Make some Let's encrypt settings configurable

Signed-off-by: Florian Aders <eleras@froxlor.org>
2016-02-03 17:21:48 +01:00
parent 172915b5be
commit 2472a52fed
7 changed files with 69 additions and 10 deletions
--- a/actions/admin/settings/131.ssl.php
+++ b/actions/admin/settings/131.ssl.php
@@ -79,7 +79,35 @@ return array(
 									'string_emptyallowed' => true,
 									'default' => '',
 									'save_method' => 'storeSettingField',
-							)
+							),
+							'system_letsencryptca' => array(
+									'label' => $lng['serversettings']['letsencryptca'],
+									'settinggroup' => 'system',
+									'varname' => 'letsencryptca',
+									'type' => 'option',
+									'default' => 'testing',
+									'option_mode' => 'one',
+									'option_options' => array('testing' => 'https://acme-staging.api.letsencrypt.org (Test)', 'production' => 'https://acme-v01.api.letsencrypt.org (Live)'),
+									'save_method' => 'storeSettingField',
+							),
+							'system_letsencryptcountrycode' => array(
+									'label' => $lng['serversettings']['letsencryptcountrycode'],
+									'settinggroup' => 'system',
+									'varname' => 'letsencryptcountrycode',
+									'type' => 'string',
+									'string_emptyallowed' => false,
+									'default' => 'DE',
+									'save_method' => 'storeSettingField',
+							),
+							'system_letsencryptstate' => array(
+									'label' => $lng['serversettings']['letsencryptstate'],
+									'settinggroup' => 'system',
+									'varname' => 'letsencryptstate',
+									'type' => 'string',
+									'string_emptyallowed' => false,
+									'default' => 'Germany',
+									'save_method' => 'storeSettingField',
+							),
 					)
 			)
 		)
--- a/install/froxlor.sql
+++ b/install/froxlor.sql
@@ -514,6 +514,9 @@ INSERT INTO `panel_settings` (`settinggroup`, `varname`, `value`) VALUES
 	('system', 'apacheitksupport', '0'),
 	('system', 'leprivatekey', 'unset'),
 	('system', 'lepublickey', 'unset'),
+	('system', 'letsencryptca', 'testing'),
+	('system', 'letsencryptcountrycode', 'DE'),
+	('system', 'letsencryptstate', 'Germany'),
 	('panel', 'decimal_places', '4'),
 	('panel', 'adminmail', 'admin@SERVERNAME'),
 	('panel', 'phpmyadmin_url', ''),
@@ -544,7 +547,7 @@ INSERT INTO `panel_settings` (`settinggroup`, `varname`, `value`) VALUES
 	('panel', 'password_numeric', '0'),
 	('panel', 'password_special_char_required', '0'),
 	('panel', 'password_special_char', '!?<>§$%+#=@'),
-	('panel', 'version', '0.9.35-dev1');
+	('panel', 'version', '0.9.35-dev2');


 DROP TABLE IF EXISTS `panel_tasks`;
--- a/install/updates/froxlor/0.9/update_0.9.inc.php
+++ b/install/updates/froxlor/0.9/update_0.9.inc.php
@@ -3048,3 +3048,16 @@ if (isFroxlorVersion('0.9.34.2')) {
    updateToVersion('0.9.35-dev1');
 }

+if (isFroxlorVersion('0.9.35-dev1')) {
+
+    showUpdateStep("Updating from 0.9.35-dev1 to 0.9.35-dev2");
+    lastStepStatus(0);
+    showUpdateStep("Adding Let's Encrypt - settings");
+    Settings::AddNew("system.letsencryptca", 'testing');
+    Settings::AddNew("system.letsencryptcountrycode", 'DE');
+    Settings::AddNew("system.letsencryptstate", 'Germany');
+    lastStepStatus(0);
+
+    updateToVersion('0.9.35-dev2');
+}
+
--- a/lib/classes/ssl/class.lescript.php
+++ b/lib/classes/ssl/class.lescript.php
@@ -28,11 +28,7 @@
 // and modified to work without files and integrate in Froxlor
 class lescript
 {
-    //public $ca = 'https://acme-v01.api.letsencrypt.org';
-    public $ca = 'https://acme-staging.api.letsencrypt.org'; // testing
    public $license = 'https://letsencrypt.org/documents/LE-SA-v1.0.1-July-27-2015.pdf';
-    public $countryCode = 'DE';
-    public $state = "Germany";

    private $webRootDir;

