jjkiers/cloudron-box
1
0
Fork 0
Code Issues Pull Requests 1 Actions Packages Projects Releases Wiki Activity
4,160 Commits 33 Branches 583 Tags
fc5fa621f31b50ad9d8314f6df7a233df1b9d7d7
Commit Graph

84 Commits

Author SHA1 Message Date
Johannes Zellner
801c40420c Create setup nginx config and cert for ip setup 2017-01-05 16:02:03 +01:00
Johannes Zellner
d9865f9b0f Allow box to startup without fqdn 2017-01-05 14:02:04 +01:00
Girish Ramakrishnan
54a388af5e Add debug 2016-12-15 07:30:38 -08:00
Girish Ramakrishnan
de1c677e75 Simply get admin cert after waiting for dns 
Removes some specialized code that was in installAdminCertificate.
 2016-12-14 14:52:42 -08:00
Girish Ramakrishnan
d475d9bcbf Make waitForDns provider specific 
This will allow us to create a proper 'noop' backend that does
not wait for dns to be in sync. This is required for local/intranet
setups.
 2016-12-14 14:43:20 -08:00
Girish Ramakrishnan
bf095f0698 Skip admin cert installation with fallback tls provider 2016-12-13 18:58:07 -08:00
Johannes Zellner
7d93cfaac1 Add missing return 
Fixes #128
 2016-12-06 17:26:56 +01:00
Johannes Zellner
b1be65d9ce Add fallback certificate backend 2016-12-05 17:01:23 +01:00
Girish Ramakrishnan
eaa747fe39 do not install admin certs during test 2016-10-25 11:36:56 -07:00
Girish Ramakrishnan
cd94d8f433 Save user certs separately from automatic certs 
Fixing the admin cert is a bit more complex since it is used in
setup script as well. Can do that in a later task.

Fixes #44
 2016-09-12 01:44:16 -07:00
Girish Ramakrishnan
e0d4c1adc1 use support instead of admin 2016-07-27 11:48:03 -07:00
Girish Ramakrishnan
d4d07e27c0 send email for certificate renewal error 2016-07-26 16:37:10 -07:00
Girish Ramakrishnan
e9e09e66c3 remove unused variables 2016-07-26 16:37:10 -07:00
Girish Ramakrishnan
1caf4e9e76 remove the isConfigured check entirely 
good thing is that we will not check if the my. cert is valid each
time on start up which will work out well when restoring from
old backups with an outdated cert.
 2016-07-06 10:11:54 -05:00
Johannes Zellner
53d03698ad Setup admin certs if we are configured 2016-07-04 10:18:39 +02:00
Girish Ramakrishnan
f9ed725002 wait (practically) forever for admin DNS propagation 2016-06-22 16:00:03 -05:00
Girish Ramakrishnan
8cfbf92adc fix acme prod setting detection 2016-06-22 15:55:53 -05:00
Girish Ramakrishnan
f84de690ce pass retry options to waitForDns 2016-06-21 15:12:36 -05:00
Girish Ramakrishnan
a4e73be834 pass auditSource for certificate renewal 2016-06-02 18:54:45 -07:00
Girish Ramakrishnan
2768c3a336 acme: configure prod based on caas or acme 2016-05-23 09:48:17 -07:00
Johannes Zellner
0d6637de27 Avoid circular dependencies with apps and certificates 2016-05-06 18:44:37 +02:00
Girish Ramakrishnan
c4ae9526af look for fallback cert in nginx cert dir 2016-05-05 13:52:08 -07:00
Girish Ramakrishnan
8d79ac9ae0 provide tls cert and key to mail server 
haraka requires tls certs for:
1. supporting AUTH
2. port 587 support (MSA)

currently, we just reuse the cert for the admin domain. Otherwise,
we have to setup dns etc to get a new cert. While doable, its' not
necessary right now.
 2016-05-05 13:18:17 -07:00
Girish Ramakrishnan
fc8bf82993 Add getters for fallback and admin cert 2016-05-04 17:37:21 -07:00
Girish Ramakrishnan
ffedbdfa13 various minor fixes to eventlog 2016-05-02 10:01:23 -07:00
Girish Ramakrishnan
a969e323a6 what if cron was a username 2016-05-01 11:48:29 -07:00
Girish Ramakrishnan
c4ad6c803f add certificate renew event 2016-04-30 22:27:33 -07:00
Girish Ramakrishnan
9c9f82e2c5 fix usage of waitForDns 2016-04-26 11:09:14 -07:00
Girish Ramakrishnan
9893dd6640 make waitfordns get the zone itself 2016-04-25 10:52:12 -07:00
Girish Ramakrishnan
aab035f7b9 use the acme backend when using altDomain 2016-04-25 10:52:12 -07:00
Girish Ramakrishnan
0e825272ae ensureCertificate now takes app object 2016-04-25 10:52:12 -07:00
Girish Ramakrishnan
46fee9e431 use config.adminFqdn instead 2016-04-25 10:52:12 -07:00
Girish Ramakrishnan
a215443c56 do not renew apps without any cert 
autoRenew was mistakenly reconfiguring app without a cert (this
is the common case for apps in non-custom domain)
 2016-03-23 08:49:08 -07:00
girish@cloudron.io
b1f172ed17 trim the output string 2016-03-21 08:25:10 -07:00
Girish Ramakrishnan
11513f9428 send a message for cert renewal status 2016-03-19 20:40:03 -07:00
Girish Ramakrishnan
5042741435 renew cert every 12 hours 2016-03-19 20:30:01 -07:00
Girish Ramakrishnan
8c36f3aab4 add debug for fallback case 2016-03-19 18:37:05 -07:00
Girish Ramakrishnan
ea87841e77 merge fallback cert job into renewal 
this is becase we need to reconfigure for the case where we got a
renewed cert (but the app was switched to fallback cert at some point)
 2016-03-19 13:54:52 -07:00
Girish Ramakrishnan
20629ea078 fix linter errors 2016-03-19 13:22:38 -07:00
Girish Ramakrishnan
b1b6a9ae65 reconfigure admin using configureAdmin 2016-03-19 12:54:11 -07:00
Girish Ramakrishnan
7ddbf7b652 refactor expiry check 2016-03-19 12:50:31 -07:00
Girish Ramakrishnan
3d088aa9c4 fix debug message 2016-03-19 12:31:48 -07:00
Girish Ramakrishnan
f329e0da92 fix typo 2016-03-19 12:14:23 -07:00
Girish Ramakrishnan
a58a458950 do not abbrev 2016-03-19 12:11:28 -07:00
Girish Ramakrishnan
44c5f84c56 Fix usage of isExpiringSync 2016-03-19 12:06:13 -07:00
Girish Ramakrishnan
d6b92ee301 remove Job suffix 2016-03-19 10:25:19 -07:00
Girish Ramakrishnan
5d54c9e668 check my domain for expiry and falling back 2016-03-18 23:43:56 -07:00
Girish Ramakrishnan
adaaca5ceb switch expired certs of domains to use fallback cert 
1) nginx won't reload when using expired certs
2) this is the only way the user can use the app now
 2016-03-18 23:26:57 -07:00
Girish Ramakrishnan
4a73e1490e Refactor code to take hours 2016-03-18 23:00:02 -07:00
Girish Ramakrishnan
f31a7a5061 use fallback certs if renewal fails 2016-03-17 12:20:02 -07:00