👋🤓 Goodbye Site.js, Hello Kitten!

I started working on creating a Small Web¹ server (a peer-to-peer Web server) six years ago² with Site.js.

Building Site.js was my first attempt. And it resulted in:

• Auto Encrypt (automatic Let’s Encrypt certificates): https://codeberg.org/small-tech/auto-encrypt

• Auto Encrypt Localhost (automatic localhost TLS certificates): https://codeberg.org/small-tech/auto-encrypt-localhost

• @small-tech/https (drop-in Node.js https module replacement with automatic TLS certs everywhere): https://codeberg.org/small-tech/https

• JSDB: In-process, in-memory JavaScript database that persists to append-only JavaScript logs: https://codeberg.org/small-tech/jsdb

As Site.js reached an evolutionary dead-end, and as I learned from my experiements with replicated data types that replicated data types are *not* a prerequisite for a decentralised web (actual topological decentralisation and ease of use are), I started writing a new server/platform called Kitten from scratch while still making use of the tried and tested modules listed above.

Last week, I switched over our last site using Site.js to Kitten and, with that, today I’ve sunset³ Site.js:

https://sitejs.org

For its successor, please see Kitten:

https://kitten.small-web.org

If you want to support our work at the Small Technology Foundation, please consider becoming a patron:

https://small-tech.org/fund-us

:kitten:💕

¹ https://ar.al/2024/06/24/small-web-computer-science-colloquium-at-university-of-groningen/
² https://ar.al/2019/08/26/introducing-small-technology-foundation/
³ Using our instance of Look Over There!: https://look-over-there.small-web.org

#SiteJS #SmallWeb #SmallTech #peerToPeerWeb #SmallTechnologyFoundation #AutoEncrypt #AutoEncryptLocalhost #JSDB #JavaScriptDatabase #https #TLS

So I guess Let’s Encrypt has decided what I’ll be working on today then…

https://letsencrypt.org/2024/12/05/ending-ocsp/

(They’re ending OCSP stapling support. I’ll be updating Auto Encrypt¹ to remove OCSP support and then update @small-tech/https, which uses it, along with Auto Encrypt Localhost² to provide seamless TLS support regardless of whether you’re working in development or in production, and then update Site.js³ – deprecated but still used to serve some of our own sites at Small Technology Foundation⁴ – and Kitten⁵, with the latest @small-tech/https.)

¹ https://codeberg.org/small-tech/auto-encrypt
² https://codeberg.org/small-tech/auto-encrypt-localhost
³ https://codeberg.org/small-tech/https
⁴ https://small-tech.org
⁵ https://kitten.small-web.org

#SmallWeb #SmallTech #TLS #SSL #HTTPS #LetsEncrypt #OCSP #AutoEncrypt #AutoEncryptLocalhost #SiteJS #Kitten

Quick update: the failing tests were apparently because I had my VPN on on macOS (that was creating an additional IPv4 interface that was getting picked up by the tests that check that your server is accessible via a valid TLS certificate from all available local IPs).

So no patch necessary :)

#AutoEncryptLocalhost #https #mkcert #certutil #JavaScript #js #nodeJS #macOS

Hey folks, I just released Auto Encrypt Localhost* v8.4.0 with better async support and updated dependencies.

https://www.npmjs.com/package/@small-tech/auto-encrypt-localhost

* My pure JavaScript module (no mkcert, certutil, etc., required) that automatically provisions and installs locally-trusted TLS certificates for Node.js https servers.

(There seems to be an issue with tests failing on macOS, will debug that tomorrow and likely post a patch release.)

#AutoEncryptLocalhost #https #mkcert #certutil #JavaScript #js #nodeJS

Right, well, first the good news: It doesn’t look like anything has changed in how Chrom(ium) handles certificates installed in the system trust store.

Now the bad news: I have no idea why the certificate authority that was previously trusted on my main development machine is now showing up as untrusted. Could a Fedora Silverblue update have broken it? Will keep looking into it.

🤔

#Kitten #AutoEncryptLocalhost #SmallWeb #Chrome #Chromium #tls #web #dev

Great, it looks like whatever they changed in Chrome no longer trusts Kitten’s¹ local certificate authority (installed and trusted by the system trust store, as you’d do in a *spit* enterprise).

Applies to previously trusted and working certificates too.

(The directly related module is Auto Encrypt Localhost²)

Going to look into it today and see if I can’t find a workaround.

