feat: ssl certificate sets custom ssl for applications

2022-09-23 15:21:19 +02:00
parent f9d94fa660
commit 4abe9c6fb2
10 changed files with 102 additions and 45 deletions
--- a/apps/api/src/routes/webhooks/traefik/handlers.ts
+++ b/apps/api/src/routes/webhooks/traefik/handlers.ts
@@ -6,7 +6,7 @@ import { TraefikOtherConfiguration } from "./types";
 import { OnlyId } from "../../../types";

 function configureMiddleware(
-	{ id, container, port, domain, nakedDomain, isHttps, isWWW, isDualCerts, scriptName, type },
+	{ id, container, port, domain, nakedDomain, isHttps, isWWW, isDualCerts, scriptName, type, isCustomSSL },
 	traefik
 ) {
 	if (isHttps) {
@@ -55,7 +55,7 @@ function configureMiddleware(
 				entrypoints: ['websecure'],
 				rule: `(Host(\`${nakedDomain}\`) || Host(\`www.${nakedDomain}\`)) && PathPrefix(\`/\`)`,
 				service: `${id}`,
-				tls: {
+				tls: isCustomSSL ? true : {
 					certresolver: 'letsencrypt'
 				},
 				middlewares: []
@@ -66,7 +66,7 @@ function configureMiddleware(
 					entrypoints: ['websecure'],
 					rule: `Host(\`www.${nakedDomain}\`) && PathPrefix(\`/\`)`,
 					service: `${id}`,
-					tls: {
+					tls: isCustomSSL ? true : {
 						certresolver: 'letsencrypt'
 					},
 					middlewares: []
@@ -99,7 +99,7 @@ function configureMiddleware(
 					entrypoints: ['websecure'],
 					rule: `Host(\`${domain}\`) && PathPrefix(\`/\`)`,
 					service: `${id}`,
-					tls: {
+					tls: isCustomSSL ? true : {
 						certresolver: 'letsencrypt'
 					},
 					middlewares: []
@@ -179,7 +179,7 @@ function configureMiddleware(
 export async function traefikConfiguration(request, reply) {
 	try {
 		const sslpath = '/etc/traefik/acme/custom';
-		const certificates = await prisma.certificate.findMany()
+		const certificates = await prisma.certificate.findMany({ where: { team: { applications: { some: { settings: { isCustomSSL: true } } }, destinationDocker: { some: { remoteEngine: false, isCoolifyProxyUsed: true } } } } })
 		let parsedCertificates = []
 		for (const certificate of certificates) {
 			parsedCertificates.push({
@@ -236,7 +236,7 @@ export async function traefikConfiguration(request, reply) {
 				port,
 				destinationDocker,
 				destinationDockerId,
-				settings: { previews, dualCerts }
+				settings: { previews, dualCerts, isCustomSSL }
 			} = application;
 			if (destinationDockerId) {
 				const { network, id: dockerId } = destinationDocker;
@@ -256,7 +256,8 @@ export async function traefikConfiguration(request, reply) {
 							isRunning,
 							isHttps,
 							isWWW,
-							isDualCerts: dualCerts
+							isDualCerts: dualCerts,
+							isCustomSSL
 						});
 					}
 					if (previews) {
@@ -279,7 +280,8 @@ export async function traefikConfiguration(request, reply) {
 									nakedDomain,
 									isHttps,
 									isWWW,
-									isDualCerts: dualCerts
+									isDualCerts: dualCerts,
+									isCustomSSL
 								});
 							}
 						}
@@ -547,7 +549,7 @@ export async function remoteTraefikConfiguration(request: FastifyRequest<OnlyId>
 	const { id } = request.params
 	try {
 		const sslpath = '/etc/traefik/acme/custom';
-		const certificates = await prisma.certificate.findMany({ where: { team: { destinationDocker: { some: { id, remoteEngine: true, isCoolifyProxyUsed: true, remoteVerified: true } } } } })
+		const certificates = await prisma.certificate.findMany({ where: { team: { applications: { some: { settings: { isCustomSSL: true } } }, destinationDocker: { some: { id, remoteEngine: true, isCoolifyProxyUsed: true, remoteVerified: true } } } } })
 		let parsedCertificates = []
 		for (const certificate of certificates) {
 			parsedCertificates.push({