From 120198d195f18cc6a2dfb74329858854f2fb1637 Mon Sep 17 00:00:00 2001 From: Yonle Date: Sat, 13 Jan 2024 18:53:59 +0700 Subject: [PATCH] code improvement after PR #11 Signed-off-by: Yonle --- config.js.example | 6 ++++-- http.js | 27 +++++++++++++++++---------- 2 files changed, 21 insertions(+), 12 deletions(-) diff --git a/config.js.example b/config.js.example index 8114b02..2d48321 100644 --- a/config.js.example +++ b/config.js.example @@ -6,8 +6,10 @@ module.exports = { address: "0.0.0.0", port: "8080", - // If you want to use HTTPS, specify the absolute path of the private key/certificate in the following options. - // NOTE: If you specify the value below, the server will no longer accept insecure connections. + // Standalone HTTPS server. Normally bostr is accepting unsecured connections. + // Specifying the absolute path of the private key/certificate will make bostr to only accept secured connections. + // + // Tip: You do not need this if you are running bostr behind reverse proxy. https: { privKey: "", certificate: "", diff --git a/http.js b/http.js index c4628b3..b4807aa 100644 --- a/http.js +++ b/http.js @@ -11,9 +11,12 @@ const curD = _ => (new Date()).toLocaleString("ia"); const log = _ => console.log(process.pid, curD(), "-", _); // Server -let dyn_proto -let ws_proto = "ws"; -if(fs.existsSync(config.https?.privKey) && fs.existsSync(config.https?.certificate)) { +let server = null; + +if ( + fs.existsSync(config.https?.privKey) && + fs.existsSync(config.https?.certificate) +) { let http2_options = { allowHTTP1: true, key: fs.readFileSync(config.https?.privKey), @@ -22,13 +25,17 @@ if(fs.existsSync(config.https?.privKey) && fs.existsSync(config.https?.certifica dhparam: "auto", paddingStrategy: http2.constants.PADDING_STRATEGY_MAX } - if(fs.existsSync(config.https?.ticketKey)) http2_options.ticketKeys = fs.readFileSync(config.https?.ticketKey); - dyn_proto = http2.createSecureServer(http2_options); - ws_proto = "wss"; + + if (fs.existsSync(config.https?.ticketKey)) + http2_options.ticketKeys = fs.readFileSync(config.https?.ticketKey); + + server = http2.createSecureServer(http2_options); + server.isStandaloneHTTPS = true; } else { - dyn_proto = http.createServer({ noDelay: true }) + server = http.createServer({ noDelay: true }) + server.isStandaloneHTTPS = false; } -const server = dyn_proto; + const wss = new WebSocket.WebSocketServer({ noServer: true }); const lastConn = new Map(); @@ -54,7 +61,7 @@ server.on('request', (req, res) => { res.write(`\nI have ${wss.clients.size} clients currently connected to this bouncer${(process.env.CLUSTERS || config.clusters) > 1 ? " on this cluster" : ""}.\n`); if (config?.authorized_keys?.length) res.write("\nNOTE: This relay has configured for personal use only. Only authorized users could use this bostr relay.\n"); - res.write(`\nConnect to this bouncer with nostr client: ${req.headers["x-forwarded-proto"]?.replace(/http/i, "ws") || ws_proto}://${req.headers.host}${req.url}\n\n---\n`); + res.write(`\nConnect to this bouncer with nostr client: ${req.headers["x-forwarded-proto"]?.replace(/http/i, "ws") || (server.isStandaloneHTTPS ? "wss" : "ws")}://${req.headers.host}${req.url}\n\n---\n`); res.end(`Powered by Bostr (${version}) - Open source Nostr bouncer\nhttps://github.com/Yonle/bostr`); } else if (req.url.startsWith("/favicon") && favicon) { res.writeHead(200, { "Content-Type": "image/" + config.favicon?.split(".").pop() }); @@ -85,5 +92,5 @@ server.on('upgrade', (req, sock, head) => { }); const listened = server.listen(process.env.PORT || config.port, config.address || "0.0.0.0", _ => { - log("Bostr is now listening on " + `${ws_proto}://` + (config.address || "0.0.0.0") + ":" + config.port); + log("Bostr is now listening on " + `${server.isStandaloneHTTPS ? "wss" : "ws"}://` + (config.address || "0.0.0.0") + ":" + config.port); });