CodeMirror/appwrite
1
0
Fork 0
mirror of synced 2024-05-20 12:42:39 +12:00
Code Issues Projects Releases Wiki Activity

Added domain renewals task

Browse source
This commit is contained in:
Eldad Fux 2020-02-29 08:24:46 +02:00
parent 5b8ec50838
commit cb5952c6c2
5 changed files with 48 additions and 22 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

9
app/config/collections.php
View file

@ -1029,6 +1029,15 @@ $collections = [
'required' => false,
'array' => false,
],
[
'$collection' => Database::SYSTEM_COLLECTION_RULES,
'label' => 'Renew Date',
'key' => 'renewDate',
'type' => 'numeric',
'default' => 0,
'required' => false,
'array' => false,
],
[
'$collection' => Database::SYSTEM_COLLECTION_RULES,
'label' => 'Attempts',

5
app/controllers/api/projects.php
View file

@ -1347,7 +1347,10 @@ $utopia->patch('/v1/projects/:projectId/domains/:domainId/verification')
}
// Issue a TLS certificate when domain is verified
Resque::enqueue('v1-certificates', 'CertificatesV1', ['document' => $domain->getArrayCopy()]);
Resque::enqueue('v1-certificates', 'CertificatesV1', [
'document' => $domain->getArrayCopy(),
'domain' => $domain->getAttribute('domain'),
]);
$response->json($domain->getArrayCopy());
}

10
app/controllers/api/storage.php
View file

@ -1,6 +1,6 @@
<?php
global $utopia, $request, $response, $register, $user, $audit, $usage, $project, $projectDB;
global $utopia, $request, $response, $register, $user, $audit, $usage, $project, $projectDB, $version;
use Utopia\Exception;
use Utopia\Response;
@ -338,7 +338,7 @@ $utopia->get('/v1/storage/files/:fileId/preview')
//->param('storage', 'local', function () {return new WhiteList(array('local'));}, 'Selected storage device. defaults to local')
//->param('token', '', function () {return new Text(128);}, 'Preview token', true)
->action(
function ($fileId, $width, $height, $quality, $background, $output) use ($request, $response, $projectDB, $project, $inputs, $outputs, $fileLogos) {
function ($fileId, $width, $height, $quality, $background, $output) use ($request, $response, $projectDB, $project, $inputs, $outputs, $fileLogos, $version) {
$storage = 'local';
if (!extension_loaded('imagick')) {
@ -354,7 +354,7 @@ $utopia->get('/v1/storage/files/:fileId/preview')
}
$date = date('D, d M Y H:i:s', time() + (60 * 60 * 24 * 45)).' GMT'; // 45 days cache
$key = md5($fileId.$width.$height.$quality.$background.$storage.$output);
$key = md5($version.$fileId.$width.$height.$quality.$background.$storage.$output);
$file = $projectDB->getDocument($fileId);
@ -372,9 +372,9 @@ $utopia->get('/v1/storage/files/:fileId/preview')
$path = (array_key_exists($mime, $fileLogos)) ? $fileLogos[$mime] : $fileLogos['default'];
$algorithm = null;
$cipher = null;
$background = (empty($background)) ? 'f2f3f5' : $background;
$background = (empty($background)) ? 'eceff1' : $background;
$type = strtolower(pathinfo($path, PATHINFO_EXTENSION));
$key = md5($path.$width.$height.$quality.$background.$storage.$output);
$key = md5($version.$path.$width.$height.$quality.$background.$storage.$output);
}
$compressor = new GZIP();

39
app/workers/certificates.php
View file

@ -38,9 +38,12 @@ class CertificatesV1
Authorization::disable();
$document = $this->args['document'];
$domain = new Domain((isset($document['domain'])) ? $document['domain'] : '');
$expiry = 60 * 60 * 24 * 30 * 2; // 60 days
$document = $this->args['document'];
$domain = $this->args['domain'];
$domain = new Domain((!empty($domain)) ? $domain : '');
$expiry = 60 * 60 * 24 * 30 * 2; // 60 days
$safety = 60 * 60; // 1 hour
$renew = (time() + $expiry);
if(empty($domain->get())) {
throw new Exception('Missing domain');
@ -80,7 +83,7 @@ class CertificatesV1
if($certificate
&& $certificate instanceof Document
&& isset($certificate['issueDate'])
&& ($certificate['issueDate'] + $expiry > time())) { // Check last issue time
&& (($certificate['issueDate'] + ($expiry)) > time())) { // Check last issue time
throw new Exception('Renew isn\'t required. Domain issued at '.date('d.m.Y H:i', (isset($certificate['issueDate']) ? $certificate['issueDate'] : 0)));
}
@ -88,7 +91,7 @@ class CertificatesV1
$response = shell_exec("certbot certonly --webroot --noninteractive --agree-tos{$staging} --email security@appwrite.io \
-w ".APP_STORAGE_CERTIFICATES." \
-d {$domain->get()} 2>&1"); // cert2.tests.appwrite.org
-d {$domain->get()} 2>&1");
if(!$response) {
throw new Exception('Failed to issue a certificate');
@ -126,6 +129,7 @@ class CertificatesV1
],
'domain' => $domain->get(),
'issueDate' => time(),
'renewDate' => $renew,
'attempts' => 0,
'log' => json_encode($response),
]);
@ -136,15 +140,17 @@ class CertificatesV1
throw new Exception('Failed saving certificate to DB');
}
$document = array_merge($document, [
'updated' => time(),
'certificateId' => $certificate->getId(),
]);
$document = $consoleDB->updateDocument($document);
if(!$document) {
throw new Exception('Failed saving domain to DB');
if(!empty($document)) {
$document = array_merge($document, [
'updated' => time(),
'certificateId' => $certificate->getId(),
]);
$document = $consoleDB->updateDocument($document);
if(!$document) {
throw new Exception('Failed saving domain to DB');
}
}
$config =
@ -157,6 +163,11 @@ class CertificatesV1
throw new Exception('Failed to save SSL configuration');
}
ResqueScheduler::enqueueAt($renew + $safety, 'v1-certificates', 'CertificatesV1', [
'document' => [],
'domain' => $domain->get()
]); // Async task rescheduale
Authorization::reset();
}

7
docker-compose.yml
View file

@ -86,7 +86,7 @@ services:
networks:
- appwrite
volumes:
- appwrite-db:/var/lib/mysql:rw
- appwrite-mariadb:/var/lib/mysql:rw
ports:
- "3306:3306"
environment:
@ -110,6 +110,8 @@ services:
restart: unless-stopped
networks:
- appwrite
volumes:
- appwrite-redis:/data:rw
clamav:
image: appwrite/clamav:1.0.7
@ -159,7 +161,8 @@ networks:
appwrite:
volumes:
appwrite-db:
appwrite-mariadb:
appwrite-redis:
appwrite-cache:
appwrite-uploads:
appwrite-certificates: