new environment for certificates and security emails
This commit is contained in:
parent
ffbf3c0058
commit
00c45c2507
9 changed files with 36 additions and 17 deletions
3
.env
3
.env
|
@ -8,7 +8,8 @@ _APP_CONSOLE_COUNTRIES_DENYLIST=AQ
|
||||||
_APP_CONSOLE_HOSTNAMES=localhost,appwrite.io,*.appwrite.io
|
_APP_CONSOLE_HOSTNAMES=localhost,appwrite.io,*.appwrite.io
|
||||||
_APP_SYSTEM_EMAIL_NAME=Appwrite
|
_APP_SYSTEM_EMAIL_NAME=Appwrite
|
||||||
_APP_SYSTEM_EMAIL_ADDRESS=team@appwrite.io
|
_APP_SYSTEM_EMAIL_ADDRESS=team@appwrite.io
|
||||||
_APP_SYSTEM_SECURITY_EMAIL_ADDRESS=security@appwrite.io
|
_APP_EMAIL_SECURITY=security@appwrite.io
|
||||||
|
_APP_EMAIL_CERTIFICATES=certificates@appwrite.io
|
||||||
_APP_SYSTEM_RESPONSE_FORMAT=
|
_APP_SYSTEM_RESPONSE_FORMAT=
|
||||||
_APP_OPTIONS_ABUSE=disabled
|
_APP_OPTIONS_ABUSE=disabled
|
||||||
_APP_OPTIONS_ROUTER_PROTECTION=disabled
|
_APP_OPTIONS_ROUTER_PROTECTION=disabled
|
||||||
|
|
|
@ -162,13 +162,31 @@ return [
|
||||||
],
|
],
|
||||||
[
|
[
|
||||||
'name' => '_APP_SYSTEM_SECURITY_EMAIL_ADDRESS',
|
'name' => '_APP_SYSTEM_SECURITY_EMAIL_ADDRESS',
|
||||||
'description' => 'This is the email address used to issue SSL certificates for custom domains or the user agent in your webhooks payload.',
|
'description' => 'Deprecated since 1.5.1 use _APP_EMAIL_SECURITY and _APP_EMAIL_CERTIFICATES instead',
|
||||||
'introduction' => '0.7.0',
|
'introduction' => '0.7.0',
|
||||||
'default' => 'certs@appwrite.io',
|
'default' => 'certs@appwrite.io',
|
||||||
'required' => false,
|
'required' => false,
|
||||||
'question' => '',
|
'question' => '',
|
||||||
'filter' => ''
|
'filter' => ''
|
||||||
],
|
],
|
||||||
|
[
|
||||||
|
'name' => '_APP_EMAIL_SECURITY',
|
||||||
|
'description' => 'This is the email address used as the user agent in your webhooks payload.',
|
||||||
|
'introduction' => '1.5.1',
|
||||||
|
'default' => '',
|
||||||
|
'required' => false,
|
||||||
|
'question' => '',
|
||||||
|
'filter' => ''
|
||||||
|
],
|
||||||
|
[
|
||||||
|
'name' => '_APP_EMAIL_CERTIFICATES',
|
||||||
|
'description' => 'This is the email address used to issue SSL certificates for custom domains',
|
||||||
|
'introduction' => '1.5.1',
|
||||||
|
'default' => '',
|
||||||
|
'required' => false,
|
||||||
|
'question' => '',
|
||||||
|
'filter' => ''
|
||||||
|
],
|
||||||
[
|
[
|
||||||
'name' => '_APP_USAGE_STATS',
|
'name' => '_APP_USAGE_STATS',
|
||||||
'description' => 'This variable allows you to disable the collection and displaying of usage stats. This value is set to \'enabled\' by default, to disable the usage stats set the value to \'disabled\'. When disabled, it\'s recommended to turn off the Worker Usage container to reduce resource usage.',
|
'description' => 'This variable allows you to disable the collection and displaying of usage stats. This value is set to \'enabled\' by default, to disable the usage stats set the value to \'disabled\'. When disabled, it\'s recommended to turn off the Worker Usage container to reduce resource usage.',
|
||||||
|
|
|
@ -1 +1 @@
|
||||||
Subproject commit d75ef00fb088c909bf8fdc5b12c2fe25ed270b43
