dave/coolify
1
0
Fork 0
Code Issues Pull Requests Actions 2 Packages Projects Releases Wiki Activity

fix(ssl): always create ca crt on disk even if it is already there

Browse Source
This commit is contained in:
peaklabs-dev
2025-02-04 16:57:40 +01:00
parent da148f93a6
commit d6a39f2ed3
3 changed files with 29 additions and 27 deletions
Download Patch File Download Diff File Expand all files Collapse all files

12
app/Actions/Server/InstallDocker.php
View File

@@ -27,14 +27,14 @@ class InstallDocker
isCaCertificate: true,
validityDays: 15 * 365
);
$serverCertPath = config('constants.coolify.base_config_path').'/ssl/';
$caCertPath = config('constants.coolify.base_config_path').'/ssl/';
$commands = collect([
"mkdir -p $serverCertPath",
"chown -R 9999:root $serverCertPath",
"chmod -R 700 $serverCertPath",
"echo '{$serverCert->ssl_certificate}' > $serverCertPath/coolify-ca.crt",
"chmod 644 $serverCertPath/coolify-ca.crt",
"mkdir -p $caCertPath",
"chown -R 9999:root $caCertPath",
"chmod -R 700 $caCertPath",
"echo '{$serverCert->ssl_certificate}' > $caCertPath/coolify-ca.crt",
"chmod 644 $caCertPath/coolify-ca.crt",
]);
remote_process($commands, $server);
}

16
app/Livewire/Server/Advanced.php
View File

@@ -96,7 +96,7 @@ class Advanced extends Component
public function regenerateCaCertificate()
{
try {
$caCert = SslHelper::generateSslCertificate(
SslHelper::generateSslCertificate(
commonName: 'Coolify CA Certificate',
serverId: $this->server->id,
isCaCertificate: true,
@@ -119,15 +119,15 @@ class Advanced extends Component
private function writeCertificateToServer()
{
$serverCertPath = config('constants.coolify.base_config_path').'/ssl/';
$caCertPath = config('constants.coolify.base_config_path').'/ssl/';
$commands = collect([
"mkdir -p $serverCertPath",
"chown -R 9999:root $serverCertPath",
"chmod -R 700 $serverCertPath",
"rm -f $serverCertPath/coolify-ca.crt",
"echo '{$this->caCertificate->ssl_certificate}' > $serverCertPath/coolify-ca.crt",
"chmod 644 $serverCertPath/coolify-ca.crt",
"mkdir -p $caCertPath",
"chown -R 9999:root $caCertPath",
"chmod -R 700 $caCertPath",
"rm -f $caCertPath/coolify-ca.crt",
"echo '{$this->caCertificate->ssl_certificate}' > $caCertPath/coolify-ca.crt",
"chmod 644 $caCertPath/coolify-ca.crt",
]);
remote_process($commands, $this->server);

20
database/seeders/CaSslCertSeeder.php
View File

@@ -16,26 +16,28 @@ class CaSslCertSeeder extends Seeder
$existingCert = SslCertificate::where('server_id', $server->id)->where('is_ca_certificate', true)->first();
if (! $existingCert) {
$serverCert = SslHelper::generateSslCertificate(
$caCert = SslHelper::generateSslCertificate(
commonName: 'Coolify CA Certificate',
serverId: $server->id,
isCaCertificate: true,
validityDays: 15 * 365
);
$serverCertPath = config('constants.coolify.base_config_path').'/ssl/';
} else {
$caCert = $existingCert;
}
$caCertPath = config('constants.coolify.base_config_path').'/ssl/';
$commands = collect([
"mkdir -p $serverCertPath",
"chown -R 9999:root $serverCertPath",
"chmod -R 700 $serverCertPath",
"echo '{$serverCert->ssl_certificate}' > $serverCertPath/coolify-ca.crt",
"chmod 644 $serverCertPath/coolify-ca.crt",
"mkdir -p $caCertPath",
"chown -R 9999:root $caCertPath",
"chmod -R 700 $caCertPath",
"rm -f $caCertPath/coolify-ca.crt",
"echo '{$caCert->ssl_certificate}' > $caCertPath/coolify-ca.crt",
"chmod 644 $caCertPath/coolify-ca.crt",
]);
remote_process($commands, $server);
}
}
});
}
}