dave/coolify
1
0
Fork 0
Code Issues Pull Requests Actions 2 Packages Projects Releases Wiki Activity

feat(ssl): use new improved helper for SSL generation

Browse Source 
- use CA cert and key for SSL cert generation
- remove unused parameters
- add a few more echo with log output
This commit is contained in:
peaklabs-dev
2025-01-31 13:56:20 +01:00
parent 02475c5232
commit 85c777d2a4
1 changed files with 13 additions and 7 deletions
Download Patch File Download Diff File Expand all files Collapse all files

20
app/Actions/Database/StartPostgresql.php
View File

@@ -33,24 +33,30 @@ class StartPostgresql
$this->commands = [ $this->commands = [
"echo 'Starting database.'", "echo 'Starting database.'",
"echo 'Creating directories.'",
"mkdir -p $this->configuration_dir", "mkdir -p $this->configuration_dir",
"mkdir -p $this->configuration_dir/docker-entrypoint-initdb.d/", "mkdir -p $this->configuration_dir/docker-entrypoint-initdb.d/",
"mkdir -p $this->configuration_dir/ssl", "mkdir -p $this->configuration_dir/ssl",
"echo 'Directories created successfully.'",
]; ];
if ($this->database->enable_ssl) { if ($this->database->enable_ssl) {
$this->commands[] = "echo 'Setting up SSL certificate.'"; $this->commands[] = "echo 'Setting up SSL for this database.'";
$this->ssl_certificate = SslCertificate::where('resource_type', $this->database->getMorphClass()) $server = $this->database->destination->server;
->where('resource_id', $this->database->id)
->where('certificate_type', 'internal') $caCert = SslCertificate::where('server_id', $server->id)->firstOrFail();
->first();
$this->ssl_certificate = SslCertificate::where('resource_type', $this->database->getMorphClass())->where('resource_id', $this->database->id)->first();
if (! $this->ssl_certificate) { if (! $this->ssl_certificate) {
$this->commands[] = "echo 'Generating new SSL certificate.'"; $this->commands[] = "echo 'No SSL certificate found, generating new SSL certificate for this database.'";
$this->ssl_certificate = SslHelper::generateSslCertificate( $this->ssl_certificate = SslHelper::generateSslCertificate(
commonName: $this->database->uuid,
// additionalSans: ["IP:{$server->ip_address}"], // Issue is the server IP can be also be a domain/ hostname and we need to be sure what it is before setting it.
resourceType: $this->database->getMorphClass(), resourceType: $this->database->getMorphClass(),
resourceId: $this->database->id, resourceId: $this->database->id,
certificateType: 'internal', caCert: $caCert->ssl_certificate,
caKey: $caCert->ssl_private_key,
); );
$this->addSslFilesToFileStorage(); $this->addSslFilesToFileStorage();
} }