Merge pull request #871 from TorstenDittmann/fix-ssl-issuing
fix ssl issuing
This commit is contained in:
commit
0c09371066
5 changed files with 22 additions and 8 deletions
|
@ -103,6 +103,14 @@ return [
|
|||
'required' => false,
|
||||
'question' => '',
|
||||
],
|
||||
[
|
||||
'name' => '_APP_SYSTEM_SECURITY_EMAIL_ADDRESS',
|
||||
'description' => 'This is the email address used to issue SSL certificates for custom domains or the user agent in webhooks. The default value is \'security@localhost.test\'.',
|
||||
'introduction' => '0.7.0',
|
||||
'default' => 'security@localhost.test',
|
||||
'required' => false,
|
||||
'question' => '',
|
||||
],
|
||||
[
|
||||
'name' => '_APP_USAGE_STATS',
|
||||
'description' => 'This variable allows you to disable the collection and displaying of usage stats. This value is set to \'enabled\' by default, to disable the usage stats set the value to \'disabled\'. When disabled, it\'s recommended to turn off the Worker Usage, Influxdb and Telegraf containers for better resource usage.',
|
||||
|
|
|
@ -1397,7 +1397,7 @@ App::post('/v1/projects/:projectId/domains')
|
|||
$target = new Domain(App::getEnv('_APP_DOMAIN_TARGET', ''));
|
||||
|
||||
if (!$target->isKnown() || $target->isTest()) {
|
||||
throw new Exception('Unreachable CNAME target ('.$target->get().'), plesse use a domain with a public suffix.', 500);
|
||||
throw new Exception('Unreachable CNAME target ('.$target->get().'), please use a domain with a public suffix.', 500);
|
||||
}
|
||||
|
||||
$domain = new Domain($domain);
|
||||
|
@ -1528,7 +1528,7 @@ App::patch('/v1/projects/:projectId/domains/:domainId/verification')
|
|||
$target = new Domain(App::getEnv('_APP_DOMAIN_TARGET', ''));
|
||||
|
||||
if (!$target->isKnown() || $target->isTest()) {
|
||||
throw new Exception('Unreachable CNAME target ('.$target->get().'), plesse use a domain with a public suffix.', 500);
|
||||
throw new Exception('Unreachable CNAME target ('.$target->get().'), please use a domain with a public suffix.', 500);
|
||||
}
|
||||
|
||||
if ($domain->getAttribute('verification') === true) {
|
||||
|
|
|
@ -388,7 +388,7 @@ App::get('/.well-known/acme-challenge')
|
|||
->inject('response')
|
||||
->action(function ($request, $response) {
|
||||
$base = \realpath(APP_STORAGE_CERTIFICATES);
|
||||
$path = \str_replace('/.well-known/acme-challenge/', '', $request->getParam('q'));
|
||||
$path = \str_replace('/.well-known/acme-challenge/', '', $request->getURI());
|
||||
$absolute = \realpath($base.'/.well-known/acme-challenge/'.$path);
|
||||
|
||||
if (!$base) {
|
||||
|
|
|
@ -73,7 +73,7 @@ class CertificatesV1
|
|||
$target = new Domain(App::getEnv('_APP_DOMAIN_TARGET', ''));
|
||||
|
||||
if(!$target->isKnown() || $target->isTest()) {
|
||||
throw new Exception('Unreachable CNAME target ('.$target->get().'), plesse use a domain with a public suffix.');
|
||||
throw new Exception('Unreachable CNAME target ('.$target->get().'), please use a domain with a public suffix.');
|
||||
}
|
||||
}
|
||||
|
||||
|
@ -111,10 +111,10 @@ class CertificatesV1
|
|||
|
||||
$staging = (App::isProduction()) ? '' : ' --dry-run';
|
||||
|
||||
$response = \shell_exec("certbot certonly --webroot --noninteractive --agree-tos{$staging} \
|
||||
--email ".App::getEnv('_APP_SYSTEM_SECURITY_EMAIL_ADDRESS', 'security@localhost.test')." \
|
||||
-w ".APP_STORAGE_CERTIFICATES." \
|
||||
-d {$domain->get()}");
|
||||
$response = \shell_exec("certbot certonly --webroot --noninteractive --agree-tos{$staging}"
|
||||
." --email ".App::getEnv('_APP_SYSTEM_SECURITY_EMAIL_ADDRESS', 'security@localhost.test')
|
||||
." -w ".APP_STORAGE_CERTIFICATES
|
||||
." -d {$domain->get()}");
|
||||
|
||||
if(!$response) {
|
||||
throw new Exception('Failed to issue a certificate');
|
||||
|
|
|
@ -45,6 +45,12 @@ class Domain extends Model
|
|||
'default' => false,
|
||||
'example' => true,
|
||||
])
|
||||
->addRule('certificateId', [
|
||||
'type' => self::TYPE_STRING,
|
||||
'description' => 'Certificate ID.',
|
||||
'default' => '',
|
||||
'example' => '6ejea5c13377e',
|
||||
])
|
||||
;
|
||||
}
|
||||
|
||||
|
|
Loading…
Reference in a new issue