check for renewal of certificates not only if there's a task to regenerate vhosts but everytime the letsencrypt cronjob runs (which is basically obsolete due to the integration into the tasks cron but perfect for checking renewal dates
Signed-off-by: Michael Kaufmann <d00p@froxlor.org>
This commit is contained in:
Michael Kaufmann
@@ -45,19 +45,8 @@ class AcmeSh extends \Froxlor\Cron\FroxlorCron
|
|||||||
|
|
||||||
public static $no_inserttask = false;
|
public static $no_inserttask = false;
|
||||||
|
|
||||||
public static function run($internal = false)
|
private static function needRenew()
|
||||||
{
|
{
|
||||||
if (! defined('CRON_IS_FORCED') && ! defined('CRON_DEBUG_FLAG') && $internal == false) {
|
|
||||||
// FroxlorLogger::getInstanceOf()->logAction(FroxlorLogger::CRON_ACTION, LOG_WARNING, "Let's Encrypt cronjob is combined with regeneration of webserver configuration files.\nFor debugging purposes you can use the --debug switch and/or the --force switch to run the cron manually.");
|
|
||||||
return 0;
|
|
||||||
}
|
|
||||||
|
|
||||||
self::checkInstall();
|
|
||||||
|
|
||||||
self::$apiserver = 'https://acme-v0' . \Froxlor\Settings::Get('system.leapiversion') . '.api.letsencrypt.org/directory';
|
|
||||||
|
|
||||||
FroxlorLogger::getInstanceOf()->logAction(FroxlorLogger::CRON_ACTION, LOG_INFO, "Requesting/renewing Let's Encrypt certificates");
|
|
||||||
|
|
||||||
$certificates_stmt = Database::query("
|
$certificates_stmt = Database::query("
|
||||||
SELECT
|
SELECT
|
||||||
domssl.`id`,
|
domssl.`id`,
|
||||||
@@ -94,6 +83,46 @@ class AcmeSh extends \Froxlor\Cron\FroxlorCron
|
|||||||
OR domssl.`expirationdate` IS NULL
|
OR domssl.`expirationdate` IS NULL
|
||||||
)
|
)
|
||||||
");
|
");
|
||||||
|
$customer_ssl = $certificates_stmt->fetchAll(\PDO::FETCH_ASSOC);
|
||||||
|
|
||||||
|
$froxlor_ssl = array();
|
||||||
|
if (Settings::Get('system.le_froxlor_enabled') == '1') {
|
||||||
|
$froxlor_ssl_settings_stmt = Database::prepare("
|
||||||
|
SELECT * FROM `" . TABLE_PANEL_DOMAIN_SSL_SETTINGS . "`
|
||||||
|
WHERE `domainid` = '0' AND
|
||||||
|
(`expirationdate` < DATE_ADD(NOW(), INTERVAL 30 DAY) OR `expirationdate` IS NULL)
|
||||||
|
");
|
||||||
|
$froxlor_ssl = Database::pexecute_first($froxlor_ssl_settings_stmt);
|
||||||
|
}
|
||||||
|
|
||||||
|
if (count($customer_ssl) > 0 || count($froxlor_ssl) > 0) {
|
||||||
|
return array(
|
||||||
|
'customer_ssl' => $customer_ssl,
|
||||||
|
'froxlor_ssl' => $froxlor_ssl
|
||||||
|
);
|
||||||
|
}
|
||||||
|
return false;
|
||||||
|
}
|
||||||
|
|
||||||
|
public static function run($internal = false)
|
||||||
|
{
|
||||||
|
if (! defined('CRON_IS_FORCED') && ! defined('CRON_DEBUG_FLAG') && $internal == false) {
|
||||||
|
// Let's Encrypt cronjob is combined with regeneration of webserver configuration files.
|
||||||
|
// For debugging purposes you can use the --debug switch and the --force switch to run the cron manually.
|
||||||
|
// check whether we MIGHT need to run although there is no task to regenerate config-files
|
||||||
|
$needRenew = self::needRenew();
|
||||||
|
if ($needRenew) {
|
||||||
|
// insert task to generate certificates and vhost-configs
|
||||||
|
\Froxlor\System\Cronjob::inserttask(1);
|
||||||
|
}
|
||||||
|
return 0;
|
||||||
|
}
|
||||||
|
|
||||||
|
self::checkInstall();
|
||||||
|
|
||||||
|
self::$apiserver = 'https://acme-v0' . \Froxlor\Settings::Get('system.leapiversion') . '.api.letsencrypt.org/directory';
|
||||||
|
|
||||||
|
FroxlorLogger::getInstanceOf()->logAction(FroxlorLogger::CRON_ACTION, LOG_INFO, "Requesting/renewing Let's Encrypt certificates");
|
||||||
|
|
||||||
$aliasdomains_stmt = Database::prepare("
|
$aliasdomains_stmt = Database::prepare("
|
||||||
SELECT
|
SELECT
|
||||||
@@ -127,6 +156,8 @@ class AcmeSh extends \Froxlor\Cron\FroxlorCron
|
|||||||
// flag for re-generation of vhost files
|
// flag for re-generation of vhost files
|
||||||
$changedetected = 0;
|
$changedetected = 0;
|
||||||
|
|
||||||
|
$needRenew = self::needRenew();
|
||||||
|
|
||||||
// first - generate LE for system-vhost if enabled
|
// first - generate LE for system-vhost if enabled
|
||||||
if (Settings::Get('system.le_froxlor_enabled') == '1') {
|
if (Settings::Get('system.le_froxlor_enabled') == '1') {
|
||||||
|
|
||||||
@@ -147,12 +178,7 @@ class AcmeSh extends \Froxlor\Cron\FroxlorCron
|
|||||||
'id' => null
|
'id' => null
|
||||||
);
|
);
|
||||||
|
|
||||||
$froxlor_ssl_settings_stmt = Database::prepare("
|
$froxlor_ssl = $needRenew['froxlor_ssl'];
|
||||||
SELECT * FROM `" . TABLE_PANEL_DOMAIN_SSL_SETTINGS . "`
|
|
||||||
WHERE `domainid` = '0' AND
|
|
||||||
(`expirationdate` < DATE_ADD(NOW(), INTERVAL 30 DAY) OR `expirationdate` IS NULL)
|
|
||||||
");
|
|
||||||
$froxlor_ssl = Database::pexecute_first($froxlor_ssl_settings_stmt);
|
|
||||||
|
|
||||||
$cert_mode = 'issue';
|
$cert_mode = 'issue';
|
||||||
if ($froxlor_ssl) {
|
if ($froxlor_ssl) {
|
||||||
@@ -210,7 +236,7 @@ class AcmeSh extends \Froxlor\Cron\FroxlorCron
|
|||||||
}
|
}
|
||||||
|
|
||||||
// customer domains
|
// customer domains
|
||||||
$certrows = $certificates_stmt->fetchAll(\PDO::FETCH_ASSOC);
|
$certrows = $needRenew['customer_ssl'];
|
||||||
$cert_mode = 'issue';
|
$cert_mode = 'issue';
|
||||||
foreach ($certrows as $certrow) {
|
foreach ($certrows as $certrow) {
|
||||||
|
|
||||||
|
|||||||
Reference in New Issue
Block a user