY-----
40 changes: 40 additions & 0 deletions server/certificate/rootCA-key.pem
View file
Original file line number Diff line number Diff line change
@@ -0,0 +1,40 @@
-----BEGIN PRIVATE KEY-----
MIIG/wIBADANBgkqhkiG9w0BAQEFAASCBukwggblAgEAAoIBgQDSwHEqS+NcP1Z8
EIL9sE7nOrZjgJ5026VZQzEIqCSACbabQQlRkRjpSIX5LYZdhuYfZop712rYjG7t
LEjOIwgN85fxNdWm45BIrkOtTN1QTeqz1ufBtAcH7/QEQt11gyfbvImXZXwIEXYV
VnUq3qqCmPM2NKoB95TctflTbJhjeBQBJe4JwZKQXiyRvMOGIWb+f5ff4RQQ6RNj
JhCAQeuzOMEgM1b56KLkmEHaM1Tl9CsTVEvSWUUghzitigSf9QqhoIqQhI9I+nla
2KaKmCl+12bq8Nk1mmHHKW5H/NoL6QDjRI0XPVSw6fQycNAzLwH1Jw9dpV6OV8RE
R8lwL8VYcEaozG7hQsDSHVHYcfhRo236N1G7SmNSY2d97QIjTGTX5KOHfvsJl946
Y2iPu+w7tem8L0HwtLXme42V3NQWVPskwcTQy4+8G4D2tPmcJmbaQWcpPANENSaN
HshwDzWsZdR4kF8nY5KuhMc6vT3fyvnG0mp908sTNH5oZSO7SpMCAwEAAQKCAYEA
g7H/xVeAru9hYsuKn26iD7pPqOQBoLJ0o8/p/yfbDyuCsYe1hAPwli5ckbYSBbW7
bZnNJdAaE1HGK20F3dJkQRucMf3bEZuYWOKUpeGnVnwqEtFTJ2cREbOvP05tRvZ7
XMN3E2U2WXBX4sORGgXkdRGQwamtJueIXVdVgv0USOwLTCBgnDYbGR3QKg3T/Kg4
zQX8aMkkmeCb3dQ2cX9AA1GO1Ulfq3DlAYXneKuk/MFUfZKqgrqICOiW0VKyyyX6
qT2HWUoxEfTy81OGrDaKX1Bqn5N3m/rRGCU61j/1GJXgqldSEqJ3izOU9KqE0kQT
C32/JMGMMgP8va4R/uD9tf6bb9bERJk3ZAJHRM10H28XZq4yWfVBE5BV+glQv0ba
6KityRj+E4vbur6K8TU9biRXSDCbDrvXXn3UCqL9GNbLGN1rwpCeXiblb6P8Qd1O
UDh5c2QRCMDt0c+n+qqLvPjHkemmyOb51Ks6k8/7xHpJO4EvA6P9Cs4/CxPGKdth
AoHBAN+YvvjhkObeyPiApfr1LXzQW2zPG7DM2ugr+f2bWm9tHaPgeYtSOzb2GsIR
cKddH17WnjDWrMCTtble/Lbo9GUd0tXxBN6LoVafnSjvD+Hy9gRVg+yP7p3HXHt/
0GRjJQDvviySOXsIBUSLL5iDuDBqx6z+WNJ0JUCL60Hnyuoz1tudUNAx1JQFZ99J
6bYVtSz6EZryDvy2DC9W2gnCluwtG3cWb3KO1k75Pa3WiqEyH08A0eu1gLEy3XPY
KAgNAwKBwQDxSyjMAThUZ9vdZ9La2rvpDkpPSr8EJzd5+h3F1AdEwBduH75LddDc
GySBqPhi2dwJ7DvGd4LeAuAUm+0UX599+zW3bRac4eSSJzoO0R8tdtQaRz1k9nWs
8XKuXdlrswuSP1mAXSYyGk6ToEo4X4/x5zA1XFw5JRp7bw8MxRKzONPS+A3cJ4fe
NaS7EYwlV1x76La99M/fyp/0Cos/2H9sbDpkbelDqcSFRRespzEjXfn0uzH16Q1c
d1MlbdBZ7zECgcEAoiacf9LdCYCREB4DwJ4jMbvMQXlkpG+7ZNnXfoI2ME5aS2jT
3CRzSuVo/Eo3fzf6MwXDTLmyKCo2hEsNS/xemCHrrzkNhfKOu0ofZ/sOcpaGsRfv
BxROQF++gtVrJBH+WNKEAMC+LKnhYBbsGleTsJEPYzZE5cJS7Z9Kqc3WCsgzTaql
W4Z3mizdakGo2mKdtBNZxxs5oSzIY2BB2Qgj+PyxSUic4+AQLM91WmcWu9WkfN+k
XKKQxHCVxpgAV+5PAoHBALv+BscKnEyGrnINleYVTRoCnDqyzaf6teo+yDt9OjyC
PL771FMOc69JJmQutXaurhS9DMVQD5HRQ6xK36dj6OtKcUt7noaUKHUGQuGQZG4T
iqT+pAKpUn1vkB3x2JdkY7uJx72O1Vdrz5SM6caKDag2qwSn9OJA2iUZHeyhDjS8
LazMvl+sHNsviCyHO11Mdy3C3b2ZouuE/qIwJNWVY5GhsMzWJUsmVYpPjmZhzJL1
gOz/e6lP7a0A+rLKn+2xwQKBwCZFz2cvstwm/s41sQRbIQl2RhTUAk0I4TiXsomb
vCaWIRgGnB3KLrA2cQgB9EIgigs/kC1CqNFs6mTIWHBf4pUTj760xRymZAHADFjG
