jjkiers/cloudron-box
1
0
Fork 0
Code Issues Pull Requests 1 Actions Packages Projects Releases Wiki Activity
4,333 Commits 33 Branches 583 Tags
a0ef86f287b543fa38d180aadc870c8a67c2e130
Commit Graph

94 Commits

Author SHA1 Message Date
Johannes Zellner
f2e8f325d1 Correct debug lines for cert renewal or not existing 2017-01-17 10:35:42 +01:00
Girish Ramakrishnan
da2aecc76a Save generated fallback certs as part of the backup 
this way we don't get a new cert across restarts
 2017-01-14 13:18:54 -08:00
Johannes Zellner
5d739f012c Never use the cloudron email account for LetsEncrypt 2017-01-10 18:14:59 +01:00
Girish Ramakrishnan
9e8f120fdd Make ensureFallbackCertificate error without a domain 2017-01-09 10:28:28 -08:00
Girish Ramakrishnan
3b9b9a1629 ensure fallback cert exists before platform is started 2017-01-09 10:28:28 -08:00
Johannes Zellner
a243478fff Create separate ip and my. domain nginx configs 2017-01-06 16:01:49 +01:00
Girish Ramakrishnan
0b68d1c9aa Reconfigure admin when domain gets set 2017-01-06 10:23:10 +01:00
Girish Ramakrishnan
cc9904c8c7 Move nginx config and cert generation to box code 2017-01-06 10:23:10 +01:00
Girish Ramakrishnan
16ab523cb2 Store IP certs as part of nginx cert dir (otherwise, it will get backed up) 2017-01-06 10:23:10 +01:00
Johannes Zellner
38c542b05a Add route to check dns and cert status 2017-01-05 20:37:26 +01:00
Johannes Zellner
801c40420c Create setup nginx config and cert for ip setup 2017-01-05 16:02:03 +01:00
Johannes Zellner
d9865f9b0f Allow box to startup without fqdn 2017-01-05 14:02:04 +01:00
Girish Ramakrishnan
54a388af5e Add debug 2016-12-15 07:30:38 -08:00
Girish Ramakrishnan
de1c677e75 Simply get admin cert after waiting for dns 
Removes some specialized code that was in installAdminCertificate.
 2016-12-14 14:52:42 -08:00
Girish Ramakrishnan
d475d9bcbf Make waitForDns provider specific 
This will allow us to create a proper 'noop' backend that does
not wait for dns to be in sync. This is required for local/intranet
setups.
 2016-12-14 14:43:20 -08:00
Girish Ramakrishnan
bf095f0698 Skip admin cert installation with fallback tls provider 2016-12-13 18:58:07 -08:00
Johannes Zellner
7d93cfaac1 Add missing return 
Fixes #128
 2016-12-06 17:26:56 +01:00
Johannes Zellner
b1be65d9ce Add fallback certificate backend 2016-12-05 17:01:23 +01:00
Girish Ramakrishnan
eaa747fe39 do not install admin certs during test 2016-10-25 11:36:56 -07:00
Girish Ramakrishnan
cd94d8f433 Save user certs separately from automatic certs 
Fixing the admin cert is a bit more complex since it is used in
setup script as well. Can do that in a later task.

Fixes #44
 2016-09-12 01:44:16 -07:00
Girish Ramakrishnan
e0d4c1adc1 use support instead of admin 2016-07-27 11:48:03 -07:00
Girish Ramakrishnan
d4d07e27c0 send email for certificate renewal error 2016-07-26 16:37:10 -07:00
Girish Ramakrishnan
e9e09e66c3 remove unused variables 2016-07-26 16:37:10 -07:00
Girish Ramakrishnan
1caf4e9e76 remove the isConfigured check entirely 
good thing is that we will not check if the my. cert is valid each
time on start up which will work out well when restoring from
old backups with an outdated cert.
 2016-07-06 10:11:54 -05:00
Johannes Zellner
53d03698ad Setup admin certs if we are configured 2016-07-04 10:18:39 +02:00
Girish Ramakrishnan
f9ed725002 wait (practically) forever for admin DNS propagation 2016-06-22 16:00:03 -05:00
Girish Ramakrishnan
8cfbf92adc fix acme prod setting detection 2016-06-22 15:55:53 -05:00
Girish Ramakrishnan
f84de690ce pass retry options to waitForDns 2016-06-21 15:12:36 -05:00
Girish Ramakrishnan
a4e73be834 pass auditSource for certificate renewal 2016-06-02 18:54:45 -07:00
Girish Ramakrishnan
2768c3a336 acme: configure prod based on caas or acme 2016-05-23 09:48:17 -07:00
Johannes Zellner
0d6637de27 Avoid circular dependencies with apps and certificates 2016-05-06 18:44:37 +02:00
Girish Ramakrishnan
c4ae9526af look for fallback cert in nginx cert dir 2016-05-05 13:52:08 -07:00
Girish Ramakrishnan
8d79ac9ae0 provide tls cert and key to mail server 
haraka requires tls certs for:
1. supporting AUTH
2. port 587 support (MSA)

currently, we just reuse the cert for the admin domain. Otherwise,
we have to setup dns etc to get a new cert. While doable, its' not
necessary right now.
 2016-05-05 13:18:17 -07:00
Girish Ramakrishnan
fc8bf82993 Add getters for fallback and admin cert 2016-05-04 17:37:21 -07:00
Girish Ramakrishnan
ffedbdfa13 various minor fixes to eventlog 2016-05-02 10:01:23 -07:00
Girish Ramakrishnan
a969e323a6 what if cron was a username 2016-05-01 11:48:29 -07:00
Girish Ramakrishnan
c4ad6c803f add certificate renew event 2016-04-30 22:27:33 -07:00
Girish Ramakrishnan
9c9f82e2c5 fix usage of waitForDns 2016-04-26 11:09:14 -07:00
Girish Ramakrishnan
9893dd6640 make waitfordns get the zone itself 2016-04-25 10:52:12 -07:00
Girish Ramakrishnan
aab035f7b9 use the acme backend when using altDomain 2016-04-25 10:52:12 -07:00
Girish Ramakrishnan
0e825272ae ensureCertificate now takes app object 2016-04-25 10:52:12 -07:00
Girish Ramakrishnan
46fee9e431 use config.adminFqdn instead 2016-04-25 10:52:12 -07:00
Girish Ramakrishnan
a215443c56 do not renew apps without any cert 
autoRenew was mistakenly reconfiguring app without a cert (this
is the common case for apps in non-custom domain)
 2016-03-23 08:49:08 -07:00
girish@cloudron.io
b1f172ed17 trim the output string 2016-03-21 08:25:10 -07:00
Girish Ramakrishnan
11513f9428 send a message for cert renewal status 2016-03-19 20:40:03 -07:00
Girish Ramakrishnan
5042741435 renew cert every 12 hours 2016-03-19 20:30:01 -07:00
Girish Ramakrishnan
8c36f3aab4 add debug for fallback case 2016-03-19 18:37:05 -07:00
Girish Ramakrishnan
ea87841e77 merge fallback cert job into renewal 
this is becase we need to reconfigure for the case where we got a
renewed cert (but the app was switched to fallback cert at some point)
 2016-03-19 13:54:52 -07:00
Girish Ramakrishnan
20629ea078 fix linter errors 2016-03-19 13:22:38 -07:00
Girish Ramakrishnan
b1b6a9ae65 reconfigure admin using configureAdmin 2016-03-19 12:54:11 -07:00