jjkiers/cloudron-box
1
0
Fork 0
Code Issues Pull Requests 1 Actions Packages Projects Releases Wiki Activity
8,786 Commits 33 Branches 583 Tags
cda649884e966a620ebd34ebcdb2db35efc84467
Commit Graph

104 Commits

Author SHA1 Message Date
Girish Ramakrishnan
3ec5c713bf debug: certFilePath is undefined 2019-12-08 18:23:12 -08:00
Girish Ramakrishnan
53e39f571c Make addons code remove a BoxError 2019-12-04 14:28:42 -08:00
Girish Ramakrishnan
8d944f74c0 Make reverseProxy return BoxError consistently 2019-10-24 10:28:38 -07:00
Girish Ramakrishnan
51cb3b0ba8 Move DomainsError to BoxError 2019-10-23 15:15:19 -07:00
Girish Ramakrishnan
db6c07f86a Move ReverseProxyError with BoxError 2019-10-22 21:24:31 -07:00
Girish Ramakrishnan
8878bc4bf9 frameAncestors -> csp 
It seems we cannot separate frame ancestors from CSP because the hide
header just hides everything and not a specific resource. This means
that the user has to set or unset the full policy whole sale.
 2019-10-14 17:12:01 -07:00
Girish Ramakrishnan
9c12f1fe15 Add field to configure the reverse proxy 
part of #596
 2019-10-14 15:05:25 -07:00
Girish Ramakrishnan
488763fc42 rename appconfig to nginxconfig 2019-10-13 17:08:33 -07:00
Girish Ramakrishnan
0542ab16d4 If cert renewal failed, continue using old cert 2019-10-03 11:11:02 -07:00
Girish Ramakrishnan
7e75ef7685 cert: add more debugs 2019-10-03 10:36:57 -07:00
Girish Ramakrishnan
c428f649aa typo 2019-10-01 14:40:24 -07:00
Girish Ramakrishnan
ccecaca047 Fix crash 2019-10-01 14:04:39 -07:00
Girish Ramakrishnan
c7ee684f25 Fix bug where nginx was not reloaded on cert renewal 
Looks like it worked so far because nginx got reloaded in situations
like apptask or server reboot.
 2019-10-01 11:25:57 -07:00
Girish Ramakrishnan
52156c9a35 Remove unused type field 2019-10-01 11:17:12 -07:00
Girish Ramakrishnan
1d00c788d1 Remove dead code 2019-09-30 15:54:18 -07:00
Girish Ramakrishnan
d891d39587 reverseproxy: rename to writeDefaultConfig 2019-09-30 15:28:05 -07:00
Girish Ramakrishnan
cfde6e31ad reverseproxy: improve the note 2019-09-30 15:25:53 -07:00
Girish Ramakrishnan
243772d1f5 reverseproxy: do not export reload 2019-09-30 15:23:53 -07:00
Girish Ramakrishnan
1c36b8eaf7 Add debugs 2019-09-30 11:52:23 -07:00
Girish Ramakrishnan
79f9963792 Add robotsTxt tests 2019-09-09 21:52:01 -07:00
Girish Ramakrishnan
6dfafae342 move the comment 2019-07-26 22:19:14 -07:00
Girish Ramakrishnan
9b74bb73aa config.js is dead, long live config.js 
we use settings now
 2019-07-26 14:51:51 -07:00
Girish Ramakrishnan
6a77a58489 Move hasIPv6 into sysinfo 2019-07-25 14:35:08 -07:00
Girish Ramakrishnan
9d2f81d6b9 Remove X-Frame-Options 
This option is now obsolete in the standards and browsers are complaining.
This needs to move to be a CSP header but this is hard to do from outside
the app (since it has to be 'merged' with the app's existing CSP).

fixes #596
 2019-05-20 10:11:52 -07:00
Girish Ramakrishnan
c7f6ae5be9 remove unused require 2019-03-04 19:49:25 -08:00
Girish Ramakrishnan
d83d2d5f4e Do not restart mail container when setting fallback certs 2019-03-04 19:35:22 -08:00
Girish Ramakrishnan
da2b00c9cf Move cert change notification into ensureCertificate() 
When ensureCertificate renews the cert, the filename will match the
nginx config cert file. The current code detects that this implies
that the cert has not changed and thus does not update mail container.

