yeswiki/yeswiki-installer
1
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity Actions

feat(cli) : add certificate for domains WIP

Browse source
This commit is contained in:
mrflos 2022-09-06 17:10:16 +03:00
parent 8a62a447a8
commit 521f5b6be8
2 changed files with 25 additions and 2 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

10
templates/nginx-maindomain.php
View file

@ -18,7 +18,9 @@ server {
server_name www.<?=$this->e($domain)?>;
include h5bp/tls/ssl_engine.conf;
include h5bp/tls/certificate_files.conf;
ssl_certificate /etc/letsencrypt/live/<?=$this->e($domain)?>/fullchain.pem;
ssl_certificate_key /etc/letsencrypt/live/<?=$this->e($domain)?>/key.pem;
ssl_trusted_certificate /etc/letsencrypt/live/<?=$this->e($domain)?>/ca.pem;
include h5bp/tls/policy_strict.conf;
return 301 $scheme://<?=$this->e($domain)?>$request_uri;
@ -33,7 +35,13 @@ server {
server_name <?=$this->e($domain)?>;
include h5bp/tls/ssl_engine.conf;
<?php if ($subDomain) : ?>
include h5bp/tls/certificate_files.conf;
<?php else : ?>
ssl_certificate /etc/letsencrypt/live/<?=$this->e($domain)?>/fullchain.pem;
ssl_certificate_key /etc/letsencrypt/live/<?=$this->e($domain)?>/key.pem;
ssl_trusted_certificate /etc/letsencrypt/live/<?=$this->e($domain)?>/ca.pem;
<?php endif ?>
include h5bp/tls/policy_strict.conf;
# Path for static files

17
utils.inc.php
View file

@ -155,7 +155,17 @@ function createNginxConfig($domain, $user, $herseUser, $hersePass)
$herseUser.':'.password_hash($hersePass, PASSWORD_BCRYPT)
);
}
echo 'DIR:'.dirname(__FILE__);
$subDomain = preg_match('/.'.$_SERVER['maindomain'].'$/isU', $domain, $matches, PREG_OFFSET_CAPTURE, 0);
if (!$subDomain) {
exec('acme.sh --issue -d '.$domain.' -d www.'.$domain.' -k ec-384 -w /home/'.$user.'/'.$domain, $output);
exec('mkdir -p /etc/letsencrypt/live/'.$domain, $output);
exec('acme.sh --install-cert -d '.$domain.' --ecc \
--cert-file /etc/letsencrypt/live/'.$domain.'/cert.pem \
--key-file /etc/letsencrypt/live/'.$domain.'/key.pem \
--fullchain-file /etc/letsencrypt/live/'.$domain.'/fullchain.pem \
--ca-file /etc/letsencrypt/live/'.$domain.'/ca.pem \
--reloadcmd "systemctl restart nginx.service"', $output);
}
$templates = new League\Plates\Engine(dirname(__FILE__).'/templates');
file_put_contents(
$nginxFile,
@ -166,6 +176,7 @@ function createNginxConfig($domain, $user, $herseUser, $hersePass)
'user' => $user,
'herseUser' => $herseUser,
'hersePass' => $hersePass,
'subdomain' => $subDomain,
]
)
);
@ -200,6 +211,10 @@ function copyYesWikiFiles($domain, $user)
{
$destDir = '/home'.'/'.$user.'/'.$domain;
exec('mkdir -p '.$destDir, $output);
exec('mkdir -p '.$destDir.'/cache', $output);
exec('mkdir -p '.$destDir.'/custom', $output);
exec('mkdir -p '.$destDir.'/files', $output);
exec('mkdir -p '.$destDir.'/files', $output);
// TODO : handle errors
return;
}