Added domain renewals task
This commit is contained in:
parent
5b8ec50838
commit
cb5952c6c2
|
@ -1029,6 +1029,15 @@ $collections = [
|
|||
'required' => false,
|
||||
'array' => false,
|
||||
],
|
||||
[
|
||||
'$collection' => Database::SYSTEM_COLLECTION_RULES,
|
||||
'label' => 'Renew Date',
|
||||
'key' => 'renewDate',
|
||||
'type' => 'numeric',
|
||||
'default' => 0,
|
||||
'required' => false,
|
||||
'array' => false,
|
||||
],
|
||||
[
|
||||
'$collection' => Database::SYSTEM_COLLECTION_RULES,
|
||||
'label' => 'Attempts',
|
||||
|
|
|
@ -1347,7 +1347,10 @@ $utopia->patch('/v1/projects/:projectId/domains/:domainId/verification')
|
|||
}
|
||||
|
||||
// Issue a TLS certificate when domain is verified
|
||||
Resque::enqueue('v1-certificates', 'CertificatesV1', ['document' => $domain->getArrayCopy()]);
|
||||
Resque::enqueue('v1-certificates', 'CertificatesV1', [
|
||||
'document' => $domain->getArrayCopy(),
|
||||
'domain' => $domain->getAttribute('domain'),
|
||||
]);
|
||||
|
||||
$response->json($domain->getArrayCopy());
|
||||
}
|
||||
|
|
|
@ -1,6 +1,6 @@
|
|||
<?php
|
||||
|
||||
global $utopia, $request, $response, $register, $user, $audit, $usage, $project, $projectDB;
|
||||
global $utopia, $request, $response, $register, $user, $audit, $usage, $project, $projectDB, $version;
|
||||
|
||||
use Utopia\Exception;
|
||||
use Utopia\Response;
|
||||
|
@ -338,7 +338,7 @@ $utopia->get('/v1/storage/files/:fileId/preview')
|
|||
//->param('storage', 'local', function () {return new WhiteList(array('local'));}, 'Selected storage device. defaults to local')
|
||||
//->param('token', '', function () {return new Text(128);}, 'Preview token', true)
|
||||
->action(
|
||||
function ($fileId, $width, $height, $quality, $background, $output) use ($request, $response, $projectDB, $project, $inputs, $outputs, $fileLogos) {
|
||||
function ($fileId, $width, $height, $quality, $background, $output) use ($request, $response, $projectDB, $project, $inputs, $outputs, $fileLogos, $version) {
|
||||
$storage = 'local';
|
||||
|
||||
if (!extension_loaded('imagick')) {
|
||||
|
@ -354,7 +354,7 @@ $utopia->get('/v1/storage/files/:fileId/preview')
|
|||
}
|
||||
|
||||
$date = date('D, d M Y H:i:s', time() + (60 * 60 * 24 * 45)).' GMT'; // 45 days cache
|
||||
$key = md5($fileId.$width.$height.$quality.$background.$storage.$output);
|
||||
$key = md5($version.$fileId.$width.$height.$quality.$background.$storage.$output);
|
||||
|
||||
$file = $projectDB->getDocument($fileId);
|
||||
|
||||
|
@ -372,9 +372,9 @@ $utopia->get('/v1/storage/files/:fileId/preview')
|
|||
$path = (array_key_exists($mime, $fileLogos)) ? $fileLogos[$mime] : $fileLogos['default'];
|
||||
$algorithm = null;
|
||||
$cipher = null;
|
||||
$background = (empty($background)) ? 'f2f3f5' : $background;
|
||||
$background = (empty($background)) ? 'eceff1' : $background;
|
||||
$type = strtolower(pathinfo($path, PATHINFO_EXTENSION));
|
||||
$key = md5($path.$width.$height.$quality.$background.$storage.$output);
|
||||
$key = md5($version.$path.$width.$height.$quality.$background.$storage.$output);
|
||||
}
|
||||
|
||||
$compressor = new GZIP();
|
||||
|
|
|
@ -38,9 +38,12 @@ class CertificatesV1
|
|||
|
||||
Authorization::disable();
|
||||
|
||||
$document = $this->args['document'];
|
||||
$domain = new Domain((isset($document['domain'])) ? $document['domain'] : '');
|
||||
