update proxy to support various SSL behaviors (enable, disable, and force) controlled by config file and command line flag at instance creation time

awsbox.js

@@ -128,6 +128,14 @@ verbs['create'] = function(args) {
         if (!path.existsSync(argv.p)) throw "file '" + argv.p + "' doesn't exist";
       }
     })
+    .describe('ssl', 'configure SSL behavior - enable, disable, force')
+    .default('ssl', 'enable')
+    .check(function(argv) {
+      var valid = [ 'enable', 'disable', 'force' ];
+      if (valid.indexOf(argv.ssl) === -1) {
+        throw "ssl must be one of " + valid.join(", ");
+      }
+    })
     .describe('x', 'path to a json file with Xtra configuration to copy up to ./config.json')
     .check(function(argv) {
       if (argv.x) {
@@ -208,24 +216,28 @@ verbs['create'] = function(args) {
               console.log("   ... victory!  server is accessible and configured");
 
               function postRemote() {
-                if (awsboxJson.packages) {
-                  console.log("   ... finally, installing custom packages: " + awsboxJson.packages.join(', '));
-                }
-                ssh.installPackages(deets.ipAddress, awsboxJson.packages, function(err, r) {
+                console.log("   ... configuring SSL behavior (" + opts.ssl + ")");
+                ssh.configureProxy(deets.ipAddress, opts.ssl, function(err, r) {
                   checkErr(err);
-                  var postcreate = (awsboxJson.hooks && awsboxJson.hooks.postcreate) || null;
-                  ssh.runScript(deets.ipAddress, postcreate,  function(err, r) {
+                  if (awsboxJson.packages) {
+                    console.log("   ... finally, installing custom packages: " + awsboxJson.packages.join(', '));
+                  }
+                  ssh.installPackages(deets.ipAddress, awsboxJson.packages, function(err, r) {
                     checkErr(err);
+                    var postcreate = (awsboxJson.hooks && awsboxJson.hooks.postcreate) || null;
+                    ssh.runScript(deets.ipAddress, postcreate,  function(err, r) {
+                      checkErr(err);
 
-                    if (opts.p && opts.s) {
-                      console.log("   ... copying up SSL cert");
-                      ssh.copySSL(deets.ipAddress, opts.p, opts.s, function(err) {
-                        checkErr(err);
+                      if (opts.p && opts.s) {
+                        console.log("   ... copying up SSL cert");
+                        ssh.copySSL(deets.ipAddress, opts.p, opts.s, function(err) {
+                          checkErr(err);
+                          printInstructions(name, dnsHost, opts.u, deets);
+                        });
+                      } else {
                         printInstructions(name, dnsHost, opts.u, deets);
-                      });
-                    } else {
-                      printInstructions(name, dnsHost, opts.u, deets);
-                    }
+                      }
+                    });
                   });
                 });
               }

lib/ssh.js

@@ -66,6 +66,14 @@ exports.addSSHPubKey = function(host, pubkey, cb) {
   child_process.exec(cmd, cb);
 };
 
+exports.configureProxy = function(host, behavior, cb) {
+  temp.open({}, function(err, r) {
+    fs.writeFileSync(r.path, JSON.stringify({ ssl: behavior }, null, 4));
+    var cmd = 'scp -o "StrictHostKeyChecking no" ' + r.path + ' proxy@' + host + ":config.json";
+    child_process.exec(cmd, cb);
+  });
+};
+
 exports.makePristine = function(host, cb) {
   var cmd = 'ssh -o "StrictHostKeyChecking no" ec2-user@' + host + " './pristinify.sh'";
   child_process.exec(cmd, cb);

lib/vm.js

@@ -4,7 +4,7 @@ jsel = require('JSONSelect'),
 key = require('./key.js'),
 sec = require('./sec.js');
 
-const TEMPLATE_IMAGE_ID = 'ami-1469c87d';
+const TEMPLATE_IMAGE_ID = 'ami-746ccc1d';
 
 function extractInstanceDeets(horribleBlob) {
   var instance = {};