Move the notification into ensureCertificate() itself. If we have a wildcard
cert and it gets renewed when installing a new app, then mail container will
still get it.
 2019-03-04 15:24:09 -08:00
Girish Ramakrishnan
b1b2bd5b97 move cert renewal notification to notification logic 2019-03-04 14:53:19 -08:00
Girish Ramakrishnan
e5964f9d93 Remove unused function 2019-03-02 19:31:19 -08:00
Girish Ramakrishnan
65210ea91d rework dns api to take domainObject 
the DNS backends require many different params, it's just easier to
pass them all together and have backends do whatever.

For example, route53 API requires the fqdn. Some other backends require just the
"part" to insert.

* location - location in the database (where app is installed)
* zoneName - the dns zone name
* domain - domain in the database (where apps are installed into)
* name/getName() - this returns the name to insert in the DNS based on zoneName/location
* fqdn - the fully resolved location in zoneName

verifyDnsConfig also takes a domain object even if it's not in db just so that we can
test even existing domain objects, if required. The IP param is removed since it's not
required.

for caas, we also don't need the fqdn hack in dnsConfig anymore
 2019-01-04 22:38:12 -08:00
Girish Ramakrishnan
16c1622b1f Make domains.fqdn take config and domain separately 
This way it can be used in the dns backends which don't have the domain object
 2019-01-04 14:11:29 -08:00
Girish Ramakrishnan
b5b20452cc Fix reverseProxy.getCertificate API 2018-12-19 14:20:48 -08:00
Girish Ramakrishnan
bdf9671280 Split dashboard dns setup and db operations 
The dns setup is now a task that we can wait on. Once that task
is done, we can do db operations to switch the domain in a separate
route
 2018-12-14 09:57:28 -08:00
Girish Ramakrishnan
357e44284d Write nginx config into my.<domain>.conf 
This way we can switch the domain as an independent task that does
not affect the existing admin conf
 2018-12-14 09:20:10 -08:00
Girish Ramakrishnan
63e3560dd7 on startup, only re-generate the admin config 
should not try to get certificates on startup
 2018-12-14 09:20:06 -08:00
Girish Ramakrishnan
434525943c move appconfig.ejs 2018-12-13 21:53:31 -08:00
Girish Ramakrishnan
f0dbf2fc4d Make reverseProxy.configureAdmin not use config 
This way we can set things up before modifying config for dashboard switch
 2018-12-13 21:42:48 -08:00
Girish Ramakrishnan
e7294f2950 Make handleCertChanged take a callback 2018-12-11 11:02:32 -08:00
Girish Ramakrishnan
c9f325e75d renewCerts does not call callback 2018-12-11 10:49:04 -08:00
Girish Ramakrishnan
d2f4b68c9f Make certificate renewal a task 2018-12-10 20:48:10 -08:00
Girish Ramakrishnan
802011bb7e Fix args to shell.sudo 2018-11-25 14:57:51 -08:00
Girish Ramakrishnan
4142d7a050 Fix error handling of all the execSync usage 2018-11-23 13:11:15 -08:00
Girish Ramakrishnan
31823f6282 Check if result is not null 2018-11-23 13:11:15 -08:00
Girish Ramakrishnan
a3b1a2c781 Get the domain correctly from subject 2018-11-15 10:47:20 -08:00
Johannes Zellner
ab255e78c5 Make the cert subject match 2018-11-15 14:18:34 +01:00
Girish Ramakrishnan
eaf9b7f049 Add certificate.new event 2018-11-14 20:47:18 -08:00
Girish Ramakrishnan
b8df4d0b79 bare domains are getting continuously renewed 
the code is not handling the case where bare domain is not part
of the wildcard SAN.
 2018-11-14 20:47:15 -08:00
Girish Ramakrishnan
eb315f34dc Pass around domainObject 2018-11-14 20:32:14 -08:00
Girish Ramakrishnan
a3cc17705d Do not remove default.conf and admin.conf when re-configuring apps 2018-11-10 22:02:42 -08:00
Girish Ramakrishnan
6ec36c9605 Do not crash if platform.start fails 
With this change, the box code always starts up even if nginx fails,
docker fails etc.
 2018-11-10 18:34:37 -08:00