dave/coolify
1
0
Fork 0
Code Issues Pull Requests Actions 2 Packages Projects Releases Wiki Activity

fix(ssl): regenerating certs for a specific DB

Browse Source 
- fix: add mount path to make file mounts work correctly
- fix: get CA cert of the server not some random cert
This commit is contained in:
peaklabs-dev
2025-02-05 21:22:54 +01:00
parent ba24630c28
commit 951a454cbc
3 changed files with 24 additions and 15 deletions
Download Patch File Download Diff File Expand all files Collapse all files

13
app/Livewire/Project/Database/Mariadb/General.php
View File

@@ -158,10 +158,9 @@ class General extends Component
public function regenerateSslCertificate() public function regenerateSslCertificate()
{ {
try { try {
$server = $this->database->destination->server;
$existingCert = SslCertificate::where('resource_type', $this->database->getMorphClass()) $existingCert = SslCertificate::where('resource_type', $this->database->getMorphClass())
->where('resource_id', $this->database->id) ->where('resource_id', $this->database->id)
->where('server_id', $this->server->id)
->first(); ->first();
if (! $existingCert) { if (! $existingCert) {
@@ -170,7 +169,10 @@ class General extends Component
return; return;
} }
$caCert = SslCertificate::where('server_id', $server->id)->firstOrFail(); $caCertificate = SslCertificate::where('server_id', $this->server->id)
->where('resource_type', null)
->where('resource_id', null)
->first();
SslHelper::generateSslCertificate( SslHelper::generateSslCertificate(
commonName: $existingCert->common_name, commonName: $existingCert->common_name,
@@ -178,9 +180,10 @@ class General extends Component
resourceType: $existingCert->resource_type, resourceType: $existingCert->resource_type,
resourceId: $existingCert->resource_id, resourceId: $existingCert->resource_id,
serverId: $existingCert->server_id, serverId: $existingCert->server_id,
caCert: $caCert->ssl_certificate, caCert: $caCertificate->ssl_certificate,
caKey: $caCert->ssl_private_key, caKey: $caCertificate->ssl_private_key,
configurationDir: $existingCert->configuration_dir, configurationDir: $existingCert->configuration_dir,
mountPath: '/var/lib/mysql/certs',
); );
$this->dispatch('success', 'SSL certificates have been regenerated. Please restart the database for changes to take effect.'); $this->dispatch('success', 'SSL certificates have been regenerated. Please restart the database for changes to take effect.');

13
app/Livewire/Project/Database/Mysql/General.php
View File

@@ -158,10 +158,9 @@ class General extends Component
public function regenerateSslCertificate() public function regenerateSslCertificate()
{ {
try { try {
$server = $this->database->destination->server;
$existingCert = SslCertificate::where('resource_type', $this->database->getMorphClass()) $existingCert = SslCertificate::where('resource_type', $this->database->getMorphClass())
->where('resource_id', $this->database->id) ->where('resource_id', $this->database->id)
->where('server_id', $this->server->id)
->first(); ->first();
if (! $existingCert) { if (! $existingCert) {
@@ -170,7 +169,10 @@ class General extends Component
return; return;
} }
$caCert = SslCertificate::where('server_id', $server->id)->firstOrFail(); $caCertificate = SslCertificate::where('server_id', $this->server->id)
->where('resource_type', null)
->where('resource_id', null)
->first();
SslHelper::generateSslCertificate( SslHelper::generateSslCertificate(
commonName: $existingCert->common_name, commonName: $existingCert->common_name,
@@ -178,9 +180,10 @@ class General extends Component
resourceType: $existingCert->resource_type, resourceType: $existingCert->resource_type,
resourceId: $existingCert->resource_id, resourceId: $existingCert->resource_id,
serverId: $existingCert->server_id, serverId: $existingCert->server_id,
caCert: $caCert->ssl_certificate, caCert: $caCertificate->ssl_certificate,
caKey: $caCert->ssl_private_key, caKey: $caCertificate->ssl_private_key,
configurationDir: $existingCert->configuration_dir, configurationDir: $existingCert->configuration_dir,
mountPath: '/var/lib/mysql/certs',
); );
$this->dispatch('success', 'SSL certificates have been regenerated. Please restart the database for changes to take effect.'); $this->dispatch('success', 'SSL certificates have been regenerated. Please restart the database for changes to take effect.');

13
app/Livewire/Project/Database/Postgresql/General.php
View File

@@ -122,10 +122,9 @@ class General extends Component
public function regenerateSslCertificate() public function regenerateSslCertificate()
{ {
try { try {
$server = $this->database->destination->server;
$existingCert = SslCertificate::where('resource_type', $this->database->getMorphClass()) $existingCert = SslCertificate::where('resource_type', $this->database->getMorphClass())
->where('resource_id', $this->database->id) ->where('resource_id', $this->database->id)
->where('server_id', $this->server->id)
->first(); ->first();
if (! $existingCert) { if (! $existingCert) {
@@ -134,7 +133,10 @@ class General extends Component
return; return;
} }
$caCert = SslCertificate::where('server_id', $server->id)->firstOrFail(); $caCertificate = SslCertificate::where('server_id', $this->server->id)
->where('resource_type', null)
->where('resource_id', null)
->first();
SslHelper::generateSslCertificate( SslHelper::generateSslCertificate(
commonName: $existingCert->common_name, commonName: $existingCert->common_name,
@@ -142,9 +144,10 @@ class General extends Component
resourceType: $existingCert->resource_type, resourceType: $existingCert->resource_type,
resourceId: $existingCert->resource_id, resourceId: $existingCert->resource_id,
serverId: $existingCert->server_id, serverId: $existingCert->server_id,
caCert: $caCert->ssl_certificate, caCert: $caCertificate->ssl_certificate,
caKey: $caCert->ssl_private_key, caKey: $caCertificate->ssl_private_key,
configurationDir: $existingCert->configuration_dir, configurationDir: $existingCert->configuration_dir,
mountPath: '/var/lib/postgresql/certs',
); );
$this->dispatch('success', 'SSL certificates have been regenerated. Please restart the database for changes to take effect.'); $this->dispatch('success', 'SSL certificates have been regenerated. Please restart the database for changes to take effect.');