b604caec72
Get rid of x509 module
...
This is the last of the "native" modules. These modules take forever
to rebuild in low memory machines
2017-02-24 21:01:48 -08:00
4217db9e18
Ensure we don't crash if domain is not a string
...
Fixes #219
2017-02-13 13:21:25 +01:00
b91674799b
Create/destroy event listeners
...
mocha loads all the tests in same process. This means that when
we start a new test, the old state still persists. For event
listeners, this means that they get multiple duplicate event handlers.
2017-02-07 10:30:52 -08:00
1262d11cb3
Prefix event enum with EVENT_
2017-01-17 23:18:08 -08:00
ebf1dc1b08
listen for cert changed events and restart mail container
...
neither haraka nor dovecot restarts on cert change
Fixes #47
2017-01-17 10:59:00 -08:00
7dd52779dc
generate cert files for mail container
...
this allows us to not track paths anymore
part of #47
2017-01-17 10:21:44 -08:00
db50382b18
check user cert and then the le cert
...
part of #47
2017-01-17 09:59:40 -08:00
32b061c768
user certs are saved with extension user.cert/key
...
part of #47
2017-01-17 09:59:30 -08:00
740e85d28c
make code a bit readable
2017-01-17 09:57:15 -08:00
b99438e550
remove unused function
2017-01-17 09:18:48 -08:00
f2e8f325d1
Correct debug lines for cert renewal or not existing
2017-01-17 10:35:42 +01:00
da2aecc76a
Save generated fallback certs as part of the backup
...
this way we don't get a new cert across restarts
2017-01-14 13:18:54 -08:00
5d739f012c
Never use the cloudron email account for LetsEncrypt
2017-01-10 18:14:59 +01:00
9e8f120fdd
Make ensureFallbackCertificate error without a domain
2017-01-09 10:28:28 -08:00
3b9b9a1629
ensure fallback cert exists before platform is started
2017-01-09 10:28:28 -08:00
a243478fff
Create separate ip and my. domain nginx configs
2017-01-06 16:01:49 +01:00
0b68d1c9aa
Reconfigure admin when domain gets set
2017-01-06 10:23:10 +01:00
cc9904c8c7
Move nginx config and cert generation to box code
2017-01-06 10:23:10 +01:00
16ab523cb2
Store IP certs as part of nginx cert dir (otherwise, it will get backed up)
2017-01-06 10:23:10 +01:00
38c542b05a
Add route to check dns and cert status
2017-01-05 20:37:26 +01:00
801c40420c
Create setup nginx config and cert for ip setup
2017-01-05 16:02:03 +01:00
d9865f9b0f
Allow box to startup without fqdn
2017-01-05 14:02:04 +01:00
54a388af5e
Add debug
2016-12-15 07:30:38 -08:00
de1c677e75
Simply get admin cert after waiting for dns
...
Removes some specialized code that was in installAdminCertificate.
2016-12-14 14:52:42 -08:00
d475d9bcbf
Make waitForDns provider specific
...
This will allow us to create a proper 'noop' backend that does
not wait for dns to be in sync. This is required for local/intranet
setups.
2016-12-14 14:43:20 -08:00
bf095f0698
Skip admin cert installation with fallback tls provider
2016-12-13 18:58:07 -08:00
7d93cfaac1
Add missing return
...
Fixes #128
2016-12-06 17:26:56 +01:00
b1be65d9ce
Add fallback certificate backend
2016-12-05 17:01:23 +01:00
eaa747fe39
do not install admin certs during test
2016-10-25 11:36:56 -07:00
cd94d8f433
Save user certs separately from automatic certs
...
Fixing the admin cert is a bit more complex since it is used in
setup script as well. Can do that in a later task.
Fixes #44
2016-09-12 01:44:16 -07:00
e0d4c1adc1
use support instead of admin
2016-07-27 11:48:03 -07:00
d4d07e27c0
send email for certificate renewal error
2016-07-26 16:37:10 -07:00
e9e09e66c3
remove unused variables
2016-07-26 16:37:10 -07:00
1caf4e9e76
remove the isConfigured check entirely
...
good thing is that we will not check if the my. cert is valid each
time on start up which will work out well when restoring from
old backups with an outdated cert.
2016-07-06 10:11:54 -05:00
53d03698ad
Setup admin certs if we are configured
2016-07-04 10:18:39 +02:00
f9ed725002
wait (practically) forever for admin DNS propagation
2016-06-22 16:00:03 -05:00
8cfbf92adc
fix acme prod setting detection
2016-06-22 15:55:53 -05:00
f84de690ce
pass retry options to waitForDns
2016-06-21 15:12:36 -05:00
a4e73be834
pass auditSource for certificate renewal
2016-06-02 18:54:45 -07:00
2768c3a336
acme: configure prod based on caas or acme
2016-05-23 09:48:17 -07:00
0d6637de27
Avoid circular dependencies with apps and certificates
2016-05-06 18:44:37 +02:00
c4ae9526af
look for fallback cert in nginx cert dir
2016-05-05 13:52:08 -07:00
8d79ac9ae0
provide tls cert and key to mail server
...
haraka requires tls certs for:
1. supporting AUTH
2. port 587 support (MSA)
currently, we just reuse the cert for the admin domain. Otherwise,
we have to setup dns etc to get a new cert. While doable, its' not
necessary right now.
2016-05-05 13:18:17 -07:00
fc8bf82993
Add getters for fallback and admin cert
2016-05-04 17:37:21 -07:00
ffedbdfa13
various minor fixes to eventlog
2016-05-02 10:01:23 -07:00
a969e323a6
what if cron was a username
2016-05-01 11:48:29 -07:00
c4ad6c803f
add certificate renew event
2016-04-30 22:27:33 -07:00
9c9f82e2c5
fix usage of waitForDns
2016-04-26 11:09:14 -07:00
9893dd6640
make waitfordns get the zone itself
2016-04-25 10:52:12 -07:00
aab035f7b9
use the acme backend when using altDomain
2016-04-25 10:52:12 -07:00
Girish Ramakrishnan