$expiry = 60 * 60 * 24 * 30 * 2; // 60 days
|
||||
$document = $this->args['document'];
|
||||
$domain = $this->args['domain'];
|
||||
$domain = new Domain((!empty($domain)) ? $domain : '');
|
||||
$expiry = 60 * 60 * 24 * 30 * 2; // 60 days
|
||||
$safety = 60 * 60; // 1 hour
|
||||
$renew = (time() + $expiry);
|
||||
|
||||
if(empty($domain->get())) {
|
||||
throw new Exception('Missing domain');
|
||||
|
@ -80,7 +83,7 @@ class CertificatesV1
|
|||
if($certificate
|
||||
&& $certificate instanceof Document
|
||||
&& isset($certificate['issueDate'])
|
||||
&& ($certificate['issueDate'] + $expiry > time())) { // Check last issue time
|
||||
&& (($certificate['issueDate'] + ($expiry)) > time())) { // Check last issue time
|
||||
throw new Exception('Renew isn\'t required. Domain issued at '.date('d.m.Y H:i', (isset($certificate['issueDate']) ? $certificate['issueDate'] : 0)));
|
||||
}
|
||||
|
||||
|
@ -88,7 +91,7 @@ class CertificatesV1
|
|||
|
||||
$response = shell_exec("certbot certonly --webroot --noninteractive --agree-tos{$staging} --email security@appwrite.io \
|
||||
-w ".APP_STORAGE_CERTIFICATES." \
|
||||
-d {$domain->get()} 2>&1"); // cert2.tests.appwrite.org
|
||||
-d {$domain->get()} 2>&1");
|
||||
|
||||
if(!$response) {
|
||||
throw new Exception('Failed to issue a certificate');
|
||||
|
@ -126,6 +129,7 @@ class CertificatesV1
|
|||
],
|
||||
'domain' => $domain->get(),
|
||||
'issueDate' => time(),
|
||||
'renewDate' => $renew,
|
||||
'attempts' => 0,
|
||||
'log' => json_encode($response),
|
||||
]);
|
||||
|
@ -136,15 +140,17 @@ class CertificatesV1
|
|||
throw new Exception('Failed saving certificate to DB');
|
||||
}
|
||||
|
||||
$document = array_merge($document, [
|
||||
'updated' => time(),
|
||||
'certificateId' => $certificate->getId(),
|
||||
]);
|
||||
|
||||
$document = $consoleDB->updateDocument($document);
|
||||
|
||||
if(!$document) {
|
||||
throw new Exception('Failed saving domain to DB');
|
||||
if(!empty($document)) {
|
||||
$document = array_merge($document, [
|
||||
'updated' => time(),
|
||||
'certificateId' => $certificate->getId(),
|
||||
]);
|
||||
|
||||
$document = $consoleDB->updateDocument($document);
|
||||
|
||||
if(!$document) {
|
||||
throw new Exception('Failed saving domain to DB');
|
||||
}
|
||||
}
|
||||
|
||||
$config =
|
||||
|
@ -157,6 +163,11 @@ class CertificatesV1
|
|||
throw new Exception('Failed to save SSL configuration');
|
||||
}
|
||||
|
||||
ResqueScheduler::enqueueAt($renew + $safety, 'v1-certificates', 'CertificatesV1', [
|
||||
'document' => [],
|
||||
'domain' => $domain->get()
|
||||
]); // Async task rescheduale
|
||||
|
||||
Authorization::reset();
|
||||
}
|
||||
|
||||
|
|
|
@ -86,7 +86,7 @@ services:
|
|||
networks:
|
||||
- appwrite
|
||||
volumes:
|
||||
- appwrite-db:/var/lib/mysql:rw
|
||||
- appwrite-mariadb:/var/lib/mysql:rw
|
||||
ports:
|
||||
- "3306:3306"
|
||||
environment:
|
||||
|
@ -110,6 +110,8 @@ services:
|
|||
restart: unless-stopped
|
||||
networks:
|
||||
- appwrite
|
||||
volumes:
|
||||
- appwrite-redis:/data:rw
|
||||
|
||||
clamav:
|
||||
image: appwrite/clamav:1.0.7
|
||||
|
@ -159,7 +161,8 @@ networks:
|
|||
appwrite:
|
||||
|
||||
volumes:
|
||||
appwrite-db:
|
||||
appwrite-mariadb:
|
||||
appwrite-redis:
|
||||
appwrite-cache:
|
||||
appwrite-uploads:
|
||||
appwrite-certificates:
|
||||
|
|
Loading…
Reference in a new issue