jjkiers/cloudron-box
1
0
Fork 0
Code Issues Pull Requests 1 Actions Packages Projects Releases Wiki Activity
5,624 Commits 33 Branches 583 Tags
d1efb2db569add2f36888890b4f45df77da9bba4
Commit Graph

110 Commits

Author SHA1 Message Date
Johannes Zellner
d164f881ca Bring back code for alt domain match 
There are no actual tests for this yet. Should be added.
 2017-05-11 21:55:29 +02:00
Johannes Zellner
4994a5da49 Use -checkhost openssl subcommand 2017-05-11 21:31:01 +02:00
Johannes Zellner
05fcdb0a67 Extract CN from cert with JS 
unlike the sed script, this does not rely on the order openssl reports the subject entities
 2017-05-11 15:19:02 +02:00
Johannes Zellner
23827974d8 Fix certificate validation to work with new openssl version as well 2017-05-11 14:58:29 +02:00
Girish Ramakrishnan
e3c72fa6ce remove src/ prefix in debug tags 2017-04-23 21:53:59 -07:00
Girish Ramakrishnan
cdb5dc2c53 Remove isDev flag 
We can pretty much test everything here on self-hosted cloudrons now
 2017-04-13 11:34:03 -07:00
Girish Ramakrishnan
b604caec72 Get rid of x509 module 
This is the last of the "native" modules. These modules take forever
to rebuild in low memory machines
 2017-02-24 21:01:48 -08:00
Johannes Zellner
4217db9e18 Ensure we don't crash if domain is not a string 
Fixes #219
 2017-02-13 13:21:25 +01:00
Girish Ramakrishnan
b91674799b Create/destroy event listeners 
mocha loads all the tests in same process. This means that when
we start a new test, the old state still persists. For event
listeners, this means that they get multiple duplicate event handlers.
 2017-02-07 10:30:52 -08:00
Girish Ramakrishnan
1262d11cb3 Prefix event enum with EVENT_ 2017-01-17 23:18:08 -08:00
Girish Ramakrishnan
ebf1dc1b08 listen for cert changed events and restart mail container 
neither haraka nor dovecot restarts on cert change

Fixes #47
 2017-01-17 10:59:00 -08:00
Girish Ramakrishnan
7dd52779dc generate cert files for mail container 
this allows us to not track paths anymore

