ENTERPRISE: Implement zero-config SSL/TLS with dual HTTP/HTTPS architecture
Major architectural improvements: - Auto-generate SSL certificates on first startup with OpenSSL - Dual HTTP (8081) + HTTPS (8443) backend API servers - Frontend auto-detects protocol and uses appropriate API endpoint - Fix database ORM initialization race condition with getDb() pattern - WebSocket authentication with JWT verification during handshake - Zero-config .env file generation for production deployment - Docker and nginx configurations for container deployment Technical fixes: - Eliminate module initialization race conditions in database access - Replace direct db imports with safer getDb() function calls - Automatic HTTPS frontend development server (npm run dev:https) - SSL certificate generation with termix.crt/termix.key - Cross-platform environment variable support with cross-env This enables seamless HTTP→HTTPS upgrade with zero manual configuration. 🤖 Generated with [Claude Code](https://claude.ai/code) Co-Authored-By: Claude <noreply@anthropic.com>
This commit is contained in:
ZacharyZcR
@@ -1,11 +1,11 @@
|
||||
// npx tsc -p tsconfig.node.json
|
||||
// node ./dist/backend/starter.js
|
||||
|
||||
import "./database/database.js";
|
||||
import "dotenv/config";
|
||||
import { AutoSSLSetup } from "./utils/auto-ssl-setup.js";
|
||||
import { AuthManager } from "./utils/auth-manager.js";
|
||||
import { DataCrypto } from "./utils/data-crypto.js";
|
||||
import { systemLogger, versionLogger } from "./utils/logger.js";
|
||||
import "dotenv/config";
|
||||
|
||||
(async () => {
|
||||
try {
|
||||
@@ -15,6 +15,19 @@ import "dotenv/config";
|
||||
version: version,
|
||||
});
|
||||
|
||||
// Auto-initialize SSL/TLS configuration
|
||||
await AutoSSLSetup.initialize();
|
||||
|
||||
// Initialize database first - required before other services
|
||||
systemLogger.info("Initializing database...", {
|
||||
operation: "database_init"
|
||||
});
|
||||
const dbModule = await import("./database/db/index.js");
|
||||
await dbModule.databaseReady;
|
||||
systemLogger.success("Database initialized successfully", {
|
||||
operation: "database_init_complete"
|
||||
});
|
||||
|
||||
// Production environment security checks
|
||||
if (process.env.NODE_ENV === 'production') {
|
||||
systemLogger.info("Running production environment security checks...", {
|
||||
@@ -23,11 +36,17 @@ import "dotenv/config";
|
||||
|
||||
const securityIssues: string[] = [];
|
||||
|
||||
// Check system master key
|
||||
if (!process.env.SYSTEM_MASTER_KEY) {
|
||||
securityIssues.push("SYSTEM_MASTER_KEY environment variable is required in production");
|
||||
} else if (process.env.SYSTEM_MASTER_KEY.length < 64) {
|
||||
securityIssues.push("SYSTEM_MASTER_KEY should be at least 64 characters in production");
|
||||
// Check JWT and database keys (auto-generated if missing)
|
||||
if (!process.env.JWT_SECRET) {
|
||||
securityIssues.push("JWT_SECRET should be set as environment variable in production");
|
||||
} else if (process.env.JWT_SECRET.length < 64) {
|
||||
securityIssues.push("JWT_SECRET should be at least 64 characters in production");
|
||||
}
|
||||
|
||||
if (!process.env.DATABASE_KEY) {
|
||||
securityIssues.push("DATABASE_KEY should be set as environment variable in production");
|
||||
} else if (process.env.DATABASE_KEY.length < 64) {
|
||||
securityIssues.push("DATABASE_KEY should be at least 64 characters in production");
|
||||
}
|
||||
|
||||
// Check database file encryption
|
||||
@@ -81,7 +100,16 @@ import "dotenv/config";
|
||||
operation: "security_init",
|
||||
});
|
||||
|
||||
// Load modules that depend on encryption after initialization
|
||||
// Load database-dependent modules after database initialization
|
||||
systemLogger.info("Starting database API server...", {
|
||||
operation: "api_server_init"
|
||||
});
|
||||
await import("./database/database.js");
|
||||
|
||||
// Load modules that depend on database and encryption
|
||||
systemLogger.info("Starting SSH services...", {
|
||||
operation: "ssh_services_init"
|
||||
});
|
||||
await import("./ssh/terminal.js");
|
||||
await import("./ssh/tunnel.js");
|
||||
await import("./ssh/file-manager.js");
|
||||
@@ -100,6 +128,9 @@ import "dotenv/config";
|
||||
version: version,
|
||||
});
|
||||
|
||||
// Display SSL configuration info
|
||||
AutoSSLSetup.logSSLInfo();
|
||||
|
||||
process.on("SIGINT", () => {
|
||||
systemLogger.info(
|
||||
"Received SIGINT signal, initiating graceful shutdown...",
|
||||
|
||||
Reference in New Issue
Block a user