The preview server can now serve over HTTPS using the --https flag. It will use an automatic self-signed cert which can be overridden using --ssl_certificate and --ssl_private_key. These settings can also be set in config.rb.

2015-05-02 20:54:58 -07:00 · 2015-05-02 20:54:58 -07:00 · f8e4f6f059
parent d1211cc089
commit f8e4f6f059
4 changed files with 54 additions and 2 deletions
--- a/CHANGELOG.md
+++ b/CHANGELOG.md
@ -33,3 +33,4 @@ master
 * Remove deprecated `request` instance
 * Remove old module-style extension support
 * Placed all `config.rb` evaluation inside the `ConfigContext` class
+* The preview server can now serve over HTTPS using the `--https` flag. It will use an automatic self-signed cert which can be overridden using `--ssl_certificate` and `--ssl_private_key`. These settings can also be set in `config.rb`
--- a/middleman-core/lib/middleman-core/application.rb
+++ b/middleman-core/lib/middleman-core/application.rb
@ -89,6 +89,18 @@ module Middleman
    # @return [Fixnum]
    config.define_setting :port, 4567, 'The preview server port'

+    # Whether to serve the preview server over HTTPS.
+    # @return [Boolean]
+    config.define_setting :https, false, 'Serve the preview server over SSL/TLS'
+
+    # The (optional) path to the SSL cert to use for the preview server.
+    # @return [String]
+    config.define_setting :ssl_certificate, nil, 'Path to an X.509 certificate to use for the preview server'
+
+    # The (optional) private key for the certificate in :ssl_certificate.
+    # @return [String]
+    config.define_setting :ssl_private_key, nil, "Path to an RSA private key for the preview server's certificate"
+
    # Name of the source directory
    # @return [String]
    config.define_setting :source, 'source', 'Name of the source directory'
--- a/middleman-core/lib/middleman-core/cli/server.rb
+++ b/middleman-core/lib/middleman-core/cli/server.rb
@ -18,6 +18,13 @@ module Middleman::Cli
    method_option :port,
                  aliases: '-p',
                  desc: 'The port Middleman will listen on'
+    method_option :https,
+                  type: :boolean,
+                  desc: 'Serve the preview server over SSL/TLS'
+    method_option :ssl_certificate,
+                  desc: 'Path to an X.509 certificate to use for the preview server'
+    method_option :ssl_private_key,
+                  desc: "Path to an RSA private key for the preview server's certificate"
    method_option :verbose,
                  type: :boolean,
                  default: false,
@ -63,6 +70,9 @@ module Middleman::Cli
      params = {
        port: options['port'],
        host: options['host'],
+        https: options['https'],
+        ssl_certificate: options['ssl_certificate'],
+        ssl_private_key: options['ssl_private_key'],
        environment: options['environment'],
        debug: options['verbose'],
        instrumenting: options['instrument'],
--- a/middleman-core/lib/middleman-core/preview_server.rb
+++ b/middleman-core/lib/middleman-core/preview_server.rb
@ -1,4 +1,6 @@
 require 'webrick'
+require 'webrick/https'
+require 'openssl'
 require 'middleman-core/meta_pages'
 require 'middleman-core/logger'
 require 'middleman-core/rack'
@ -9,9 +11,13 @@ module Middleman
    class << self
      extend Forwardable

-      attr_reader :app, :host, :port
+      attr_reader :app, :host, :port, :ssl_certificate, :ssl_private_key
      def_delegator :app, :logger

+      def https?
+        @https
+      end
+
      # Start an instance of Middleman::Application
      # @return [void]
      def start(opts={})
@ -105,6 +111,8 @@ module Middleman

          config[:host] = opts[:host] if opts[:host]
          config[:port] = opts[:port] if opts[:port]
+          config[:ssl_certificate] = opts[:ssl_certificate] if opts[:ssl_certificate]
+          config[:ssl_private_key] = opts[:ssl_private_key] if opts[:ssl_private_key]

          ready do
            match_against = [
@ -123,6 +131,10 @@ module Middleman

        @host = app.config[:host]
        @port = app.config[:port]
+        @https = @app.config[:https]
+
+        @ssl_certificate = @app.config[:ssl_certificate]
+        @ssl_private_key = @app.config[:ssl_private_key]

        app.files.on_change :reload do
          $mm_reload = true
@ -163,6 +175,22 @@ module Middleman
          DoNotReverseLookup: true
        }

+        if https?
+          http_opts[:SSLEnable] = true
+
+          if ssl_certificate || ssl_private_key
+            raise "You must provide both :ssl_certificate and :ssl_private_key" unless ssl_private_key && ssl_certificate
+            http_opts[:SSLCertificate] = OpenSSL::X509::Certificate.new File.read ssl_certificate
+            http_opts[:SSLPrivateKey] = OpenSSL::PKey::RSA.new File.read ssl_private_key
+          else
+            # use a generated self-signed cert
+            http_opts[:SSLCertName] = [
+                                       %w(CN localhost),
+                                       %w(CN #{host})
+                                      ].uniq
+          end
+        end
+
        if is_logging
          http_opts[:Logger] = FilteredWebrickLog.new
        else
@ -203,7 +231,8 @@ module Middleman
      # @return [URI]
      def uri
        host = (@host == '0.0.0.0') ? 'localhost' : @host
-        URI("http://#{host}:#{@port}")
+        scheme = https? ? 'https' : 'http'
+        URI("#{scheme}://#{host}:#{@port}")
      end
    end