Accueil Explorer Aide
Connexion
yosoyhendrix
/
hestiacp
1
0
Fork 0
Fichiers Tickets 0 Pull Requests 0 Wiki
Parcourir la source

fix for #2176, #2041 - Temporarily disable HTTPS redirection and force SSL when renewing LE certificate (#2304)

* fix for #2176, #2041

* Resolve comments on PR

- Replace source conf with the more secure: 
parse_object_kv_list
- $SSL_FORCE, $REDIRECT_CODE and $REDIRECT where allready availble and don't require a lookup 
- Add a final restart of the webservers when command is complete  to make sure the config has been reloaded with the correct settings

* Fix shellcheck error

* Remove irrelevant spaces.

Co-authored-by: SAF <saf@advina.ru>
Co-authored-by: Jaap Marcus <9754650+jaapmarcus@users.noreply.github.com>
Co-authored-by: Raphael Schneeberger <rs@scit.ch>
safhome il y a 4 ans
Parent
d13b60a571
commit
a5af334e91
1 fichiers modifiés avec 27 ajouts et 3 suppressions
Vue séparée Afficher les stats Diff
  1. 27 3
      bin/v-update-letsencrypt-ssl

+ 27 - 3
bin/v-update-letsencrypt-ssl
Voir le fichier 

@@ -67,8 +67,8 @@ for user in $($HESTIA/bin/v-list-sys-users plain); do
 
             aliases=$(echo "$aliases" |egrep -v "^$domain,?$")
 
             aliases=$(echo "$aliases" |sed -e ':a;N;$!ba;s/\n/,/g')
 
 
-            # Source domain.conf
 
-            source <(cat $HESTIA/data/users/$user/web.conf | grep "DOMAIN='$domain'")
 
+            # Parsing domain
 
+            parse_object_kv_list $(grep "DOMAIN='$domain'" $USER_DATA/web.conf)
 
 
             # Split aliases into array
 
             IFS=',' read -r -a ALIASES <<< "$ALIAS"
 
@@ -88,7 +88,18 @@ for user in $($HESTIA/bin/v-list-sys-users plain); do
 
             if [[ ${f_aliases: -1} = ',' ]] ; then f_aliases=${f_aliases::-1}; fi
 
 
             # Write the filtered alias list to the default var
 
-            aliases=$f_aliases
 
+            aliases=$f_aliases    
+
 
+            domain_redirect="$REDIRECT"
 
+            if [[ -n "$domain_redirect"  ]] ; then
 
+            	domain_redirect_code="$REDIRECT_CODE"
 
+                $BIN/v-delete-web-domain-redirect $user $domain
 
+            fi
 
+
 
+            domain_forcessl="$SSL_FORCE"
 
+            if [[ "$domain_forcessl" == 'yes' ]] ; then
 
+                $BIN/v-delete-web-domain-ssl-force $user $domain
 
+            fi
 
 
             msg=$($BIN/v-add-letsencrypt-domain "$user" "$domain" "$aliases")
 
             if [ $? -ne 0 ]; then
 
@@ -103,6 +114,13 @@ for user in $($HESTIA/bin/v-list-sys-users plain); do
 
             else
 
                 $BIN/v-log-action "$user" "Info" "Web" "Let's Encrypt SSL certificate renewed (Domain: $domain)."
 
             fi
 
+            if [[ "$domain_forcessl" == 'yes' ]] ; then
 
+                $BIN/v-add-web-domain-ssl-force $user $domain
 
+            fi
 
+            if [[ -n "$domain_redirect" ]] ; then
 
+                $BIN/v-add-web-domain-redirect $user $domain $domain_redirect $domain_redirect_code
 
+            fi
 
+
 
         fi
 
     done
 
 
@@ -147,6 +165,12 @@ for user in $($HESTIA/bin/v-list-sys-users plain); do
 
 
 done
 
 
+$HESTIA/bin/v-restart-web yes
 
+if [ -n "$PROXY_SYSTEM" ]; then
 
+    $HESTIA/bin/v-restart-proxy yes
 
+fi
 
+
 
+
 
 #----------------------------------------------------------#
 
 #                        Hestia                            #
 
 #----------------------------------------------------------#