Merge pull request #871 from TorstenDittmann/fix-ssl-issuing

fix ssl issuing

app/config/variables.php

@@ -103,6 +103,14 @@ return [
                 'required' => false,
                 'question' => '',
             ],
+            [
+                'name' => '_APP_SYSTEM_SECURITY_EMAIL_ADDRESS',
+                'description' => 'This is the email address used to issue SSL certificates for custom domains or the user agent in webhooks. The default value is \'security@localhost.test\'.',
+                'introduction' => '0.7.0',
+                'default' => 'security@localhost.test',
+                'required' => false,
+                'question' => '',
+            ],
             [
                 'name' => '_APP_USAGE_STATS',
                 'description' => 'This variable allows you to disable the collection and displaying of usage stats. This value is set to \'enabled\' by default, to disable the usage stats set the value to \'disabled\'. When disabled, it\'s recommended to turn off the Worker Usage, Influxdb and Telegraf containers for better resource usage.',

app/controllers/api/projects.php

@@ -1397,7 +1397,7 @@ App::post('/v1/projects/:projectId/domains')
         $target = new Domain(App::getEnv('_APP_DOMAIN_TARGET', ''));
 
         if (!$target->isKnown() || $target->isTest()) {
-            throw new Exception('Unreachable CNAME target ('.$target->get().'), plesse use a domain with a public suffix.', 500);
+            throw new Exception('Unreachable CNAME target ('.$target->get().'), please use a domain with a public suffix.', 500);
         }
 
         $domain = new Domain($domain);
@@ -1528,7 +1528,7 @@ App::patch('/v1/projects/:projectId/domains/:domainId/verification')
         $target = new Domain(App::getEnv('_APP_DOMAIN_TARGET', ''));
 
         if (!$target->isKnown() || $target->isTest()) {
-            throw new Exception('Unreachable CNAME target ('.$target->get().'), plesse use a domain with a public suffix.', 500);
+            throw new Exception('Unreachable CNAME target ('.$target->get().'), please use a domain with a public suffix.', 500);
         }
 
         if ($domain->getAttribute('verification') === true) {

app/controllers/general.php

@@ -388,7 +388,7 @@ App::get('/.well-known/acme-challenge')
     ->inject('response')
     ->action(function ($request, $response) {
         $base = \realpath(APP_STORAGE_CERTIFICATES);
-        $path = \str_replace('/.well-known/acme-challenge/', '', $request->getParam('q'));
+        $path = \str_replace('/.well-known/acme-challenge/', '', $request->getURI());
         $absolute = \realpath($base.'/.well-known/acme-challenge/'.$path);
 
         if (!$base) {

app/workers/certificates.php

@@ -73,7 +73,7 @@ class CertificatesV1
             $target = new Domain(App::getEnv('_APP_DOMAIN_TARGET', ''));
     
             if(!$target->isKnown() || $target->isTest()) {
-                throw new Exception('Unreachable CNAME target ('.$target->get().'), plesse use a domain with a public suffix.');
+                throw new Exception('Unreachable CNAME target ('.$target->get().'), please use a domain with a public suffix.');
             }
         }
 
@@ -111,10 +111,10 @@ class CertificatesV1
 
         $staging = (App::isProduction()) ? '' : ' --dry-run';
 
-        $response = \shell_exec("certbot certonly --webroot --noninteractive --agree-tos{$staging} \
-            --email ".App::getEnv('_APP_SYSTEM_SECURITY_EMAIL_ADDRESS', 'security@localhost.test')." \
-            -w ".APP_STORAGE_CERTIFICATES." \
-            -d {$domain->get()}");
+        $response = \shell_exec("certbot certonly --webroot --noninteractive --agree-tos{$staging}"
+            ." --email ".App::getEnv('_APP_SYSTEM_SECURITY_EMAIL_ADDRESS', 'security@localhost.test')
+            ." -w ".APP_STORAGE_CERTIFICATES
+            ." -d {$domain->get()}");
 
         if(!$response) {
             throw new Exception('Failed to issue a certificate');

src/Appwrite/Utopia/Response/Model/Domain.php

@@ -45,6 +45,12 @@ class Domain extends Model
                 'default' => false,
                 'example' => true,
             ])
+            ->addRule('certificateId', [
+                'type' => self::TYPE_STRING,
+                'description' => 'Certificate ID.',
+                'default' => '',
+                'example' => '6ejea5c13377e',
+            ])
         ;
     }