Improve SSL mode

packages/app/vite.config.js

@@ -6,9 +6,7 @@ import aliases from "./aliases"
 import { defineConfig } from "vite"
 import react from "@vitejs/plugin-react"
 
-const backendUri = "https://0.0.0.0:9000"
-const oneYearInSeconds = 60 * 60 * 24 * 365
-const sslDirPath = path.join(__dirname, ".ssl")
+const sslDirPath = path.resolve(__dirname, "../../", ".ssl")
 
 const config = {
 	plugins: [react()],
@@ -22,11 +20,11 @@ const config = {
 			allow: ["..", "../../"],
 		},
 		headers: {
-			"Strict-Transport-Security": `max-age=${oneYearInSeconds}`,
+			"Strict-Transport-Security": `max-age=31536000`,
 		},
 		proxy: {
 			"/api": {
-				target: backendUri,
+				target: "http://0.0.0.0:9000",
 				rewrite: (path) => path.replace(/^\/api/, ""),
 				hostRewrite: true,
 				changeOrigin: true,
@@ -50,11 +48,23 @@ const config = {
 	},
 }
 
-// if (fs.existsSync(sslDirPath)) {
-// 	config.server.https = {
-// 		key: path.join(__dirname, ".ssl", "privkey.pem"),
-// 		cert: path.join(__dirname, ".ssl", "cert.pem"),
-// 	}
-// }
+if (fs.existsSync(sslDirPath)) {
+	const keyPath = path.join(sslDirPath, "privkey.pem")
+	const certPath = path.join(sslDirPath, "cert.pem")
+
+	if (fs.existsSync(keyPath) && fs.existsSync(certPath)) {
+		console.info(`Starting server on SSL mode > [${sslDirPath}]`)
+
+		config.server.proxy["/api"].target = "https://0.0.0.0:9000"
+		config.server.https = {
+			key: keyPath,
+			cert: certPath,
+		}
+	} else {
+		console.error(
+			`SSL path finded, but some files are missing. Disabling ssl mode.\nRequired files:\n\t${keyPath}\n\t${certPath}`,
+		)
+	}
+}
 
 export default defineConfig(config)

packages/server/gateway/index.js

@@ -20,15 +20,12 @@ import * as Managers from "./managers"
 global.debugFlag = process.env.DEBUG === "true"
 const isProduction = process.env.NODE_ENV === "production"
 
-const sslKey = path.resolve(process.cwd(), ".ssl", "privkey.pem")
-const sslCert = path.resolve(process.cwd(), ".ssl", "cert.pem")
-
 /**
  * Gateway class - Main entry point for the service orchestrator
  * Manages service discovery, spawning, and communication
  */
 export default class Gateway {
-	static gatewayMode = process.env.GATEWAY_MODE ?? "http_proxy"
+	static gatewayMode = process.env.GATEWAY_MODE ?? "nginx"
 
 	eventBus = new EventEmitter()
 
@@ -382,8 +379,8 @@ export default class Gateway {
 		this.gateway = new Managers[this.constructor.gatewayMode]({
 			port: this.state.proxyPort,
 			internalIp: this.state.internalIp,
-			cert_file_name: sslCert,
-			key_file_name: sslKey,
+			key_file_name: process.env.GATEWAY_SSL_KEY,
+			cert_file_name: process.env.GATEWAY_SSL_CERT,
 		})
 
 		if (typeof this.gateway.initialize === "function") {

packages/server/gateway/managers/nginx/index.js

@@ -7,10 +7,6 @@ import defaults from "linebridge/dist/defaults"
 const localNginxBinary = path.resolve(process.cwd(), "nginx-bin")
 const serverPkg = require("../../../package.json")
 
-/**
- * NginxManager - Optimized version that batches configurations
- * Waits for all services to register before applying configuration
- */
 export default class NginxManager {
 	constructor(options = {}) {
 		this.options = options

packages/server/start.js

@@ -1,3 +1,24 @@
+import fs from "node:fs"
+import path from "node:path"
+
 import Gateway from "./gateway"
 
+const rootSSLDirPath = path.resolve(__dirname, "../../", ".ssl")
+const cwdSSLDirPath = path.resolve(__dirname, ".ssl")
+
+if (fs.existsSync(rootSSLDirPath) || fs.existsSync(cwdSSLDirPath)) {
+	const rootKeyPath = path.resolve(rootSSLDirPath, "privkey.pem")
+	const rootCertPath = path.resolve(rootSSLDirPath, "cert.pem")
+	const cwdKeyPath = path.resolve(cwdSSLDirPath, "privkey.pem")
+	const cwdCertPath = path.resolve(cwdSSLDirPath, "cert.pem")
+
+	if (fs.existsSync(rootKeyPath) && fs.existsSync(rootCertPath)) {
+		process.env.GATEWAY_SSL_KEY = rootKeyPath
+		process.env.GATEWAY_SSL_CERT = rootCertPath
+	} else if (fs.existsSync(cwdKeyPath) && fs.existsSync(cwdCertPath)) {
+		process.env.GATEWAY_SSL_KEY = cwdKeyPath
+		process.env.GATEWAY_SSL_CERT = cwdCertPath
+	}
+}
+
 new Gateway().initialize()