@@ -44,7 +40,12 @@ class lescript
    {
        $this->webRootDir = $webRootDir;
        $this->debugHandler = $debugHandler;
-        $this->client = new Client($this->ca);
+        if (Settings::Get('system.letsencryptca') == 'production') {
+            $ca = 'https://acme-v01.api.letsencrypt.org';
+        } else {
+            $ca = 'https://acme-staging.api.letsencrypt.org';
+        }
+        $this->client = new Client($ca);
    }

    public function initAccount($certrow)
@@ -291,8 +292,8 @@ keyUsage = nonRepudiation, digitalSignature, keyEncipherment');
        $csr = openssl_csr_new(
            array(
                "CN" => $domain,
-                "ST" => $this->state,
-                "C" => $this->countryCode,
+                "ST" => Settings::Get('system.letsencryptstate'),
+                "C" => Settings::Get('system.letsencryptcountrycode'),
                "O" => "Unknown",
            ),
            $privateKey,
--- a/lib/version.inc.php
+++ b/lib/version.inc.php
@@ -16,7 +16,7 @@
 */

 // Main version variable
-$version = '0.9.35-dev1';
+$version = '0.9.35-dev2';

 // Database version (unused, old stuff from SysCP)
 $dbversion = '2';
--- a/lng/english.lng.php
+++ b/lng/english.lng.php
@@ -1933,3 +1933,10 @@ $lng['customer']['letsencrypt']['description'] = 'Get a free certificate from <a
 $lng['error']['sslredirectonlypossiblewithsslipport'] = 'Using Let\'s Encrypt is only possible when the domain has at least one ssl-enabled IP/port combination assigned.';
 $lng['panel']['letsencrypt'] = 'Using Let\'s encrypt';
 $lng['crondesc']['cron_letsencrypt'] = 'updating Let\'s Encrypt certificates';
+$lng['serversettings']['letsencryptca']['title'] = "Let's Encrypt environment";
+$lng['serversettings']['letsencryptca']['description'] = "Environment to be used for Let's Encrypt certificates.<br><strong class=\"red\">ATTENTION:</strong>Let's Encrypt is still in beta</strong>";
+$lng['serversettings']['letsencryptcountrycode']['title'] = "Let's Encrypt country code";
+$lng['serversettings']['letsencryptcountrycode']['description'] = "2 letter country code used to generate Let's Encrypt certificates.<br><strong class=\"red\">ATTENTION:</strong>Let's Encrypt is still in beta</strong>";
+$lng['serversettings']['letsencryptstate']['title'] = "Let's Encrypt state";
+$lng['serversettings']['letsencryptstate']['description'] = "Sate used to generate Let's Encrypt certificates.<br><strong class=\"red\">ATTENTION:</strong>Let's Encrypt is still in beta</strong>";
+
--- a/lng/german.lng.php
+++ b/lng/german.lng.php
@@ -1588,3 +1588,10 @@ $lng['customer']['letsencrypt']['description'] = 'Holt ein kostenloses Zertifika
 $lng['error']['sslredirectonlypossiblewithsslipport'] = 'Die Nutzung von Let\'s Encrypt ist nur m&ouml;glich, wenn die Domain mindestens eine IP/Port - Kombination mit aktiviertem SSL zugewiesen hat.';
 $lng['panel']['letsencrypt'] = 'Benutzt Let\'s encrypt';
 $lng['crondesc']['cron_letsencrypt'] = 'aktualisiert Let\'s Encrypt Zertifikate';
+$lng['serversettings']['letsencryptca']['title'] = "Let's Encrypt Umgebung";
+$lng['serversettings']['letsencryptca']['description'] = "Let's Encrypt - Umgebung, welche genutzt wird um Zertifikate zu bestellen.<br><strong class=\"red\">ATTENTION:</strong>Let's Encrypt befindet sich noch im Test</strong>";
+$lng['serversettings']['letsencryptcountrycode']['title'] = "Let's Encrypt L&auml;ndercode";
+$lng['serversettings']['letsencryptcountrycode']['description'] = "2 - stelliger L&auml;ndercode, welcher benutzt wird um Let's Encrypt - Zertifikate zu bestellen.<br><strong class=\"red\">ATTENTION:</strong>Let's Encrypt befindet sich noch im Test</strong>";
+$lng['serversettings']['letsencryptstate']['title'] = "Let's Encrypt Bundesland";
+$lng['serversettings']['letsencryptstate']['description'] = "Bundesland, welches benutzt wird um Let's Encrypt - Zertifikate zu bestellen.<br><strong class=\"red\">ATTENTION:</strong>Let's Encrypt befindet sich noch im Test</strong>";
+