jjkiers/cloudron-box
1
0
Fork 0
Code Issues Pull Requests 1 Actions Packages Projects Releases Wiki Activity

reverseproxy: fix restore of trusted ips

Browse Source
This commit is contained in:
Girish Ramakrishnan
2026-03-10 17:28:06 +05:30
parent d377d1e1cf
commit 8ef56c6d91
2 changed files with 15 additions and 12 deletions
Download Patch File Download Diff File Expand all files Collapse all files
src/provision.js
+1 -1
View File
@@ -190,7 +190,7 @@ async function restoreTask(backupSite, remotePath, ipv4Config, ipv6Config, optio
await ensureDhparams();
await network.setIPv4Config(ipv4Config);
await network.setIPv6Config(ipv6Config);
await reverseProxy.restoreFallbackCertificates();
await reverseProxy.reprovision();
await backupSites.reinitAll();
src/reverseproxy.js
+14 -11
View File
@@ -27,7 +27,6 @@ import tasks from './tasks.js';
const debug = debugModule('box:reverseproxy');
const shell = shellModule('reverseproxy');
const NGINX_APPCONFIG_EJS = fs.readFileSync(import.meta.dirname + '/nginxconfig.ejs', { encoding: 'utf8' });
const RESTART_SERVICE_CMD = path.join(import.meta.dirname, 'scripts/restartservice.sh');
@@ -164,15 +163,6 @@ function writeFileSync(filePath, data) {
return true;
}
async function restoreFallbackCertificates() {
const result = await domains.list();
for (const domain of result) {
if (!safe.fs.writeFileSync(path.join(paths.NGINX_CERT_DIR, `${domain.domain}.host.cert`), domain.fallbackCertificate.cert)) throw new BoxError(BoxError.FS_ERROR, safe.error.message);
if (!safe.fs.writeFileSync(path.join(paths.NGINX_CERT_DIR, `${domain.domain}.host.key`), domain.fallbackCertificate.key)) throw new BoxError(BoxError.FS_ERROR, safe.error.message);
}
}
async function setupTlsAddon(app) {
assert.strictEqual(typeof app, 'object');
@@ -717,6 +707,19 @@ async function setTrustedIps(trustedIps) {
await reload();
}
async function reprovision() {
debug('reprovision: restoring fallback certs and trusted ips');
const result = await domains.list();
for (const domain of result) {
if (!safe.fs.writeFileSync(path.join(paths.NGINX_CERT_DIR, `${domain.domain}.host.cert`), domain.fallbackCertificate.cert)) throw new BoxError(BoxError.FS_ERROR, safe.error.message);
if (!safe.fs.writeFileSync(path.join(paths.NGINX_CERT_DIR, `${domain.domain}.host.key`), domain.fallbackCertificate.key)) throw new BoxError(BoxError.FS_ERROR, safe.error.message);
}
await setTrustedIps(await getTrustedIps());
}
export default {
setUserCertificate, // per location certificate
setFallbackCertificate, // per domain certificate
@@ -740,7 +743,7 @@ export default {
removeDashboardConfig,
removeAppConfigs,
restoreFallbackCertificates,
reprovision,
handleCertificateProviderChanged,