Merge pull request #1507 from bhollis/ssl

Allow preview server to use HTTPS
This commit is contained in:
Thomas Reynolds 2015-05-03 10:32:48 -07:00
commit 9932d0da84
4 changed files with 58 additions and 4 deletions

View file

@ -1,6 +1,8 @@
master master
=== ===
* The preview server can now serve over HTTPS using the `--https` flag. It will use an automatic self-signed cert which can be overridden using `--ssl_certificate` and `--ssl_private_key`. These settings can also be set in `config.rb`
3.3.11 3.3.11
=== ===
* Add `srcset` option to `image_tag`. Also enables them in Markdown. * Add `srcset` option to `image_tag`. Also enables them in Markdown.
@ -22,7 +24,7 @@ master
3.3.8 3.3.8
=== ===
* Define a mime type for sourcemaps. #1451 * Define a mime type for sourcemaps. #1451
* Asset hashing for image references in srcset * Asset hashing for image references in srcset
* Import patch to bugfix from Padrino Helpers #1401 * Import patch to bugfix from Padrino Helpers #1401
* Better URI encoding and decoding #1406 * Better URI encoding and decoding #1406
* Update version of i18n * Update version of i18n

View file

@ -75,6 +75,18 @@ module Middleman
# @return [Fixnum] # @return [Fixnum]
config.define_setting :port, 4567, 'The preview server port' config.define_setting :port, 4567, 'The preview server port'
# Whether to serve the preview server over HTTPS.
# @return [Boolean]
config.define_setting :https, false, 'Serve the preview server over SSL/TLS'
# The (optional) path to the SSL cert to use for the preview server.
# @return [String]
config.define_setting :ssl_certificate, nil, 'Path to an X.509 certificate to use for the preview server'
# The (optional) private key for the certificate in :ssl_certificate.
# @return [String]
config.define_setting :ssl_private_key, nil, "Path to an RSA private key for the preview server's certificate"
# Name of the source directory # Name of the source directory
# @return [String] # @return [String]
config.define_setting :source, 'source', 'Name of the source directory' config.define_setting :source, 'source', 'Name of the source directory'

View file

@ -18,6 +18,13 @@ module Middleman::Cli
method_option :port, method_option :port,
aliases: '-p', aliases: '-p',
desc: 'The port Middleman will listen on' desc: 'The port Middleman will listen on'
method_option :https,
type: :boolean,
desc: 'Serve the preview server over SSL/TLS'
method_option :ssl_certificate,
desc: 'Path to an X.509 certificate to use for the preview server'
method_option :ssl_private_key,
desc: "Path to an RSA private key for the preview server's certificate"
method_option :verbose, method_option :verbose,
type: :boolean, type: :boolean,
default: false, default: false,
@ -63,6 +70,9 @@ module Middleman::Cli
params = { params = {
port: options['port'], port: options['port'],
host: options['host'], host: options['host'],
https: options['https'],
ssl_certificate: options['ssl_certificate'],
ssl_private_key: options['ssl_private_key'],
environment: options['environment'], environment: options['environment'],
debug: options['verbose'], debug: options['verbose'],
instrumenting: options['instrument'], instrumenting: options['instrument'],

View file

@ -1,4 +1,6 @@
require 'webrick' require 'webrick'
require 'webrick/https'
require 'openssl'
require 'middleman-core/meta_pages' require 'middleman-core/meta_pages'
require 'middleman-core/logger' require 'middleman-core/logger'
@ -6,17 +8,22 @@ require 'middleman-core/logger'
module Middleman module Middleman
module PreviewServer module PreviewServer
class << self class << self
attr_reader :app, :host, :port attr_reader :app, :host, :port, :ssl_certificate, :ssl_private_key
delegate :logger, to: :app delegate :logger, to: :app
def https?
@https
end
# Start an instance of Middleman::Application # Start an instance of Middleman::Application
# @return [void] # @return [void]
def start(opts={}) def start(opts={})
@options = opts @options = opts
mount_instance(new_app) mount_instance(new_app)
logger.info "== The Middleman is standing watch at http://#{host}:#{port}" scheme = https? ? 'https' : 'http'
logger.info "== Inspect your site configuration at http://#{host}:#{port}/__middleman/" logger.info "== The Middleman is standing watch at #{scheme}://#{host}:#{port}"
logger.info "== Inspect your site configuration at #{scheme}://#{host}:#{port}/__middleman/"
@initialized ||= false @initialized ||= false
return if @initialized return if @initialized
@ -106,10 +113,17 @@ module Middleman
config[:environment] = opts[:environment].to_sym if opts[:environment] config[:environment] = opts[:environment].to_sym if opts[:environment]
config[:host] = opts[:host] if opts[:host] config[:host] = opts[:host] if opts[:host]
config[:port] = opts[:port] if opts[:port] config[:port] = opts[:port] if opts[:port]
config[:https] = opts[:https] unless opts[:https].nil?
config[:ssl_certificate] = opts[:ssl_certificate] if opts[:ssl_certificate]
config[:ssl_private_key] = opts[:ssl_private_key] if opts[:ssl_private_key]
end end
@host = @app.config[:host] @host = @app.config[:host]
@port = @app.config[:port] @port = @app.config[:port]
@https = @app.config[:https]
@ssl_certificate = @app.config[:ssl_certificate]
@ssl_private_key = @app.config[:ssl_private_key]
@app @app
end end
@ -173,6 +187,22 @@ module Middleman
DoNotReverseLookup: true DoNotReverseLookup: true
} }
if https?
http_opts[:SSLEnable] = true
if ssl_certificate || ssl_private_key
raise "You must provide both :ssl_certificate and :ssl_private_key" unless ssl_private_key && ssl_certificate
http_opts[:SSLCertificate] = OpenSSL::X509::Certificate.new File.read ssl_certificate
http_opts[:SSLPrivateKey] = OpenSSL::PKey::RSA.new File.read ssl_private_key
else
# use a generated self-signed cert
http_opts[:SSLCertName] = [
%w(CN localhost),
%w(CN #{host})
].uniq
end
end
if is_logging if is_logging
http_opts[:Logger] = FilteredWebrickLog.new http_opts[:Logger] = FilteredWebrickLog.new
else else