dave/coolify
1
0
Fork 0
Code Issues Pull Requests Actions 2 Packages Projects Releases Wiki Activity

fix(ssl): always create ca crt on disk even if it is already there

Browse Source
This commit is contained in:
peaklabs-dev
2025-02-04 16:57:40 +01:00
parent da148f93a6
commit d6a39f2ed3
3 changed files with 29 additions and 27 deletions
Download Patch File Download Diff File Expand all files Collapse all files

12
app/Actions/Server/InstallDocker.php
View File

@@ -27,14 +27,14 @@ class InstallDocker
isCaCertificate: true, isCaCertificate: true,
validityDays: 15 * 365 validityDays: 15 * 365
); );
$serverCertPath = config('constants.coolify.base_config_path').'/ssl/'; $caCertPath = config('constants.coolify.base_config_path').'/ssl/';
$commands = collect([ $commands = collect([
"mkdir -p $serverCertPath", "mkdir -p $caCertPath",
"chown -R 9999:root $serverCertPath", "chown -R 9999:root $caCertPath",
"chmod -R 700 $serverCertPath", "chmod -R 700 $caCertPath",
"echo '{$serverCert->ssl_certificate}' > $serverCertPath/coolify-ca.crt", "echo '{$serverCert->ssl_certificate}' > $caCertPath/coolify-ca.crt",
"chmod 644 $serverCertPath/coolify-ca.crt", "chmod 644 $caCertPath/coolify-ca.crt",
]); ]);
remote_process($commands, $server); remote_process($commands, $server);
} }

16
app/Livewire/Server/Advanced.php
View File

@@ -96,7 +96,7 @@ class Advanced extends Component
public function regenerateCaCertificate() public function regenerateCaCertificate()
{ {
try { try {
$caCert = SslHelper::generateSslCertificate( SslHelper::generateSslCertificate(
commonName: 'Coolify CA Certificate', commonName: 'Coolify CA Certificate',
serverId: $this->server->id, serverId: $this->server->id,
isCaCertificate: true, isCaCertificate: true,
@@ -119,15 +119,15 @@ class Advanced extends Component
private function writeCertificateToServer() private function writeCertificateToServer()
{ {
$serverCertPath = config('constants.coolify.base_config_path').'/ssl/'; $caCertPath = config('constants.coolify.base_config_path').'/ssl/';
$commands = collect([ $commands = collect([
"mkdir -p $serverCertPath", "mkdir -p $caCertPath",
"chown -R 9999:root $serverCertPath", "chown -R 9999:root $caCertPath",
"chmod -R 700 $serverCertPath", "chmod -R 700 $caCertPath",
"rm -f $serverCertPath/coolify-ca.crt", "rm -f $caCertPath/coolify-ca.crt",
"echo '{$this->caCertificate->ssl_certificate}' > $serverCertPath/coolify-ca.crt", "echo '{$this->caCertificate->ssl_certificate}' > $caCertPath/coolify-ca.crt",
"chmod 644 $serverCertPath/coolify-ca.crt", "chmod 644 $caCertPath/coolify-ca.crt",
]); ]);
remote_process($commands, $this->server); remote_process($commands, $this->server);

28
database/seeders/CaSslCertSeeder.php
View File

@@ -16,25 +16,27 @@ class CaSslCertSeeder extends Seeder
$existingCert = SslCertificate::where('server_id', $server->id)->where('is_ca_certificate', true)->first(); $existingCert = SslCertificate::where('server_id', $server->id)->where('is_ca_certificate', true)->first();
if (! $existingCert) { if (! $existingCert) {
$serverCert = SslHelper::generateSslCertificate( $caCert = SslHelper::generateSslCertificate(
commonName: 'Coolify CA Certificate', commonName: 'Coolify CA Certificate',
serverId: $server->id, serverId: $server->id,
isCaCertificate: true, isCaCertificate: true,
validityDays: 15 * 365 validityDays: 15 * 365
); );
} else {
$serverCertPath = config('constants.coolify.base_config_path').'/ssl/'; $caCert = $existingCert;
$commands = collect([
"mkdir -p $serverCertPath",
"chown -R 9999:root $serverCertPath",
"chmod -R 700 $serverCertPath",
"echo '{$serverCert->ssl_certificate}' > $serverCertPath/coolify-ca.crt",
"chmod 644 $serverCertPath/coolify-ca.crt",
]);
remote_process($commands, $server);
} }
$caCertPath = config('constants.coolify.base_config_path').'/ssl/';
$commands = collect([
"mkdir -p $caCertPath",
"chown -R 9999:root $caCertPath",
"chmod -R 700 $caCertPath",
"rm -f $caCertPath/coolify-ca.crt",
"echo '{$caCert->ssl_certificate}' > $caCertPath/coolify-ca.crt",
"chmod 644 $caCertPath/coolify-ca.crt",
]);
remote_process($commands, $server);
} }
}); });
} }