feat: DNS check settings for SSL generation

2022-04-30 13:21:18 +02:00
parent 646d92757a
commit 0eb7f4526e
6 changed files with 145 additions and 69 deletions
--- a/prisma/migrations/20220430111953_ssl_dns_check_settings/migration.sql
+++ b/prisma/migrations/20220430111953_ssl_dns_check_settings/migration.sql
@@ -0,0 +1,23 @@
 -- RedefineTables
 PRAGMA foreign_keys=OFF;
 CREATE TABLE "new_Setting" (
    "id" TEXT NOT NULL PRIMARY KEY,
    "fqdn" TEXT,
    "isRegistrationEnabled" BOOLEAN NOT NULL DEFAULT false,
    "dualCerts" BOOLEAN NOT NULL DEFAULT false,
    "minPort" INTEGER NOT NULL DEFAULT 9000,
    "maxPort" INTEGER NOT NULL DEFAULT 9100,
    "proxyPassword" TEXT NOT NULL,
    "proxyUser" TEXT NOT NULL,
    "proxyHash" TEXT,
    "isAutoUpdateEnabled" BOOLEAN NOT NULL DEFAULT false,
    "isDNSCheckEnabled" BOOLEAN NOT NULL DEFAULT true,
    "createdAt" DATETIME NOT NULL DEFAULT CURRENT_TIMESTAMP,
    "updatedAt" DATETIME NOT NULL
 );
 INSERT INTO "new_Setting" ("createdAt", "dualCerts", "fqdn", "id", "isAutoUpdateEnabled", "isRegistrationEnabled", "maxPort", "minPort", "proxyHash", "proxyPassword", "proxyUser", "updatedAt") SELECT "createdAt", "dualCerts", "fqdn", "id", "isAutoUpdateEnabled", "isRegistrationEnabled", "maxPort", "minPort", "proxyHash", "proxyPassword", "proxyUser", "updatedAt" FROM "Setting";
 DROP TABLE "Setting";
 ALTER TABLE "new_Setting" RENAME TO "Setting";
 CREATE UNIQUE INDEX "Setting_fqdn_key" ON "Setting"("fqdn");
 PRAGMA foreign_key_check;
 PRAGMA foreign_keys=ON;
--- a/prisma/schema.prisma
+++ b/prisma/schema.prisma
@@ -19,6 +19,7 @@ model Setting {
  proxyUser             String
  proxyHash             String?
  isAutoUpdateEnabled   Boolean  @default(false)
  isDNSCheckEnabled     Boolean  @default(true)
  createdAt             DateTime @default(now())
  updatedAt             DateTime @updatedAt
 }
--- a/src/lib/letsencrypt/index.ts
+++ b/src/lib/letsencrypt/index.ts
@@ -109,6 +109,7 @@ export async function generateSSLCerts(): Promise<void> {
 		include: { destinationDocker: true, settings: true },
 		orderBy: { createdAt: 'desc' }
 	});
 	const { fqdn, isDNSCheckEnabled } = await db.prisma.setting.findFirst();
 	for (const application of applications) {
 		try {
 			if (application.fqdn && application.destinationDockerId) {
@@ -147,7 +148,6 @@ export async function generateSSLCerts(): Promise<void> {
 		}
 	}
 	const services = await listServicesWithIncludes();
 	for (const service of services) {
 		try {
 			if (service.fqdn && service.destinationDockerId) {
@@ -171,7 +171,6 @@ export async function generateSSLCerts(): Promise<void> {
 			console.log(`Error during generateSSLCerts with ${service.fqdn}: ${error}`);
 		}
 	}
 	const { fqdn } = await db.prisma.setting.findFirst();
 	if (fqdn) {
 		const domain = getDomain(fqdn);
 		const isHttps = fqdn.startsWith('https://');
@@ -193,6 +192,7 @@ export async function generateSSLCerts(): Promise<void> {
 				file.endsWith('.pem') && certificates.push(file.replace(/\.pem$/, ''));
 			}
 		}
 		if (isDNSCheckEnabled) {
 			const resolver = new dns.Resolver({ timeout: 2000 });
 			resolver.setServers(['8.8.8.8', '1.1.1.1']);
 			let ipv4, ipv6;
@@ -263,5 +263,30 @@ export async function generateSSLCerts(): Promise<void> {
 					}
 				}
 			}
 		} else {
 			if (!dev) {
 				for (const ssl of ssls) {
 					if (
 						certificates.includes(ssl.domain) ||
 						certificates.includes(ssl.domain.replace('www.', ''))
 					) {
 					} else {
 						console.log('Generating SSL for', ssl.domain);
 						return await letsEncrypt(ssl.domain, ssl.id, ssl.isCoolify);
 					}
 				}
 			} else {
 				for (const ssl of ssls) {
 					if (
 						certificates.includes(ssl.domain) ||
 						certificates.includes(ssl.domain.replace('www.', ''))
 					) {
 						console.log(`Certificate for ${ssl.domain} already exists`);
 					} else {
 						console.log('Generating SSL for', ssl.domain);
 					}
 				}
 			}
 		}
 	}
 }
--- a/src/lib/locales/en.json
+++ b/src/lib/locales/en.json
@@ -308,7 +308,10 @@
 		"coolify_proxy_settings": "Coolify Proxy Settings",
 		"credential_stat_explainer": "Credentials for <a class=\"text-white font-bold\" href=\"{{link}}\" target=\"_blank\">stats</a> page.",
 		"auto_update_enabled": "Auto update enabled?",
-		"auto_update_enabled_explainer": "Enable automatic updates for Coolify. It will be done automatically behind the scenes, if there is no build process running."
