Merged SslOnCommand/SslOffCommand

app/Commands/SslOnCommand.js → app/Commands/SslCommand.js

@@ -4,39 +4,73 @@ import 'App/Installers/CaddyInstaller'
 import 'App/Support/Site'
 
 import { FS } from 'grind-support'
-import { AbortError } from 'grind-cli'
+import { InputArgument, AbortError } from 'grind-cli'
 
 const selfsigned = require('selfsigned')
 const forge = require('node-forge')
 
-export class SslOnCommand extends BaseCommand {
+export class SslCommand extends BaseCommand {
 
-	name = 'ssl:on'
-	description = 'Turn support for ssl on'
+	name = 'ssl'
+	description = 'Turn support for ssl on or off'
+	paths
 
-	async run() {
-		const { stdout: version } = await this.execFile(this.app.paths.home('caddy'), [ '--version' ])
-		const [ , major, minor ] = version.match(/\s(\d+)\.(\d+)/)
-
-		if(Number(major) < 1 && Number(minor) < 11) {
-			throw new AbortError('The version of caddy installed is too old.\nRun `sudo marina update` before continuing.')
-		}
+	arguments = [ new InputArgument('option', InputArgument.VALUE_REQUIRED, 'Turn SSL “on” or ”off”`') ]
 
-		const paths = {
+	async ready() {
+		this.paths = {
 			private: this.app.paths.certs('marina.key'),
 			public: this.app.paths.certs('marina.pub'),
 			cert: this.app.paths.certs('marina.crt'),
 			p12: this.app.paths.certs('marina.p12')
 		}
 
-		if(await FS.exists(paths.cert)) {
-			throw new AbortError('It looks like ssl has previously been turned on.\nPlease run `marina ssl:off` before proceeding.')
+		return super.ready()
+	}
+
+	async run() {
+		const option = this.argument('option').toLowerCase()
+
+		if(option !== 'on' && option !== 'off') {
+			throw new AbortError('The only valid argument is “on” or “off”.')
 		}
 
 		if(!(await this.confirm('This will rewrite your Caddyfiles, do you want to proceed?'))) {
 			return process.exit(1)
 		}
 
+		if(option === 'on') {
+			await this._on()
+		} else {
+			await this._off()
+		}
+
+		this.app.settings.ssl = option === 'on'
+		await this.app.settings.save()
+
+		await Site.forEach(this.app, (file, site) => {
+			Log.comment('Updating', site.fqdn)
+			return site.save()
+		})
+
+		Log.comment('Restarting Caddy')
+		await (new CaddyInstaller).restart()
+
+		Log.success('Done')
+	}
+
+	async _on() {
+		const { stdout: version } = await this.execFile(this.app.paths.home('caddy'), [ '--version' ])
+		const [ , major, minor ] = version.match(/\s(\d+)\.(\d+)/)
+
+		if(Number(major) < 1 && Number(minor) < 11) {
+			throw new AbortError('The version of caddy installed is too old.\nRun `sudo marina update` before continuing.')
+		}
+
+		if(await FS.exists(this.paths.cert)) {
+			throw new AbortError('It looks like ssl has previously been turned on.\nPlease run `marina ssl off` before proceeding.')
+		}
+
 		await FS.mkdirs(this.app.paths.certs())
 
 		Log.comment('Generating certificates')
@@ -62,24 +96,24 @@ export class SslOnCommand extends BaseCommand {
 		const p12Der = forge.asn1.toDer(p12).getBytes()
 
 		await Promise.all([
-			FS.writeFile(paths.private, out.private),
-			FS.writeFile(paths.public, out.public),
-			FS.writeFile(paths.cert, out.cert),
-			FS.writeFile(paths.p12, p12Der, { encoding: 'binary' }),
+			FS.writeFile(this.paths.private, out.private),
+			FS.writeFile(this.paths.public, out.public),
+			FS.writeFile(this.paths.cert, out.cert),
+			FS.writeFile(this.paths.p12, p12Der, { encoding: 'binary' }),
 		])
 
 		Log.comment('Installing certificate to keychain')
 		await this.execFile('security', [
 			'import',
-			paths.p12,
+			this.paths.p12,
 			'-k', this.app.paths.home('../Library/Keychains/login.keychain'),
 			'-P', 'marina'
 		])
 		await this.execFile('security', [
 			'add-trusted-cert',
 			'-r', 'trustRoot',
 			'-k', this.app.paths.home('../Library/Keychains/login.keychain'),
-			paths.cert
+			this.paths.cert
 		])
 
 		Log.comment('Configuring Caddy')
@@ -88,19 +122,31 @@ export class SslOnCommand extends BaseCommand {
 			destination: this.app.paths.certs('ssl.conf')
 		}
 		await this.execAsUser(`cp "${Caddyfile.source}" "${Caddyfile.destination}"`)
+	}
 
-		this.app.settings.ssl = true
-		await this.app.settings.save()
-
-		await Site.forEach(this.app, (file, site) => {
-			Log.comment('Updating', site.fqdn)
-			return site.save()
-		})
-
-		Log.comment('Restarting Caddy')
-		await (new CaddyInstaller).restart()
+	async _off() {
+		if(await FS.exists(this.paths.cert)) {
+			Log.comment('Uninstalling certificate from keychain')
+			const cert = forge.pki.certificateFromPem(await FS.readFile(this.paths.cert))
+			const der = forge.asn1.toDer(forge.pki.certificateToAsn1(cert)).getBytes()
+			const m = forge.md.sha1.create()
+			m.start()
+			m.update(der)
+
+			const fingerprint = m.digest().toHex().match(/.{2}/g).join('').toUpperCase()
+
+			try {
+				await this.execFile('security', [
+					'delete-certificate', '-t',
+					'-Z', fingerprint
+				])
+			} catch(_) {
+				Log.error('Unable to remove certificate from keychain, this likely means it wasn’t there to begin with.')
+			}
+		}
 
-		Log.success('Done')
+		Log.comment('Removing certificates')
+		await this.execFile('rm', [ '-fr', this.app.paths.certs() ])
 	}
 
 }

app/Providers/CommandsProvider.js

@@ -7,8 +7,7 @@ import 'App/Commands/ListCommand'
 import 'App/Commands/OpenCommand'
 import 'App/Commands/RestartCommand'
 import 'App/Commands/ShareCommand'
-import 'App/Commands/SslOffCommand'
-import 'App/Commands/SslOnCommand'
+import 'App/Commands/SslCommand'
 import 'App/Commands/StartCommand'
 import 'App/Commands/StopCommand'
 import 'App/Commands/UndockCommand'
@@ -27,8 +26,7 @@ export async function CommandsProvider(app) {
 		app.cli.register(OpenCommand)
 		app.cli.register(RestartCommand)
 		app.cli.register(ShareCommand)
-		app.cli.register(SslOffCommand)
-		app.cli.register(SslOnCommand)
+		app.cli.register(SslCommand)
 		app.cli.register(StartCommand)
 		app.cli.register(StopCommand)
 		app.cli.register(UndockCommand)