Next.js+React web interface for controlling HAProxy clusters (groups of servers), in conjunction with with https://gitgud.io/fatchan/haproxy-protection.
You can not select more than 25 topics
Topics must start with a letter or number, can include dashes ('-') and can be up to 35 characters long.
30 lines
829 B
30 lines
829 B
'use strict';
|
|
|
|
import https from 'https';
|
|
import dotenv from 'dotenv';
|
|
await dotenv.config({ path: '.env' });
|
|
|
|
const agentOptions = {
|
|
rejectUnauthorized: !process.env.ALLOW_SELF_SIGNED_SSL,
|
|
};
|
|
|
|
if (process.env.PINNED_FP) {
|
|
console.log('Pinned fingerprint:', process.env.PINNED_FP);
|
|
agentOptions.checkServerIdentity = (_host, cert) => {
|
|
//TODO: host verification? e.g. tls.checkServerIdentity(host, cert);
|
|
console.log('Checking:', cert.fingerprint256);
|
|
if (process.env.PINNED_FP !== cert.fingerprint256) {
|
|
return new Error('Certificate not pinned');
|
|
}
|
|
};
|
|
}
|
|
|
|
import fs from 'fs';
|
|
if (process.env.CUSTOM_CA_PATH) {
|
|
console.log('Private CA file path:', process.env.CUSTOM_CA_PATH);
|
|
agentOptions.ca = fs.readFileSync(process.env.CUSTOM_CA_PATH);
|
|
}
|
|
|
|
const agent = new https.Agent(agentOptions);
|
|
|
|
export default agent;
|
|
|