From 2472a52fed85b58814cd46df14687c98af450dba Mon Sep 17 00:00:00 2001 From: Florian Aders Date: Wed, 3 Feb 2016 17:21:48 +0100 Subject: [PATCH] Make some Let's encrypt settings configurable Signed-off-by: Florian Aders --- actions/admin/settings/131.ssl.php | 30 ++++++++++++++++++- install/froxlor.sql | 5 +++- .../updates/froxlor/0.9/update_0.9.inc.php | 13 ++++++++ lib/classes/ssl/class.lescript.php | 15 +++++----- lib/version.inc.php | 2 +- lng/english.lng.php | 7 +++++ lng/german.lng.php | 7 +++++ 7 files changed, 69 insertions(+), 10 deletions(-) diff --git a/actions/admin/settings/131.ssl.php b/actions/admin/settings/131.ssl.php index 016de801..e64ea768 100644 --- a/actions/admin/settings/131.ssl.php +++ b/actions/admin/settings/131.ssl.php @@ -79,7 +79,35 @@ return array( 'string_emptyallowed' => true, 'default' => '', 'save_method' => 'storeSettingField', - ) + ), + 'system_letsencryptca' => array( + 'label' => $lng['serversettings']['letsencryptca'], + 'settinggroup' => 'system', + 'varname' => 'letsencryptca', + 'type' => 'option', + 'default' => 'testing', + 'option_mode' => 'one', + 'option_options' => array('testing' => 'https://acme-staging.api.letsencrypt.org (Test)', 'production' => 'https://acme-v01.api.letsencrypt.org (Live)'), + 'save_method' => 'storeSettingField', + ), + 'system_letsencryptcountrycode' => array( + 'label' => $lng['serversettings']['letsencryptcountrycode'], + 'settinggroup' => 'system', + 'varname' => 'letsencryptcountrycode', + 'type' => 'string', + 'string_emptyallowed' => false, + 'default' => 'DE', + 'save_method' => 'storeSettingField', + ), + 'system_letsencryptstate' => array( + 'label' => $lng['serversettings']['letsencryptstate'], + 'settinggroup' => 'system', + 'varname' => 'letsencryptstate', + 'type' => 'string', + 'string_emptyallowed' => false, + 'default' => 'Germany', + 'save_method' => 'storeSettingField', + ), ) ) ) diff --git a/install/froxlor.sql b/install/froxlor.sql index 6f526b50..29c66917 100644 --- a/install/froxlor.sql +++ b/install/froxlor.sql @@ -514,6 +514,9 @@ INSERT INTO `panel_settings` (`settinggroup`, `varname`, `value`) VALUES ('system', 'apacheitksupport', '0'), ('system', 'leprivatekey', 'unset'), ('system', 'lepublickey', 'unset'), + ('system', 'letsencryptca', 'testing'), + ('system', 'letsencryptcountrycode', 'DE'), + ('system', 'letsencryptstate', 'Germany'), ('panel', 'decimal_places', '4'), ('panel', 'adminmail', 'admin@SERVERNAME'), ('panel', 'phpmyadmin_url', ''), @@ -544,7 +547,7 @@ INSERT INTO `panel_settings` (`settinggroup`, `varname`, `value`) VALUES ('panel', 'password_numeric', '0'), ('panel', 'password_special_char_required', '0'), ('panel', 'password_special_char', '!?<>ยง$%+#=@'), - ('panel', 'version', '0.9.35-dev1'); + ('panel', 'version', '0.9.35-dev2'); DROP TABLE IF EXISTS `panel_tasks`; diff --git a/install/updates/froxlor/0.9/update_0.9.inc.php b/install/updates/froxlor/0.9/update_0.9.inc.php index 528417ab..47e722f8 100644 --- a/install/updates/froxlor/0.9/update_0.9.inc.php +++ b/install/updates/froxlor/0.9/update_0.9.inc.php @@ -3048,3 +3048,16 @@ if (isFroxlorVersion('0.9.34.2')) { updateToVersion('0.9.35-dev1'); } +if (isFroxlorVersion('0.9.35-dev1')) { + + showUpdateStep("Updating from 0.9.35-dev1 to 0.9.35-dev2"); + lastStepStatus(0); + showUpdateStep("Adding Let's Encrypt - settings"); + Settings::AddNew("system.letsencryptca", 'testing'); + Settings::AddNew("system.letsencryptcountrycode", 'DE'); + Settings::AddNew("system.letsencryptstate", 'Germany'); + lastStepStatus(0); + + updateToVersion('0.9.35-dev2'); +} + diff --git a/lib/classes/ssl/class.lescript.php b/lib/classes/ssl/class.lescript.php index 305a3502..f36acd25 100644 --- a/lib/classes/ssl/class.lescript.php +++ b/lib/classes/ssl/class.lescript.php @@ -28,11 +28,7 @@ // and modified to work without files and integrate in Froxlor class lescript { - //public $ca = 'https://acme-v01.api.letsencrypt.org'; - public $ca = 'https://acme-staging.api.letsencrypt.org'; // testing public $license = 'https://letsencrypt.org/documents/LE-SA-v1.0.1-July-27-2015.pdf'; - public $countryCode = 'DE'; - public $state = "Germany"; private $webRootDir; @@ -44,7 +40,12 @@ class lescript { $this->webRootDir = $webRootDir; $this->debugHandler = $debugHandler; - $this->client = new Client($this->ca); + if (Settings::Get('system.letsencryptca') == 'production') { + $ca = 'https://acme-v01.api.letsencrypt.org'; + } else { + $ca = 'https://acme-staging.api.letsencrypt.org'; + } + $this->client = new Client($ca); } public function initAccount($certrow) @@ -291,8 +292,8 @@ keyUsage = nonRepudiation, digitalSignature, keyEncipherment'); $csr = openssl_csr_new( array( "CN" => $domain, - "ST" => $this->state, - "C" => $this->countryCode, + "ST" => Settings::Get('system.letsencryptstate'), + "C" => Settings::Get('system.letsencryptcountrycode'), "O" => "Unknown", ), $privateKey, diff --git a/lib/version.inc.php b/lib/version.inc.php index d7c9fc75..7bf5b39d 100644 --- a/lib/version.inc.php +++ b/lib/version.inc.php @@ -16,7 +16,7 @@ */ // Main version variable -$version = '0.9.35-dev1'; +$version = '0.9.35-dev2'; // Database version (unused, old stuff from SysCP) $dbversion = '2'; diff --git a/lng/english.lng.php b/lng/english.lng.php index 728b98f6..ffe35981 100644 --- a/lng/english.lng.php +++ b/lng/english.lng.php @@ -1933,3 +1933,10 @@ $lng['customer']['letsencrypt']['description'] = 'Get a free certificate from ATTENTION:Let's Encrypt is still in beta"; +$lng['serversettings']['letsencryptcountrycode']['title'] = "Let's Encrypt country code"; +$lng['serversettings']['letsencryptcountrycode']['description'] = "2 letter country code used to generate Let's Encrypt certificates.
ATTENTION:Let's Encrypt is still in beta"; +$lng['serversettings']['letsencryptstate']['title'] = "Let's Encrypt state"; +$lng['serversettings']['letsencryptstate']['description'] = "Sate used to generate Let's Encrypt certificates.
ATTENTION:Let's Encrypt is still in beta"; + diff --git a/lng/german.lng.php b/lng/german.lng.php index 5e8912ba..e2613afd 100644 --- a/lng/german.lng.php +++ b/lng/german.lng.php @@ -1588,3 +1588,10 @@ $lng['customer']['letsencrypt']['description'] = 'Holt ein kostenloses Zertifika $lng['error']['sslredirectonlypossiblewithsslipport'] = 'Die Nutzung von Let\'s Encrypt ist nur möglich, wenn die Domain mindestens eine IP/Port - Kombination mit aktiviertem SSL zugewiesen hat.'; $lng['panel']['letsencrypt'] = 'Benutzt Let\'s encrypt'; $lng['crondesc']['cron_letsencrypt'] = 'aktualisiert Let\'s Encrypt Zertifikate'; +$lng['serversettings']['letsencryptca']['title'] = "Let's Encrypt Umgebung"; +$lng['serversettings']['letsencryptca']['description'] = "Let's Encrypt - Umgebung, welche genutzt wird um Zertifikate zu bestellen.
ATTENTION:Let's Encrypt befindet sich noch im Test"; +$lng['serversettings']['letsencryptcountrycode']['title'] = "Let's Encrypt Ländercode"; +$lng['serversettings']['letsencryptcountrycode']['description'] = "2 - stelliger Ländercode, welcher benutzt wird um Let's Encrypt - Zertifikate zu bestellen.
ATTENTION:Let's Encrypt befindet sich noch im Test"; +$lng['serversettings']['letsencryptstate']['title'] = "Let's Encrypt Bundesland"; +$lng['serversettings']['letsencryptstate']['description'] = "Bundesland, welches benutzt wird um Let's Encrypt - Zertifikate zu bestellen.
ATTENTION:Let's Encrypt befindet sich noch im Test"; +