fix(ssl): use mountPath parameter not a hardcoded path
This commit is contained in:
peaklabs-dev
@@ -79,6 +79,7 @@ class StartPostgresql
|
|||||||
caCert: $caCert->ssl_certificate,
|
caCert: $caCert->ssl_certificate,
|
||||||
caKey: $caCert->ssl_private_key,
|
caKey: $caCert->ssl_private_key,
|
||||||
configurationDir: $this->configuration_dir,
|
configurationDir: $this->configuration_dir,
|
||||||
|
mountPath: '/var/lib/postgresql/certs',
|
||||||
);
|
);
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
|
|||||||
@@ -24,7 +24,8 @@ class SslHelper
|
|||||||
?string $caCert = null,
|
?string $caCert = null,
|
||||||
?string $caKey = null,
|
?string $caKey = null,
|
||||||
bool $isCaCertificate = false,
|
bool $isCaCertificate = false,
|
||||||
?string $configurationDir = null
|
?string $configurationDir = null,
|
||||||
|
?string $mountPath = null
|
||||||
): SslCertificate {
|
): SslCertificate {
|
||||||
|
|
||||||
try {
|
try {
|
||||||
@@ -115,17 +116,17 @@ class SslHelper
|
|||||||
'subject_alternative_names' => $subjectAlternativeNames,
|
'subject_alternative_names' => $subjectAlternativeNames,
|
||||||
]);
|
]);
|
||||||
|
|
||||||
if ($configurationDir && $resourceType && $resourceId) {
|
if ($configurationDir && $mountPath && $resourceType && $resourceId) {
|
||||||
$model = app($resourceType)->find($resourceId);
|
$model = app($resourceType)->find($resourceId);
|
||||||
|
|
||||||
$model->fileStorages()
|
$model->fileStorages()
|
||||||
->where('resource_type', $model->getMorphClass())
|
->where('resource_type', $model->getMorphClass())
|
||||||
->where('resource_id', $model->id)
|
->where('resource_id', $model->id)
|
||||||
->get()
|
->get()
|
||||||
->filter(function ($storage) {
|
->filter(function ($storage) use ($mountPath) {
|
||||||
return in_array($storage->mount_path, [
|
return in_array($storage->mount_path, [
|
||||||
'/var/lib/postgresql/certs/server.crt',
|
$mountPath.'/server.crt',
|
||||||
'/var/lib/postgresql/certs/server.key',
|
$mountPath.'/server.key',
|
||||||
]);
|
]);
|
||||||
})
|
})
|
||||||
->each(function ($storage) {
|
->each(function ($storage) {
|
||||||
@@ -134,7 +135,7 @@ class SslHelper
|
|||||||
|
|
||||||
$model->fileStorages()->create([
|
$model->fileStorages()->create([
|
||||||
'fs_path' => $configurationDir.'/ssl/server.crt',
|
'fs_path' => $configurationDir.'/ssl/server.crt',
|
||||||
'mount_path' => '/var/lib/postgresql/certs/server.crt',
|
'mount_path' => $mountPath.'/server.crt',
|
||||||
'content' => $certificateStr,
|
'content' => $certificateStr,
|
||||||
'is_directory' => false,
|
'is_directory' => false,
|
||||||
'chmod' => '644',
|
'chmod' => '644',
|
||||||
@@ -144,7 +145,7 @@ class SslHelper
|
|||||||
|
|
||||||
$model->fileStorages()->create([
|
$model->fileStorages()->create([
|
||||||
'fs_path' => $configurationDir.'/ssl/server.key',
|
'fs_path' => $configurationDir.'/ssl/server.key',
|
||||||
'mount_path' => '/var/lib/postgresql/certs/server.key',
|
'mount_path' => $mountPath.'/server.key',
|
||||||
'content' => $privateKeyStr,
|
'content' => $privateKeyStr,
|
||||||
'is_directory' => false,
|
'is_directory' => false,
|
||||||
'chmod' => '600',
|
'chmod' => '600',
|
||||||
|
|||||||
Reference in New Issue
Block a user