017c32c3dd
fix certificate renewal
...
Do the whole acme flow for certificate renewal. the idea here is
simply reuse the key and the csr. In this case, it does not count
as a new certificate issuance.
https://github.com/diafygi/letsencrypt-nosudo/issues/55
2016-03-19 02:44:05 -07:00
5d54c9e668
check my domain for expiry and falling back
2016-03-18 23:43:56 -07:00
adaaca5ceb
switch expired certs of domains to use fallback cert
...
1) nginx won't reload when using expired certs
2) this is the only way the user can use the app now
2016-03-18 23:26:57 -07:00
4a73e1490e
Refactor code to take hours
2016-03-18 23:00:02 -07:00
f31a7a5061
use fallback certs if renewal fails
2016-03-17 12:20:02 -07:00
3499a4cc6c
move requiresOAuthProxy to nginx
...
we have 3 levels
* routes, cron, apptask
* everything else where everyone calls everyone :-)
* the db layer
2016-03-17 11:38:29 -07:00
42796b12dc
update safetydance to 0.1.1
2016-03-14 22:50:48 -07:00
20ac040dde
cert: check expiry correctly
2016-03-14 22:50:06 -07:00
7f2b3eb835
acme: disable renewal via url fetch for now
...
this does not seem to work.
From https://github.com/ericchiang/letsencrypt/commit/cf85854177b22540ca1aeba770c2b86534c6c5ef :
// RenewCertificate attempts to renew an existing certificate.
// Let's Encrypt may return the same certificate. You should load your
// current x509.Certificate and use the Equal method to compare to the "new"
// certificate. If it's identical, you'll need to run NewCertificate and/or
// start a new certificate flow.
2016-03-14 22:22:57 -07:00
2b562f76ea
le: handle renewal upto 30 days in advance
2016-03-14 22:18:43 -07:00
b942033512
acme: debug output the domain
2016-03-14 16:21:03 -07:00
fa4a8c2036
add debug for successful renewal
2016-03-14 15:55:51 -07:00
27febbf1e9
The blue cloud is gone
2016-03-11 16:48:56 -08:00
8da2eb36cc
fix email wording
2016-03-09 18:37:02 -08:00
cbb34005c6
restoreKey -> filename
2016-03-09 14:23:42 -08:00
efc1627648
more changes
2016-03-09 09:34:57 -08:00
f513dcdf3b
Add 0.10.0 changelog
2016-03-09 09:29:17 -08:00
61a52d8888
dist-upgrade to update more aggressively
2016-03-09 09:29:07 -08:00
4cfc187063
Add sender name to admin email
2016-03-09 07:41:50 +01:00
065af03e5f
Stop docker proxy in ldap tests
2016-03-09 07:34:44 +01:00
c4eeebdfbe
Enable admin change test
2016-03-09 06:18:39 +01:00
b1004de358
Notify admins about newly added admin
2016-03-09 06:16:21 +01:00
fbca0fef38
fix missing assert
2016-03-08 18:51:40 -08:00
d658530e66
fix failing tests
2016-03-08 18:44:51 -08:00
21d4cc9cb2
getAllPaged -> getPaged
2016-03-08 18:10:39 -08:00
e2b7ec3ffd
store filename with tar.gz extension
2016-03-08 16:47:53 -08:00
8014e2eaf8
add route to download backup
2016-03-08 16:28:42 -08:00
a10ed73af2
get zoneName using tldjs
2016-03-08 09:52:13 -08:00
8b2903015d
list app backups from db
2016-03-08 08:57:28 -08:00
d157bf30f3
remove box backups from the database
2016-03-08 08:52:20 -08:00
7996b32022
add backups to the database
...
ideally, these should be done _after_ the backup is successful and not when
the backup url is generated.
we had a discussion on why need backupdb to start with. Some rationale includes:
1. we can use it as a FK constraint (like make sure you delete backups when you delete app)
2. have labels for backups
3. dependancy relation from box backup to apps
4. s3 reverse sort is little painful and requires us to get all items in bulk and sort in JS
(also requires us to change our backup filename format)
5. any metadata storage requires database
The cons include:
1. s3 and this db go out of sync
2. db entry is useless if s3 file is missing
2016-03-08 08:42:00 -08:00
4b77703902
export getByAppIdPaged
2016-03-07 17:52:13 -08:00
4dd82d10ad
backup: ensure same timestamp for app data and config
2016-03-07 12:13:54 -08:00
83d05c99d3
mount manually instead of fstab because of race
...
I cannot figure how to make the box-setup.service run before the mounting
of a specific mount point. adding a dep on mount.target locks up the system.
2016-03-07 10:48:09 -08:00
b0acdfb908
use truncate instead of fallocate
2016-03-07 10:44:35 -08:00
b062dab65c
mysql also uses the data partition
2016-03-07 10:38:59 -08:00
eadcdeee1c
not being mounted is the normal case
2016-03-07 10:37:26 -08:00
9de6f9c1c2
add backupdb
...
mostly same code as the appstore side
2016-03-07 09:30:44 -08:00
89f54245f7
Add backups table
2016-03-07 09:27:10 -08:00
5fbd1dae30
bump the mysql memory limit
...
we hit this memory limit often in phabricator backup. this is all
very crude but should suffice for now.
2016-03-05 18:35:28 -08:00
486ced0946
fix LDAP debug
2016-03-04 17:52:27 -08:00
d1c1fb8786
fix ldap debug ("ldap" already appears as part of debug)
2016-03-04 17:51:18 -08:00
57ff8b6770
fix feedback test
2016-03-04 22:27:18 +01:00
d12d8f5c0b
Properly extract referrers, which contain queries on their own and are not properly encoded
2016-03-03 15:06:14 +01:00
17deac756b
Also log app manifest id for alive apps
2016-03-03 09:30:46 +01:00
f7bb3bac98
Log app manifest id in healthmonitor
2016-03-03 09:30:46 +01:00
744c721000
use docker 1.10.2 (untested)
2016-03-01 10:13:44 -08:00
0500bae221
install aufs tools
...
https://github.com/docker/docker/issues/915
2016-03-01 10:13:04 -08:00
a7b5b49d96
fix language
2016-02-26 10:14:37 -08:00
93ef1919c2
Hide superuser checkbox for the user himself
2016-02-26 18:08:56 +01:00
Girish Ramakrishnan