CodeMirror/appwrite
1
0
Fork 0
mirror of synced 2024-05-29 17:09:48 +12:00
Code Issues Projects Releases Wiki Activity

adapt ssl issuing for swoole

Browse source
This commit is contained in:
Torsten Dittmann 2021-02-02 15:48:07 +01:00
parent 242f4e578c
commit 76eb74b182
5 changed files with 22 additions and 8 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

8
app/config/variables.php
View file

@ -103,6 +103,14 @@ return [
'required' => false,
'question' => '',
],
[
'name' => '_APP_SYSTEM_SECURITY_EMAIL_ADDRESS',
'description' => 'This is the email address that used to issue SSL certificates for the domains or the user agent in webhooks. The default value is \'security@localhost.test\'.',
'introduction' => '0.7.0',
'default' => 'security@localhost.test',
'required' => false,
'question' => '',
],
[
'name' => '_APP_USAGE_STATS',
'description' => 'This variable allows you to disable the collection and displaying of usage stats. This value is set to \'enabled\' by default, to disable the usage stats set the value to \'disabled\'. When disabled, it\'s recommended to turn off the Worker Usage, Influxdb and Telegraf containers for better resource usage.',

4
app/controllers/api/projects.php
View file

@ -1397,7 +1397,7 @@ App::post('/v1/projects/:projectId/domains')
$target = new Domain(App::getEnv('_APP_DOMAIN_TARGET', ''));
if (!$target->isKnown() || $target->isTest()) {
throw new Exception('Unreachable CNAME target ('.$target->get().'), plesse use a domain with a public suffix.', 500);
throw new Exception('Unreachable CNAME target ('.$target->get().'), please use a domain with a public suffix.', 500);
}
$domain = new Domain($domain);
@ -1528,7 +1528,7 @@ App::patch('/v1/projects/:projectId/domains/:domainId/verification')
$target = new Domain(App::getEnv('_APP_DOMAIN_TARGET', ''));
if (!$target->isKnown() || $target->isTest()) {
throw new Exception('Unreachable CNAME target ('.$target->get().'), plesse use a domain with a public suffix.', 500);
throw new Exception('Unreachable CNAME target ('.$target->get().'), please use a domain with a public suffix.', 500);
}
if ($domain->getAttribute('verification') === true) {

2
app/controllers/general.php
View file

@ -388,7 +388,7 @@ App::get('/.well-known/acme-challenge')
->inject('response')
->action(function ($request, $response) {
$base = \realpath(APP_STORAGE_CERTIFICATES);
$path = \str_replace('/.well-known/acme-challenge/', '', $request->getParam('q'));
$path = \str_replace('/.well-known/acme-challenge/', '', $request->getURI());
$absolute = \realpath($base.'/.well-known/acme-challenge/'.$path);
if (!$base) {

10
app/workers/certificates.php
View file

@ -73,7 +73,7 @@ class CertificatesV1
$target = new Domain(App::getEnv('_APP_DOMAIN_TARGET', ''));
if(!$target->isKnown() || $target->isTest()) {
throw new Exception('Unreachable CNAME target ('.$target->get().'), plesse use a domain with a public suffix.');
throw new Exception('Unreachable CNAME target ('.$target->get().'), please use a domain with a public suffix.');
}
}
@ -111,10 +111,10 @@ class CertificatesV1
$staging = (App::isProduction()) ? '' : ' --dry-run';
$response = \shell_exec("certbot certonly --webroot --noninteractive --agree-tos{$staging} \
--email ".App::getEnv('_APP_SYSTEM_SECURITY_EMAIL_ADDRESS', 'security@localhost.test')." \
-w ".APP_STORAGE_CERTIFICATES." \
-d {$domain->get()}");
$response = \shell_exec("certbot certonly --webroot --noninteractive --agree-tos{$staging}"
." --email ".App::getEnv('_APP_SYSTEM_SECURITY_EMAIL_ADDRESS', 'security@localhost.test')
." -w ".APP_STORAGE_CERTIFICATES
." -d {$domain->get()}");
if(!$response) {
throw new Exception('Failed to issue a certificate');

6
src/Appwrite/Utopia/Response/Model/Domain.php
View file

@ -45,6 +45,12 @@ class Domain extends Model
'default' => false,
'example' => true,
])
->addRule('certificateId', [
'type' => self::TYPE_STRING,
'description' => 'Certificate ID.',
'default' => '',
'example' => '6ejea5c13377e',
])
;
}