FFS…

¹ https://codeberg.org/kitten/app
² https://codeberg.org/small-tech/auto-encrypt-localhost

#web #tls #Chrome #Kitten #AutoEncryptLocalhost #SmallWeb

Just released version 8.3.0 of Auto Encrypt Localhost¹

https://www.npmjs.com/package/@small-tech/auto-encrypt-localhost

Certificates now support IP addresses 127.0.0.2-127.0.0.4 and place1.localhost-place4.localhost.

Use these, for example, when testing the peer-to-peer features of your Small Web² apps locally in Kitten³.

¹ Think mkcert but written in Node.js with no native dependencies – i.e., it does not require you to install certutil.

² https://ar.al/2020/08/07/what-is-the-small-web/

³ https://codeberg.org/kitten/app

#SmallWeb #Kitten #AutoEncryptLocalhost

Just released version 8.2.0 of Auto-Encrypt Localhost

All status changes are now communicated via events instead of console messages.

Think I’m pretty much done with v8 now.

Next: update https (https://codeberg.org/small-tech/https) to use it and then update Kitten (https://codeberg.org/kitten/app) to use the updated https. (Which should make Kitten cross-platform, including on ARM.)

https://www.npmjs.com/package/@small-tech/auto-encrypt-localhost

#SmallWeb #SmallTech #AutoEncryptLocalhost #cli #TLS #SSL #https #localhost #NodeJS #web #dev

Auto-Encrypt Localhost version 8.1.0 released

Now with 100% more Command-Line Interface (CLI).

To create your local development certificates using the CLI:

npm install --global @small-tech/auto-encrypt-localhost
auto-encrypt-localhost

That’s it!

Enjoy :awesome:

https://www.npmjs.com/package/@small-tech/auto-encrypt-localhost

#SmallWeb #SmallTech #AutoEncryptLocalhost #cli #TLS #SSL #https #localhost #NodeJS #web #dev

Working on getting the rewrite of Auto Encrypt Localhost (think mkcert but in Node.js and now in 100% JavaScript without using mkcert or certutil) complete today so I have time to test and prepare a demonstration for our first #SmallIsBeautiful live steam this Thursday.

You can follow our #owncast steaming server from your #mastodon / #fediverse account to be notified when we go live.

https://owncast.small-web.org

#tls #ssl #web #dev #tools #SmallWeb #AutoEncryptLocalhost #nodeJS #js #JavaScript

Auto-encrypt localhost version 7.1.0 released

(Automatically provisions valid localhost certificates for Node.js development servers.)

https://codeberg.org/small-tech/auto-encrypt-localhost

Added: support for automatic NSS Tools (certutil) installation on Fedora (via dnf)

#smallTech #smallWeb #TLS #localhost #autoEncryptLocalhost #foss

Auto-Encrypt Localhost version 6.1.0 released

- Upgrades bundled mkcert to version 1.4.2.
- Includes arm64 binary.

Release notes: https://github.com/small-tech/auto-encrypt-localhost/releases/tag/6.1.0

Learn more: https://github.com/small-tech/auto-encrypt-localhost/blob/master/README.md

#AutoEncryptLocalhost #SmallTech

Just released Auto Encrypt Localhost version 5.3.0

What’s new:

- Redirects HTTP to HTTPS (feature parity with Auto Encrypt).

- Serves the local root certificate authority’s public key at route /.ca (you can hit this route from a device like an iPhone on your local area network to install the key and trust it).

https://github.com/small-tech/auto-encrypt-localhost

#SmallTech #AutoEncryptLocalhost

Just released Auto Encrypt Localhost version 5.2.2

You can now access your secure local server over HTTPS from any other device on your local area network using its IPv4 address.

This feature will make it into the next release of Site.js, allowing you to test with multiple devices over your LAN without need to expose your server over the Internet via a service like ngrok.

Enjoy!

https://github.com/small-tech/auto-encrypt-localhost

#SmallTech #TLS #HTTPS #AutoEncryptLocalhost

And if you want the same functionality but for localhost, check out auto-encrypt-localhost:

https://github.com/small-tech/auto-encrypt-localhost

And if you want both those things and more in a higher-level tool that doesn’t even require you to install Node.js, check out Site.js:

https://sitejs.org

#SmallTech #LetsEncrypt #NodeJS #AutoEncryptLocalhost #SmallWeb #SiteJS