UWduet46DnZg26fs1R2xi6QGKAILeNKzKDPfE4bSFDoEFdZpYS1+AwZofn8JEFre
uiS5AcWeFZDJw6KptQ5qtJu6WYemdNxG1B6MlhmI6NuKrZM1ex4jLJrsHBQ6FKCM
q0CbXxd2FHg9mPKupS7alb22bQ==
-----END PRIVATE KEY-----
25 changes: 25 additions & 0 deletions server/certificate/rootCA.pem
View file
Original file line number Diff line number Diff line change
@@ -0,0 +1,25 @@
-----BEGIN CERTIFICATE-----
MIIESDCCArCgAwIBAgIRAJvOVAuM5K3cHqAe6sKoe6swDQYJKoZIhvcNAQELBQAw
PDEcMBoGA1UEChMTV2lyZSBkZXZlbG9wbWVudCBDQTENMAsGA1UECxMEV2lyZTEN
MAsGA1UEAxMEV2lyZTAeFw0yMDA1MjUxMDEyMjJaFw0zMDA1MjUxMDEyMjJaMDwx
HDAaBgNVBAoTE1dpcmUgZGV2ZWxvcG1lbnQgQ0ExDTALBgNVBAsTBFdpcmUxDTAL
BgNVBAMTBFdpcmUwggGiMA0GCSqGSIb3DQEBAQUAA4IBjwAwggGKAoIBgQDSwHEq
S+NcP1Z8EIL9sE7nOrZjgJ5026VZQzEIqCSACbabQQlRkRjpSIX5LYZdhuYfZop7
12rYjG7tLEjOIwgN85fxNdWm45BIrkOtTN1QTeqz1ufBtAcH7/QEQt11gyfbvImX
ZXwIEXYVVnUq3qqCmPM2NKoB95TctflTbJhjeBQBJe4JwZKQXiyRvMOGIWb+f5ff
4RQQ6RNjJhCAQeuzOMEgM1b56KLkmEHaM1Tl9CsTVEvSWUUghzitigSf9QqhoIqQ
hI9I+nla2KaKmCl+12bq8Nk1mmHHKW5H/NoL6QDjRI0XPVSw6fQycNAzLwH1Jw9d
pV6OV8RER8lwL8VYcEaozG7hQsDSHVHYcfhRo236N1G7SmNSY2d97QIjTGTX5KOH
fvsJl946Y2iPu+w7tem8L0HwtLXme42V3NQWVPskwcTQy4+8G4D2tPmcJmbaQWcp
PANENSaNHshwDzWsZdR4kF8nY5KuhMc6vT3fyvnG0mp908sTNH5oZSO7SpMCAwEA
AaNFMEMwDgYDVR0PAQH/BAQDAgIEMBIGA1UdEwEB/wQIMAYBAf8CAQAwHQYDVR0O
BBYEFN3VU0nWPMg8Y/HqFfi+jhfQs2jfMA0GCSqGSIb3DQEBCwUAA4IBgQBCtkeA
9NBn/adbhLh40odjvdg63K5hd/sDD2RtpOIwHqHMoI9FUlzFrm9G37LprPB7Bp5U
OQH87SwT/w9hWaO8x5M7k2mOMoBBuWPYQJROdrx2SlnhzVcrDGzo0ZKR6R+AKRtd
9pLKf5swqTepD/pClkSWoKQ8wvDCX2Nzv3djMpkG17VAeZyGzwRmG9XyjtgXd0wr
JPpo6L22PBlniqg6fBUabwT+LVBbM9F5bc+pxPZtei8l2HNZvFGgKR10Sqi55t+I
Ysutyr01qeCDHvFTiqTgE45WKFByVB+IG1DDJmBj3PkL5+QckWBgSsOPJnmV1O+t
kORB8OW4ZF47A9/wRYH1TGR6Z2fkeuum5udVbG3z29LFcZYUsPAMRLlFMDHRx+t/
TTTPTWvxaXMNIdvg5EZSvvY3Ae58eCgZVWjD6ndIjgShdiiVLv27oYj49QPz+vRt
dsTfGhU0vLBfoT8jzMDCzxAfUXwsyAFXuDG5otoGqDNZPUMfGz/1ERvyGH0=
-----END CERTIFICATE-----
3 changes: 3 additions & 0 deletions server/config.ts
View file
Original file line number Diff line number Diff line change
Expand Up @@ -149,6 +149,9 @@ const config: ServerConfig = {
ALLOWED_HOSTS: ['account.wire.com'],
DISALLOW: readFile(ROBOTS_DISALLOW_FILE, 'User-agent: *\r\nDisallow: /'),
},
SSL_CERTIFICATE_KEY_PATH:
process.env.SSL_CERTIFICATE_KEY_PATH || path.join(__dirname, 'certificate/development-key.pem'),
SSL_CERTIFICATE_PATH: process.env.SSL_CERTIFICATE_PATH || path.join(__dirname, 'certificate/development-cert.pem'),
},
};

Expand Down

0 comments on commit bdaa41a

Please sign in to comment.