+		"auto_update_enabled_explainer": "Enable automatic updates for Coolify. It will be done automatically behind the scenes, if there is no build process running.",
 		"generate_www_non_www_ssl": "It will generate certificates for both www and non-www. <br>You need to have <span class='font-bold text-yellow-500'>both DNS entries</span> set in advance.<br><br>Service needs to be restarted.",
 		"is_dns_check_enabled": "DNS check enabled?",
 		"is_dns_check_enabled_explainer": "Enable DNS check during SSL certificate generation. <br>It will check if the DNS entries are set correctly, before trying to get a new cert from Let's Encrypt."
 	},
 	"team": {
 		"pending_invitations": "Pending invitations",
--- a/src/routes/settings/index.json.ts
+++ b/src/routes/settings/index.json.ts
@@ -64,13 +64,20 @@ export const post: RequestHandler = async (event) => {
 		};
 	if (status === 401) return { status, body };
-	const { fqdn, isRegistrationEnabled, dualCerts, minPort, maxPort, isAutoUpdateEnabled } =
+	const {
-		await event.request.json();
+		fqdn,
 		isRegistrationEnabled,
 		dualCerts,
 		minPort,
 		maxPort,
 		isAutoUpdateEnabled,
 		isDNSCheckEnabled
 	} = await event.request.json();
 	try {
 		const { id } = await db.listSettings();
 		await db.prisma.setting.update({
 			where: { id },
-			data: { isRegistrationEnabled, dualCerts, isAutoUpdateEnabled }
+			data: { isRegistrationEnabled, dualCerts, isAutoUpdateEnabled, isDNSCheckEnabled }
 		});
 		if (fqdn) {
 			await db.prisma.setting.update({ where: { id }, data: { fqdn } });
--- a/src/routes/settings/index.svelte
+++ b/src/routes/settings/index.svelte
@@ -43,6 +43,7 @@
 	let isRegistrationEnabled = settings.isRegistrationEnabled;
 	let dualCerts = settings.dualCerts;
 	let isAutoUpdateEnabled = settings.isAutoUpdateEnabled;
 	let isDNSCheckEnabled = settings.isDNSCheckEnabled;
 	let minPort = settings.minPort;
 	let maxPort = settings.maxPort;
@@ -78,7 +79,15 @@
 			if (name === 'isAutoUpdateEnabled') {
 				isAutoUpdateEnabled = !isAutoUpdateEnabled;
 			}
-			await post(`/settings.json`, { isRegistrationEnabled, dualCerts, isAutoUpdateEnabled });
+			if (name === 'isDNSCheckEnabled') {
 				isDNSCheckEnabled = !isDNSCheckEnabled;
 			}
 			await post(`/settings.json`, {
 				isRegistrationEnabled,
 				dualCerts,
 				isAutoUpdateEnabled,
 				isDNSCheckEnabled
 			});
 			return toast.push(t.get('application.settings_saved'));
 		} catch ({ error }) {
 			return errorNotification(error);
@@ -176,13 +185,21 @@
 						/>
 					</div>
 				</div>
 				<div class="grid grid-cols-2 items-center">
 					<Setting
 						bind:setting={isDNSCheckEnabled}
 						title={$t('setting.is_dns_check_enabled')}
 						description={$t('setting.is_dns_check_enabled_explainer')}
 						on:click={() => changeSettings('isDNSCheckEnabled')}
 					/>
 				</div>
 				<div class="grid grid-cols-2 items-center">
 					<Setting
 						dataTooltip={$t('setting.must_remove_domain_before_changing')}
 						disabled={isFqdnSet}
 						bind:setting={dualCerts}
 						title={$t('application.ssl_www_and_non_www')}
-						description={$t('services.generate_www_non_www_ssl')}
+						description={$t('setting.generate_www_non_www_ssl')}
 						on:click={() => !isFqdnSet && changeSettings('dualCerts')}
 					/>
 				</div>