|
Subproject commit 0a007a3b1b6eafc39dc19b7129f41643102f9676
|
|
@ -349,7 +349,7 @@ App::get('/v1/avatars/favicon')
|
||||||
CURLOPT_USERAGENT => \sprintf(
|
CURLOPT_USERAGENT => \sprintf(
|
||||||
APP_USERAGENT,
|
APP_USERAGENT,
|
||||||
App::getEnv('_APP_VERSION', 'UNKNOWN'),
|
App::getEnv('_APP_VERSION', 'UNKNOWN'),
|
||||||
App::getEnv('_APP_SYSTEM_SECURITY_EMAIL_ADDRESS', APP_EMAIL_SECURITY)
|
App::getEnv('_APP_EMAIL_SECURITY', APP_EMAIL_SECURITY)
|
||||||
),
|
),
|
||||||
]);
|
]);
|
||||||
|
|
||||||
|
|
|
@ -1004,7 +1004,7 @@ foreach ($locales as $locale) {
|
||||||
'user_agent' => \sprintf(
|
'user_agent' => \sprintf(
|
||||||
APP_USERAGENT,
|
APP_USERAGENT,
|
||||||
App::getEnv('_APP_VERSION', 'UNKNOWN'),
|
App::getEnv('_APP_VERSION', 'UNKNOWN'),
|
||||||
App::getEnv('_APP_SYSTEM_SECURITY_EMAIL_ADDRESS', APP_EMAIL_SECURITY)
|
App::getEnv('_APP_EMAIL_SECURITY', APP_EMAIL_SECURITY)
|
||||||
),
|
),
|
||||||
'timeout' => 2,
|
'timeout' => 2,
|
||||||
],
|
],
|
||||||
|
|
|
@ -81,7 +81,7 @@ services:
|
||||||
- _APP_CONSOLE_HOSTNAMES
|
- _APP_CONSOLE_HOSTNAMES
|
||||||
- _APP_SYSTEM_EMAIL_NAME
|
- _APP_SYSTEM_EMAIL_NAME
|
||||||
- _APP_SYSTEM_EMAIL_ADDRESS
|
- _APP_SYSTEM_EMAIL_ADDRESS
|
||||||
- _APP_SYSTEM_SECURITY_EMAIL_ADDRESS
|
- _APP_EMAIL_SECURITY
|
||||||
- _APP_SYSTEM_RESPONSE_FORMAT
|
- _APP_SYSTEM_RESPONSE_FORMAT
|
||||||
- _APP_OPTIONS_ABUSE
|
- _APP_OPTIONS_ABUSE
|
||||||
- _APP_OPTIONS_ROUTER_PROTECTION
|
- _APP_OPTIONS_ROUTER_PROTECTION
|
||||||
|
@ -251,7 +251,7 @@ services:
|
||||||
- _APP_ENV
|
- _APP_ENV
|
||||||
- _APP_WORKER_PER_CORE
|
- _APP_WORKER_PER_CORE
|
||||||
- _APP_OPENSSL_KEY_V1
|
- _APP_OPENSSL_KEY_V1
|
||||||
- _APP_SYSTEM_SECURITY_EMAIL_ADDRESS
|
- _APP_EMAIL_SECURITY
|
||||||
- _APP_REDIS_HOST
|
- _APP_REDIS_HOST
|
||||||
- _APP_REDIS_PORT
|
- _APP_REDIS_PORT
|
||||||
- _APP_REDIS_USER
|
- _APP_REDIS_USER
|
||||||
|
@ -427,7 +427,7 @@ services:
|
||||||
- _APP_DOMAIN
|
- _APP_DOMAIN
|
||||||
- _APP_DOMAIN_TARGET
|
- _APP_DOMAIN_TARGET
|
||||||
- _APP_DOMAIN_FUNCTIONS
|
- _APP_DOMAIN_FUNCTIONS
|
||||||
- _APP_SYSTEM_SECURITY_EMAIL_ADDRESS
|
- _APP_EMAIL_CERTIFICATES
|
||||||
- _APP_REDIS_HOST
|
- _APP_REDIS_HOST
|
||||||
- _APP_REDIS_PORT
|
- _APP_REDIS_PORT
|
||||||
- _APP_REDIS_USER
|
- _APP_REDIS_USER
|
||||||
|
@ -549,7 +549,7 @@ services:
|
||||||
- _APP_OPENSSL_KEY_V1
|
- _APP_OPENSSL_KEY_V1
|
||||||
- _APP_DOMAIN
|
- _APP_DOMAIN
|
||||||
- _APP_DOMAIN_TARGET
|
- _APP_DOMAIN_TARGET
|
||||||
- _APP_SYSTEM_SECURITY_EMAIL_ADDRESS
|
- _APP_EMAIL_SECURITY
|
||||||
- _APP_REDIS_HOST
|
- _APP_REDIS_HOST
|
||||||
- _APP_REDIS_PORT
|
- _APP_REDIS_PORT
|
||||||
- _APP_REDIS_USER
|
- _APP_REDIS_USER
|
||||||
|
|
|
@ -102,7 +102,7 @@ services:
|
||||||
- _APP_CONSOLE_HOSTNAMES
|
- _APP_CONSOLE_HOSTNAMES
|
||||||
- _APP_SYSTEM_EMAIL_NAME
|
- _APP_SYSTEM_EMAIL_NAME
|
||||||
- _APP_SYSTEM_EMAIL_ADDRESS
|
- _APP_SYSTEM_EMAIL_ADDRESS
|
||||||
- _APP_SYSTEM_SECURITY_EMAIL_ADDRESS
|
- _APP_EMAIL_SECURITY
|
||||||
- _APP_SYSTEM_RESPONSE_FORMAT
|
- _APP_SYSTEM_RESPONSE_FORMAT
|
||||||
- _APP_OPTIONS_ABUSE
