From 10b3028196192607dab139ea01b58b94a2336eae Mon Sep 17 00:00:00 2001 From: Anmol Sethi Date: Fri, 30 Oct 2020 04:13:22 -0400 Subject: [PATCH] util: Generate self signed certificate into data directory Closes #1778 --- doc/FAQ.md | 3 +++ src/node/entry.ts | 2 +- src/node/util.ts | 18 ++++++++++-------- 3 files changed, 14 insertions(+), 9 deletions(-) diff --git a/doc/FAQ.md b/doc/FAQ.md index 370dd6660..694a07229 100644 --- a/doc/FAQ.md +++ b/doc/FAQ.md @@ -144,6 +144,9 @@ For HTTPS, you can use a self signed certificate by passing in just `--cert` or pass in an existing certificate by providing the path to `--cert` and the path to the key with `--cert-key`. +The self signed certificate will be generated into +`~/.local/share/code-server/self-signed.cert`. + If `code-server` has been passed a certificate it will also respond to HTTPS requests and will redirect all HTTP requests to HTTPS. diff --git a/src/node/entry.ts b/src/node/entry.ts index 96db046e2..3fbbb4cf1 100644 --- a/src/node/entry.ts +++ b/src/node/entry.ts @@ -209,7 +209,7 @@ const main = async (args: Args, configArgs: Args): Promise => { logger.info( args.cert && args.cert.value ? ` - Using provided certificate and key for HTTPS` - : ` - Using generated certificate and key for HTTPS`, + : ` - Using generated certificate and key for HTTPS: ${humanPath(options.cert)}`, ) } else { logger.info(" - Not serving HTTPS") diff --git a/src/node/util.ts b/src/node/util.ts index 75122fe76..ee1e85be9 100644 --- a/src/node/util.ts +++ b/src/node/util.ts @@ -55,11 +55,10 @@ export function humanPath(p?: string): string { } export const generateCertificate = async (): Promise<{ cert: string; certKey: string }> => { - const paths = { - cert: path.join(tmpdir, "self-signed.cert"), - certKey: path.join(tmpdir, "self-signed.key"), - } - const checks = await Promise.all([fs.pathExists(paths.cert), fs.pathExists(paths.certKey)]) + const certPath = path.join(paths.data, "self-signed.cert") + const certKeyPath = path.join(paths.data, "self-signed.key") + + const checks = await Promise.all([fs.pathExists(certPath), fs.pathExists(certKeyPath)]) if (!checks[0] || !checks[1]) { // Require on demand so openssl isn't required if you aren't going to // generate certificates. @@ -69,10 +68,13 @@ export const generateCertificate = async (): Promise<{ cert: string; certKey: st return error ? reject(error) : resolve(result) }) }) - await fs.mkdirp(tmpdir) - await Promise.all([fs.writeFile(paths.cert, certs.certificate), fs.writeFile(paths.certKey, certs.serviceKey)]) + await fs.mkdirp(paths.data) + await Promise.all([fs.writeFile(certPath, certs.certificate), fs.writeFile(certKeyPath, certs.serviceKey)]) + } + return { + cert: certPath, + certKey: certKeyPath, } - return paths } export const generatePassword = async (length = 24): Promise => {