part of #47
 2017-01-17 10:21:44 -08:00
Girish Ramakrishnan
db50382b18 check user cert and then the le cert 
part of #47
 2017-01-17 09:59:40 -08:00
Girish Ramakrishnan
32b061c768 user certs are saved with extension user.cert/key 
part of #47
 2017-01-17 09:59:30 -08:00
Girish Ramakrishnan
740e85d28c make code a bit readable 2017-01-17 09:57:15 -08:00
Girish Ramakrishnan
b99438e550 remove unused function 2017-01-17 09:18:48 -08:00
Johannes Zellner
f2e8f325d1 Correct debug lines for cert renewal or not existing 2017-01-17 10:35:42 +01:00
Girish Ramakrishnan
da2aecc76a Save generated fallback certs as part of the backup 
this way we don't get a new cert across restarts
 2017-01-14 13:18:54 -08:00
Johannes Zellner
5d739f012c Never use the cloudron email account for LetsEncrypt 2017-01-10 18:14:59 +01:00
Girish Ramakrishnan
9e8f120fdd Make ensureFallbackCertificate error without a domain 2017-01-09 10:28:28 -08:00
Girish Ramakrishnan
3b9b9a1629 ensure fallback cert exists before platform is started 2017-01-09 10:28:28 -08:00
Johannes Zellner
a243478fff Create separate ip and my. domain nginx configs 2017-01-06 16:01:49 +01:00
Girish Ramakrishnan
0b68d1c9aa Reconfigure admin when domain gets set 2017-01-06 10:23:10 +01:00
Girish Ramakrishnan
cc9904c8c7 Move nginx config and cert generation to box code 2017-01-06 10:23:10 +01:00
Girish Ramakrishnan
16ab523cb2 Store IP certs as part of nginx cert dir (otherwise, it will get backed up) 2017-01-06 10:23:10 +01:00
Johannes Zellner
38c542b05a Add route to check dns and cert status 2017-01-05 20:37:26 +01:00
Johannes Zellner
801c40420c Create setup nginx config and cert for ip setup 2017-01-05 16:02:03 +01:00
Johannes Zellner
d9865f9b0f Allow box to startup without fqdn 2017-01-05 14:02:04 +01:00
Girish Ramakrishnan
54a388af5e Add debug 2016-12-15 07:30:38 -08:00
Girish Ramakrishnan
de1c677e75 Simply get admin cert after waiting for dns 
Removes some specialized code that was in installAdminCertificate.
 2016-12-14 14:52:42 -08:00
Girish Ramakrishnan
d475d9bcbf Make waitForDns provider specific 
This will allow us to create a proper 'noop' backend that does
not wait for dns to be in sync. This is required for local/intranet
setups.
 2016-12-14 14:43:20 -08:00
Girish Ramakrishnan
bf095f0698 Skip admin cert installation with fallback tls provider 2016-12-13 18:58:07 -08:00
Johannes Zellner
7d93cfaac1 Add missing return 
Fixes #128
 2016-12-06 17:26:56 +01:00
Johannes Zellner
b1be65d9ce Add fallback certificate backend 2016-12-05 17:01:23 +01:00
Girish Ramakrishnan
eaa747fe39 do not install admin certs during test 2016-10-25 11:36:56 -07:00
Girish Ramakrishnan
cd94d8f433 Save user certs separately from automatic certs 
Fixing the admin cert is a bit more complex since it is used in
setup script as well. Can do that in a later task.

Fixes #44
 2016-09-12 01:44:16 -07:00
Girish Ramakrishnan
e0d4c1adc1 use support instead of admin 2016-07-27 11:48:03 -07:00
Girish Ramakrishnan
d4d07e27c0 send email for certificate renewal error 2016-07-26 16:37:10 -07:00
Girish Ramakrishnan
e9e09e66c3 remove unused variables 2016-07-26 16:37:10 -07:00
Girish Ramakrishnan
1caf4e9e76 remove the isConfigured check entirely 
good thing is that we will not check if the my. cert is valid each
time on start up which will work out well when restoring from
old backups with an outdated cert.
 2016-07-06 10:11:54 -05:00
Johannes Zellner
53d03698ad Setup admin certs if we are configured 2016-07-04 10:18:39 +02:00
Girish Ramakrishnan
f9ed725002 wait (practically) forever for admin DNS propagation 2016-06-22 16:00:03 -05:00
Girish Ramakrishnan
8cfbf92adc fix acme prod setting detection 2016-06-22 15:55:53 -05:00
Girish Ramakrishnan
f84de690ce pass retry options to waitForDns 2016-06-21 15:12:36 -05:00
Girish Ramakrishnan
a4e73be834 pass auditSource for certificate renewal 2016-06-02 18:54:45 -07:00
Girish Ramakrishnan
2768c3a336 acme: configure prod based on caas or acme 2016-05-23 09:48:17 -07:00
Johannes Zellner
0d6637de27 Avoid circular dependencies with apps and certificates 2016-05-06 18:44:37 +02:00
Girish Ramakrishnan
c4ae9526af look for fallback cert in nginx cert dir 2016-05-05 13:52:08 -07:00
Girish Ramakrishnan
8d79ac9ae0 provide tls cert and key to mail server 
haraka requires tls certs for:
1. supporting AUTH
2. port 587 support (MSA)

currently, we just reuse the cert for the admin domain. Otherwise,
we have to setup dns etc to get a new cert. While doable, its' not
necessary right now.
 2016-05-05 13:18:17 -07:00
Girish Ramakrishnan
fc8bf82993 Add getters for fallback and admin cert 2016-05-04 17:37:21 -07:00