maketank/Froxlor
2
0
Fork 0
Code Pull Requests Releases Activity

correctly trigger re-generation of let's encrypt certificates

Browse Source 
Signed-off-by: Michael Kaufmann <d00p@froxlor.org>
This commit is contained in:
Michael Kaufmann
2019-09-15 10:22:25 +02:00
parent 6ebb8dabc4
commit dc3f159c90
3 changed files with 20 additions and 9 deletions
Download Patch File Download Diff File Expand all files Collapse all files

10
lib/Froxlor/Api/Commands/Domains.php
View File

@@ -1450,14 +1450,15 @@ class Domains extends \Froxlor\Api\ApiCommand implements \Froxlor\Api\ResourceEn
} }
} }
} }
if ($result['aliasdomain'] != $aliasdomain) { if ($result['aliasdomain'] != $aliasdomain && is_numeric($result['aliasdomain'])) {
// trigger when domain id for alias destination has changed: both for old and new destination // trigger when domain id for alias destination has changed: both for old and new destination
\Froxlor\Domain\Domain::triggerLetsEncryptCSRForAliasDestinationDomain($result['aliasdomain'], $this->logger()); \Froxlor\Domain\Domain::triggerLetsEncryptCSRForAliasDestinationDomain($result['aliasdomain'], $this->logger());
\Froxlor\Domain\Domain::triggerLetsEncryptCSRForAliasDestinationDomain($aliasdomain, $this->logger()); \Froxlor\Domain\Domain::triggerLetsEncryptCSRForAliasDestinationDomain($aliasdomain, $this->logger());
} elseif ($result['wwwserveralias'] != $wwwserveralias || $result['letsencrypt'] != $letsencrypt) { }
if ($result['wwwserveralias'] != $wwwserveralias || $result['letsencrypt'] != $letsencrypt) {
// or when wwwserveralias or letsencrypt was changed // or when wwwserveralias or letsencrypt was changed
\Froxlor\Domain\Domain::triggerLetsEncryptCSRForAliasDestinationDomain($aliasdomain, $this->logger()); \Froxlor\Domain\Domain::triggerLetsEncryptCSRForAliasDestinationDomain($aliasdomain, $this->logger());
if ($aliasdomain === 0) { if ((int) $aliasdomain === 0) {
// in case the wwwserveralias is set on a main domain, $aliasdomain is 0 // in case the wwwserveralias is set on a main domain, $aliasdomain is 0
// --> the call just above to triggerLetsEncryptCSRForAliasDestinationDomain // --> the call just above to triggerLetsEncryptCSRForAliasDestinationDomain
// is a noop...let's repeat it with the domain id of the main domain // is a noop...let's repeat it with the domain id of the main domain
@@ -1465,7 +1466,8 @@ class Domains extends \Froxlor\Api\ApiCommand implements \Froxlor\Api\ResourceEn
} }
} }
$this->logger()->logAction(\Froxlor\FroxlorLogger::ADM_ACTION, LOG_WARNING, "[API] updated domain '" . $result['domain'] . "'"); $idna_convert = new \Froxlor\Idna\IdnaWrapper();
$this->logger()->logAction(\Froxlor\FroxlorLogger::ADM_ACTION, LOG_WARNING, "[API] updated domain '" . $idna_convert->decode($result['domain']) . "'");
return $this->response(200, "successfull", $update_data); return $this->response(200, "successfull", $update_data);
} }
throw new \Exception("Not allowed to execute given command.", 403); throw new \Exception("Not allowed to execute given command.", 403);

11
lib/Froxlor/Api/Commands/SubDomains.php
View File

@@ -623,13 +623,20 @@ class SubDomains extends \Froxlor\Api\ApiCommand implements \Froxlor\Api\Resourc
); );
Database::pexecute($stmt, $params, true, true); Database::pexecute($stmt, $params, true, true);
if ($result['aliasdomain'] != $aliasdomain) { if ($result['aliasdomain'] != $aliasdomain && is_numeric($result['aliasdomain'])) {
// trigger when domain id for alias destination has changed: both for old and new destination // trigger when domain id for alias destination has changed: both for old and new destination
\Froxlor\Domain\Domain::triggerLetsEncryptCSRForAliasDestinationDomain($result['aliasdomain'], $this->logger()); \Froxlor\Domain\Domain::triggerLetsEncryptCSRForAliasDestinationDomain($result['aliasdomain'], $this->logger());
\Froxlor\Domain\Domain::triggerLetsEncryptCSRForAliasDestinationDomain($aliasdomain, $this->logger()); \Froxlor\Domain\Domain::triggerLetsEncryptCSRForAliasDestinationDomain($aliasdomain, $this->logger());
} elseif ($result['wwwserveralias'] != $wwwserveralias || $result['letsencrypt'] != $letsencrypt) { }
if ($result['wwwserveralias'] != $wwwserveralias || $result['letsencrypt'] != $letsencrypt) {
// or when wwwserveralias or letsencrypt was changed // or when wwwserveralias or letsencrypt was changed
\Froxlor\Domain\Domain::triggerLetsEncryptCSRForAliasDestinationDomain($aliasdomain, $this->logger()); \Froxlor\Domain\Domain::triggerLetsEncryptCSRForAliasDestinationDomain($aliasdomain, $this->logger());
if ((int) $aliasdomain === 0) {
// in case the wwwserveralias is set on a main domain, $aliasdomain is 0
// --> the call just above to triggerLetsEncryptCSRForAliasDestinationDomain
// is a noop...let's repeat it with the domain id of the main domain
\Froxlor\Domain\Domain::triggerLetsEncryptCSRForAliasDestinationDomain($id, $this->logger());
}
} }
// check whether LE has been disabled, so we remove the certificate // check whether LE has been disabled, so we remove the certificate

8
lib/Froxlor/Cron/Http/LetsEncrypt/AcmeSh.php
View File

@@ -192,10 +192,12 @@ class AcmeSh extends \Froxlor\Cron\FroxlorCron
// Only renew let's encrypt certificate if no broken ssl_redirect is enabled // Only renew let's encrypt certificate if no broken ssl_redirect is enabled
// - this temp. deactivation of the ssl-redirect is handled by the webserver-cronjob // - this temp. deactivation of the ssl-redirect is handled by the webserver-cronjob
$do_force = false;
if ($cert_mode == 'renew') { if ($cert_mode == 'renew') {
FroxlorLogger::getInstanceOf()->logAction(FroxlorLogger::CRON_ACTION, LOG_INFO, "Creating certificate for " . $certrow['domain']);
} else {
FroxlorLogger::getInstanceOf()->logAction(FroxlorLogger::CRON_ACTION, LOG_INFO, "Updating certificate for " . $certrow['domain']); FroxlorLogger::getInstanceOf()->logAction(FroxlorLogger::CRON_ACTION, LOG_INFO, "Updating certificate for " . $certrow['domain']);
} else {
$do_force = true;
FroxlorLogger::getInstanceOf()->logAction(FroxlorLogger::CRON_ACTION, LOG_INFO, "Creating certificate for " . $certrow['domain']);
} }
$cronlog = FroxlorLogger::getInstanceOf(array( $cronlog = FroxlorLogger::getInstanceOf(array(
@@ -203,7 +205,7 @@ class AcmeSh extends \Froxlor\Cron\FroxlorCron
'adminsession' => 0 'adminsession' => 0
)); ));
self::runAcmeSh($certrow, $domains, $cert_mode, $cronlog, $changedetected); self::runAcmeSh($certrow, $domains, $cert_mode, $cronlog, $changedetected, $do_force);
} }
} }