letsencrypt test

build.clj

@@ -1,7 +1,5 @@
 (ns build
   (:require
-   [clojure.java.io :as io]
-   [clojure.string :as str]
    [clojure.tools.build.api :as b]
    [org.corfield.build :as bb] ; https://github.com/seancorfield/build-clj
    [deps-deploy.deps-deploy :as dd]))
@@ -12,9 +10,6 @@
 
 (defn jar "build the JAR" [opts]
   (println "Building the JAR")
-  #_(spit (doto (fs/file "resources/META-INF/pink-gorilla/webly3/meta.edn")
-          (-> fs/parent fs/create-dirs)) {:module-name "rest"
-                                          :version version})
   (-> opts
       (assoc :lib lib
              :version version

demo/deps.edn

@@ -0,0 +1,48 @@
+{:paths ["src" "resources"]
+ :deps {org.clojure/clojure    {:mvn/version "1.11.1"}
+        ; ring middleware
+        ring/ring-core {:mvn/version "1.13.0"} ; https://github.com/ring-clojure/ring
+        metosin/muuntaja {:mvn/version "0.6.10"} ; 30x faster than ring-middleware-format
+        ring-cors/ring-cors {:mvn/version "0.1.13"}
+        bk/ring-gzip {:mvn/version "0.3.0"} ; from oz
+        ring/ring-devel {:mvn/version "1.13.0"} ; reload middleware - same version as rig/core
+        bidi/bidi {:mvn/version "2.1.6"}
+        ring/ring-defaults {:mvn/version "0.5.0"
+                            :exclusions [javax.servlet/servlet-api]}
+        prone/prone {:mvn/version "2021-04-23"} ; exception middleware
+        ring/ring-json {:mvn/version "0.5.1"}
+        ; https
+        ;org.shredzone.acme4j/acme4j-client {:mvn/version "2.7"}
+        ;org.shredzone.acme4j/acme4j-utils {:mvn/version "2.7"}
+        ;org.bouncycastle/bcprov-jdk15on {:mvn/version "1.69"}
+        ;org.bouncycastle/bcpkix-fips {:mvn/version "1.0.3"}
+        ;simplevalue/letsencrypt {:git/url "https://github.com/SimpleValue/sv.letsencrypt.git"
+        ;                         :sha "8b1a85846acaaa37a58b054f2372d8fde0663b75"}
+        ; webserver
+        ;info.sunng/ring-jetty9-adapter {:mvn/version  "0.15.2"} ; uses jetty 10.0.2,
+        ;info.sunng/ring-jetty9-adapter {:mvn/version  "0.36.0"} ; jetty 12, but could not get it to work with sente.
+        ring/ring-jetty-adapter {:mvn/version "1.13.0"} ; jetty 11
+
+        hiccup/hiccup {:mvn/version "1.0.5"}   ; server side templating
+        ; modular
+        org.pinkgorilla/webserver {:local/root ".." :deps/manifest :deps}
+
+        }
+
+
+ :aliases
+ {
+
+  :redirect {:exec-fn  demo.core/start}
+
+  :webserver {:exec-fn  demo.https/run-webserver}
+
+  ; requires java/bouncycastle to be installed.
+  ; guix has the package: java-bouncycastle
+  ; :get-certificates {:exec-fn  demo.https/get-certificates}
+
+
+;
+  }}
+
+

demo/public/test.txt

@@ -0,0 +1 @@
+hello.

demo/src/demo/core.clj

@@ -0,0 +1,11 @@
+(ns demo.core
+  (:require
+   [modular.webserver.https.core :refer [start-redirect]]))
+
+
+
+
+(defn start [& _]
+  (start-redirect)
+
+  )

deps.edn

@@ -23,9 +23,16 @@
         ;info.sunng/ring-jetty9-adapter {:mvn/version  "0.36.0"} ; jetty 12, but could not get it to work with sente.
         ring/ring-jetty-adapter {:mvn/version "1.13.0"} ; jetty 11
 
+        ; for https:
+        metosin/reitit-ring        {:mvn/version "0.7.2"} ; routing library
+        babashka/fs {:mvn/version "0.5.22"}
+
+
         hiccup/hiccup {:mvn/version "1.0.5"}   ; server side templating
         ; modular
         org.pinkgorilla/modular {:mvn/version "0.2.61"} ; encoding
+
+
         }
 
 

script/create_certificate.sh

@@ -12,6 +12,7 @@ certbot certonly \
 
 # --webroot \
 
+sudo certbot certonly --webroot -w /path/to/your/project/public -d yourdomain.com
 
 # https://github.com/DerGuteMoritz/clj-oauth2/issues?q=is%3Aissue+is%3Aclosed
 

script/create_certificate2.sh

@@ -0,0 +1,25 @@
+#!/bin/sh
+
+# keytool -keysize 2048 -genkey -alias jetty -keyalg RSA -keystore jetty.keystore
+
+
+
+# --webroot \
+
+sudo certbot certonly --webroot -w public -d admin.crbclean.com
+
+# https://github.com/DerGuteMoritz/clj-oauth2/issues?q=is%3Aissue+is%3Aclosed
+
+# https://gist.github.com/karanth/8633258
+
+# https://github.com/codecitizen/clj-jwt/blob/master/src/jwt.clj
+
+#https://github.com/riemann/riemann
+
+#  mega geil: jwt claim google
+#  https://gist.github.com/arohner/8d94ee5704b1c0c1b206186525d9f7a7
+
+# gute doc.
+# https://www.sorcerers-tower.net/articles/configuring-jetty-for-https-with-letsencrypt
+
+#  https://coderwall.com/p/y9w4-g/google-oauth2-in-clojure

src/modular/webserver/https/core.clj

@@ -0,0 +1,39 @@
+(ns modular.webserver.https.core
+  (:require
+   [babashka.fs :as fs]
+   [ring.util.response :as response]
+   [reitit.ring :as ring]
+   [modular.webserver.server.jetty :refer [run-jetty-server]]))
+
+(defn redirect-to-port-8080 [request]
+  (println "redirecting request: " request)
+  (let [host (:server-name request)
+        uri (:uri request)
+        query-string (:query-string request)
+        scheme (name (:scheme request))
+        redirect-url (str scheme "://" host ":8080" uri (when query-string (str "?" query-string)))]
+    (response/redirect redirect-url)))
+
+(defn static-file-handler [dir]
+  (let [acme-dir (str dir "/.well-known/acme-challenge")]
+    (fs/create-dirs acme-dir)  
+    (ring/create-file-handler {:root dir :path "/"})
+    )
+
+  )
+
+(def handler
+  (ring/ring-handler
+   (ring/router
+    [["/ping" (fn [req] (println "ping!") {:status 200, :body "pong"})]
+     ["*" (static-file-handler "public")]
+     ["*" redirect-to-port-8080]
+     ]
+    {:conflicts (constantly nil)})
+   (ring/create-default-handler)
+   ))
+
+(defn start-redirect []
+  (run-jetty-server handler {:port 80}))
+
+