merge domaindb.js into domains.js
This commit is contained in:
Girish Ramakrishnan
@@ -38,6 +38,7 @@ const acme2 = require('./acme2.js'),
|
||||
constants = require('./constants.js'),
|
||||
crypto = require('crypto'),
|
||||
debug = require('debug')('box:reverseproxy'),
|
||||
dns = require('./dns.js'),
|
||||
domains = require('./domains.js'),
|
||||
ejs = require('ejs'),
|
||||
eventlog = require('./eventlog.js'),
|
||||
@@ -57,6 +58,8 @@ const acme2 = require('./acme2.js'),
|
||||
|
||||
const NGINX_APPCONFIG_EJS = fs.readFileSync(__dirname + '/nginxconfig.ejs', { encoding: 'utf8' });
|
||||
const RESTART_SERVICE_CMD = path.join(__dirname, 'scripts/restartservice.sh');
|
||||
const domainsGet = util.callbackify(domains.get),
|
||||
domainsList = util.callbackify(domains.list);
|
||||
|
||||
function nginxLocation(s) {
|
||||
if (!s.startsWith('!')) return s;
|
||||
@@ -159,7 +162,7 @@ function validateCertificate(location, domainObject, certificate) {
|
||||
if (cert && !key) return new BoxError(BoxError.BAD_FIELD, 'missing key', { field: 'key' });
|
||||
|
||||
// -checkhost checks for SAN or CN exclusively. SAN takes precedence and if present, ignores the CN.
|
||||
const fqdn = domains.fqdn(location, domainObject);
|
||||
const fqdn = dns.fqdn(location, domainObject);
|
||||
|
||||
let result = safe.child_process.execSync(`openssl x509 -noout -checkhost "${fqdn}"`, { encoding: 'utf8', input: cert });
|
||||
if (result === null) return new BoxError(BoxError.BAD_FIELD, 'Unable to get certificate subject:' + safe.error.message, { field: 'cert' });
|
||||
@@ -224,24 +227,23 @@ function generateFallbackCertificateSync(domain) {
|
||||
return { cert: cert, key: key, error: null };
|
||||
}
|
||||
|
||||
function setFallbackCertificate(domain, fallback, callback) {
|
||||
async function setFallbackCertificate(domain, fallback) {
|
||||
assert.strictEqual(typeof domain, 'string');
|
||||
assert(fallback && typeof fallback === 'object');
|
||||
assert.strictEqual(typeof fallback, 'object');
|
||||
assert.strictEqual(typeof callback, 'function');
|
||||
|
||||
debug(`setFallbackCertificate: setting certs for domain ${domain}`);
|
||||
if (!safe.fs.writeFileSync(path.join(paths.NGINX_CERT_DIR, `${domain}.host.cert`), fallback.cert)) return callback(new BoxError(BoxError.FS_ERROR, safe.error.message));
|
||||
if (!safe.fs.writeFileSync(path.join(paths.NGINX_CERT_DIR, `${domain}.host.key`), fallback.key)) return callback(new BoxError(BoxError.FS_ERROR, safe.error.message));
|
||||
if (!safe.fs.writeFileSync(path.join(paths.NGINX_CERT_DIR, `${domain}.host.cert`), fallback.cert)) throw new BoxError(BoxError.FS_ERROR, safe.error.message);
|
||||
if (!safe.fs.writeFileSync(path.join(paths.NGINX_CERT_DIR, `${domain}.host.key`), fallback.key)) throw new BoxError(BoxError.FS_ERROR, safe.error.message);
|
||||
|
||||
// TODO: maybe the cert is being used by the mail container
|
||||
reload(callback);
|
||||
await util.promisify(reload)();
|
||||
}
|
||||
|
||||
function restoreFallbackCertificates(callback) {
|
||||
assert.strictEqual(typeof callback, 'function');
|
||||
|
||||
domains.getAll(function (error, result) {
|
||||
domainsList(function (error, result) {
|
||||
if (error) return callback(error);
|
||||
|
||||
result.forEach(function (domain) {
|
||||
@@ -278,7 +280,7 @@ function getAcmeCertificatePathSync(vhost, domainObject) {
|
||||
let certName, certFilePath, keyFilePath, csrFilePath, acmeChallengesDir = paths.ACME_CHALLENGES_DIR;
|
||||
|
||||
if (vhost !== domainObject.domain && domainObject.tlsConfig.wildcard) { // bare domain is not part of wildcard SAN
|
||||
certName = domains.makeWildcard(vhost).replace('*.', '_.');
|
||||
certName = dns.makeWildcard(vhost).replace('*.', '_.');
|
||||
certFilePath = path.join(paths.NGINX_CERT_DIR, `${certName}.cert`);
|
||||
keyFilePath = path.join(paths.NGINX_CERT_DIR, `${certName}.key`);
|
||||
csrFilePath = path.join(paths.NGINX_CERT_DIR, `${certName}.csr`);
|
||||
@@ -298,7 +300,7 @@ function setAppCertificate(location, domainObject, certificate, callback) {
|
||||
assert.strictEqual(typeof certificate, 'object');
|
||||
assert.strictEqual(typeof callback, 'function');
|
||||
|
||||
const fqdn = domains.fqdn(location, domainObject);
|
||||
const fqdn = dns.fqdn(location, domainObject);
|
||||
const { certFilePath, keyFilePath } = getAppCertificatePathSync(fqdn);
|
||||
|
||||
if (certificate.cert && certificate.key) {
|
||||
@@ -321,7 +323,7 @@ function getCertificatePath(fqdn, domain, callback) {
|
||||
// 2. if using fallback provider, return that cert
|
||||
// 3. look for LE certs
|
||||
|
||||
domains.get(domain, function (error, domainObject) {
|
||||
domainsGet(domain, function (error, domainObject) {
|
||||
if (error) return callback(error);
|
||||
|
||||
const appCertPath = getAppCertificatePathSync(fqdn); // user cert always wins
|
||||
@@ -398,7 +400,7 @@ function ensureCertificate(vhost, domain, auditSource, callback) {
|
||||
assert.strictEqual(typeof auditSource, 'object');
|
||||
assert.strictEqual(typeof callback, 'function');
|
||||
|
||||
domains.get(domain, async function (error, domainObject) {
|
||||
domainsGet(domain, async function (error, domainObject) {
|
||||
if (error) return callback(error);
|
||||
|
||||
let bundle;
|
||||
@@ -482,10 +484,10 @@ function writeDashboardConfig(domain, callback) {
|
||||
|
||||
debug(`writeDashboardConfig: writing admin config for ${domain}`);
|
||||
|
||||
domains.get(domain, function (error, domainObject) {
|
||||
domainsGet(domain, function (error, domainObject) {
|
||||
if (error) return callback(error);
|
||||
|
||||
const dashboardFqdn = domains.fqdn(constants.DASHBOARD_LOCATION, domainObject);
|
||||
const dashboardFqdn = dns.fqdn(constants.DASHBOARD_LOCATION, domainObject);
|
||||
|
||||
getCertificatePath(dashboardFqdn, domainObject.domain, function (error, bundle) {
|
||||
if (error) return callback(error);
|
||||
|
||||
Reference in New Issue
Block a user