|
- _APP_OPTIONS_ABUSE
|
||||||
- _APP_OPTIONS_ROUTER_PROTECTION
|
- _APP_OPTIONS_ROUTER_PROTECTION
|
||||||
|
@ -285,7 +285,7 @@ services:
|
||||||
- _APP_ENV
|
- _APP_ENV
|
||||||
- _APP_WORKER_PER_CORE
|
- _APP_WORKER_PER_CORE
|
||||||
- _APP_OPENSSL_KEY_V1
|
- _APP_OPENSSL_KEY_V1
|
||||||
- _APP_SYSTEM_SECURITY_EMAIL_ADDRESS
|
- _APP_EMAIL_SECURITY
|
||||||
- _APP_DB_HOST
|
- _APP_DB_HOST
|
||||||
- _APP_DB_PORT
|
- _APP_DB_PORT
|
||||||
- _APP_DB_SCHEMA
|
- _APP_DB_SCHEMA
|
||||||
|
@ -474,7 +474,7 @@ services:
|
||||||
- _APP_DOMAIN
|
- _APP_DOMAIN
|
||||||
- _APP_DOMAIN_TARGET
|
- _APP_DOMAIN_TARGET
|
||||||
- _APP_DOMAIN_FUNCTIONS
|
- _APP_DOMAIN_FUNCTIONS
|
||||||
- _APP_SYSTEM_SECURITY_EMAIL_ADDRESS
|
- _APP_EMAIL_CERTIFICATES
|
||||||
- _APP_REDIS_HOST
|
- _APP_REDIS_HOST
|
||||||
- _APP_REDIS_PORT
|
- _APP_REDIS_PORT
|
||||||
- _APP_REDIS_USER
|
- _APP_REDIS_USER
|
||||||
|
@ -612,7 +612,7 @@ services:
|
||||||
- _APP_OPENSSL_KEY_V1
|
- _APP_OPENSSL_KEY_V1
|
||||||
- _APP_DOMAIN
|
- _APP_DOMAIN
|
||||||
- _APP_DOMAIN_TARGET
|
- _APP_DOMAIN_TARGET
|
||||||
- _APP_SYSTEM_SECURITY_EMAIL_ADDRESS
|
- _APP_EMAIL_SECURITY
|
||||||
- _APP_REDIS_HOST
|
- _APP_REDIS_HOST
|
||||||
- _APP_REDIS_PORT
|
- _APP_REDIS_PORT
|
||||||
- _APP_REDIS_USER
|
- _APP_REDIS_USER
|
||||||
|
|
|
@ -134,9 +134,9 @@ class Certificates extends Action
|
||||||
|
|
||||||
try {
|
try {
|
||||||
// Email for alerts is required by LetsEncrypt
|
// Email for alerts is required by LetsEncrypt
|
||||||
$email = App::getEnv('_APP_SYSTEM_SECURITY_EMAIL_ADDRESS');
|
$email = App::getEnv('_APP_EMAIL_CERTIFICATES');
|
||||||
if (empty($email)) {
|
if (empty($email)) {
|
||||||
throw new Exception('You must set a valid security email address (_APP_SYSTEM_SECURITY_EMAIL_ADDRESS) to issue an SSL certificate.');
|
throw new Exception('You must set a valid security email address (_APP_EMAIL_CERTIFICATES) to issue an SSL certificate.');
|
||||||
}
|
}
|
||||||
|
|
||||||
// Validate domain and DNS records. Skip if job is forced
|
// Validate domain and DNS records. Skip if job is forced
|
||||||
|
@ -473,7 +473,7 @@ class Certificates extends Action
|
||||||
->setBody($body)
|
->setBody($body)
|
||||||
->setName('Appwrite Administrator')
|
->setName('Appwrite Administrator')
|
||||||
->setVariables($emailVariables)
|
->setVariables($emailVariables)
|
||||||
->setRecipient(App::getEnv('_APP_SYSTEM_SECURITY_EMAIL_ADDRESS'))
|
->setRecipient(App::getEnv('_APP_EMAIL_CERTIFICATES'))
|
||||||
->trigger();
|
->trigger();
|
||||||
}
|
}
|
||||||
|
|
||||||
|
|
|
@ -104,7 +104,7 @@ class Webhooks extends Action
|
||||||
\curl_setopt($ch, CURLOPT_USERAGENT, \sprintf(
|
\curl_setopt($ch, CURLOPT_USERAGENT, \sprintf(
|
||||||
APP_USERAGENT,
|
APP_USERAGENT,
|
||||||
App::getEnv('_APP_VERSION', 'UNKNOWN'),
|
App::getEnv('_APP_VERSION', 'UNKNOWN'),
|
||||||
App::getEnv('_APP_SYSTEM_SECURITY_EMAIL_ADDRESS', APP_EMAIL_SECURITY)
|
App::getEnv('_APP_EMAIL_SECURITY', APP_EMAIL_SECURITY)
|
||||||
));
|
));
|
||||||
\curl_setopt(
|
\curl_setopt(
|
||||||
$ch,
|
$ch,
|
||||||
|
|
Loading…
Reference in a new issue