From b5efbdbb0f7c3d270db540802d5bdaa8893624de Mon Sep 17 00:00:00 2001 From: shimon Date: Fri, 8 Nov 2024 14:43:30 +0200 Subject: [PATCH] updates --- .../Platform/Workers/Certificates.php | 62 +++---------------- 1 file changed, 10 insertions(+), 52 deletions(-) diff --git a/src/Appwrite/Platform/Workers/Certificates.php b/src/Appwrite/Platform/Workers/Certificates.php index f6a8637177..a14f164295 100644 --- a/src/Appwrite/Platform/Workers/Certificates.php +++ b/src/Appwrite/Platform/Workers/Certificates.php @@ -22,7 +22,6 @@ use Utopia\Database\Exception\Structure; use Utopia\Database\Helpers\ID; use Utopia\Database\Query; use Utopia\Domains\Domain; -use Utopia\Fetch\Client; use Utopia\Locale\Locale; use Utopia\Logger\Log; use Utopia\Platform\Action; @@ -44,18 +43,16 @@ class Certificates extends Action $this ->desc('Certificates worker') ->inject('message') - ->inject('project') ->inject('dbForConsole') ->inject('queueForMails') ->inject('queueForEvents') ->inject('queueForFunctions') ->inject('log') - ->callback(fn (Message $message, Document $project, Database $dbForConsole, Mail $queueForMails, Event $queueForEvents, Func $queueForFunctions, Log $log) => $this->action($message, $project, $dbForConsole, $queueForMails, $queueForEvents, $queueForFunctions, $log)); + ->callback(fn (Message $message, Database $dbForConsole, Mail $queueForMails, Event $queueForEvents, Func $queueForFunctions, Log $log) => $this->action($message, $dbForConsole, $queueForMails, $queueForEvents, $queueForFunctions, $log)); } /** * @param Message $message - * @param Document $project * @param Database $dbForConsole * @param Mail $queueForMails * @param Event $queueForEvents @@ -65,7 +62,7 @@ class Certificates extends Action * @throws Throwable * @throws \Utopia\Database\Exception */ - public function action(Message $message, Document $project, Database $dbForConsole, Mail $queueForMails, Event $queueForEvents, Func $queueForFunctions, Log $log): void + public function action(Message $message, Database $dbForConsole, Mail $queueForMails, Event $queueForEvents, Func $queueForFunctions, Log $log): void { $payload = $message->getPayload() ?? []; @@ -79,7 +76,7 @@ class Certificates extends Action $log->addTag('domain', $domain->get()); - $this->execute($domain, $project, $dbForConsole, $queueForMails, $queueForEvents, $queueForFunctions, $log, $skipRenewCheck); + $this->execute($domain, $dbForConsole, $queueForMails, $queueForEvents, $queueForFunctions, $log, $skipRenewCheck); } /** @@ -93,7 +90,7 @@ class Certificates extends Action * @throws Throwable * @throws \Utopia\Database\Exception */ - private function execute(Domain $domain, Document $project, Database $dbForConsole, Mail $queueForMails, Event $queueForEvents, Func $queueForFunctions, Log $log, bool $skipRenewCheck = false): void + private function execute(Domain $domain, Database $dbForConsole, Mail $queueForMails, Event $queueForEvents, Func $queueForFunctions, Log $log, bool $skipRenewCheck = false): void { /** * 1. Read arguments and validate domain @@ -158,26 +155,16 @@ class Certificates extends Action // Prepare folder name for certbot. Using this helps prevent miss-match in LetsEncrypt configuration when renewing certificate $folder = ID::unique(); - try { - // Generate certificate files using Let's Encrypt - $letsEncryptData = $this->issueCertificate($folder, $domain->get(), $email); - - // Give certificates to Traefik - $this->applyCertificateFiles($folder, $domain->get(), $letsEncryptData); - } catch (\Throwable $th) { - Console::error('Failed to generate Lets Encrypt certificate'); - } + // Generate certificate files using Let's Encrypt + $letsEncryptData = $this->issueCertificate($folder, $domain->get(), $email); // Command succeeded, store all data into document $logs = 'Certificate successfully generated.'; $certificate->setAttribute('logs', \mb_strcut($logs, 0, 1000000));// Limit to 1MB - try { - // TEMP: add custom hostnames to cloudflare - $this->addCustomHostnameToRegistrar($project, $domain->get()); - } catch (\Throwable $th) { - Console::error('Failed to add custom hostname to registrar: ' . $th->getMessage()); - } + + // Give certificates to Traefik + $this->applyCertificateFiles($folder, $domain->get(), $letsEncryptData); // Update certificate info stored in database $certificate->setAttribute('renewDate', $this->getRenewDate($domain->get())); @@ -210,35 +197,6 @@ class Certificates extends Action } } - /** - * Add custom hostname to Cloudflare registrar - * - * @param Document $project - * @param string $hostname - * @return void - * @throws Exception - */ - private function addCustomHostnameToRegistrar(Document $project, string $hostname): void - { - $client = new Client(); - $client - ->addHeader('content-type', Client::CONTENT_TYPE_APPLICATION_JSON) - ->addHeader('Authorization', 'Bearer ' . System::getEnv('_APP_SYSTEM_CLOUDFLARE_TOKEN')); - - $response = $client->fetch("https://api.cloudflare.com/client/v4/zones/b2d0e62383d3c0f6299efab107af2c7a/custom_hostnames", Client::METHOD_POST, [ - 'hostname' => $hostname, - 'ssl' => [ - "method" => "http", - "type" => "dv", - "wildcard" => false - ] - ]); - - if ($response->getStatusCode() !== 201) { - throw new Exception('Failed to add custom hostname to Cloudflare: ' . $response->getBody()); - } - } - /** * Save certificate data into database. * @@ -423,7 +381,7 @@ class Certificates extends Action * @return void * @throws Exception */ - protected function applyCertificateFiles(string $folder, string $domain, array $letsEncryptData): void + private function applyCertificateFiles(string $folder, string $domain, array $letsEncryptData): void { // Prepare folder in storage for domain