From b12190acbad16a16cf57006161549c8ef8d037b9 Mon Sep 17 00:00:00 2001 From: Derrick Hammer Date: Sun, 31 Jul 2016 06:45:04 -0400 Subject: [PATCH 01/21] *Add LETSENCRYPT object to web config --- bin/v-add-letsencrypt-domain | 16 +++++++++++++++- 1 file changed, 15 insertions(+), 1 deletion(-) diff --git a/bin/v-add-letsencrypt-domain b/bin/v-add-letsencrypt-domain index f1186f46e..c47d0dba0 100755 --- a/bin/v-add-letsencrypt-domain +++ b/bin/v-add-letsencrypt-domain @@ -38,7 +38,8 @@ is_object_valid 'user' 'USER' "$user" is_object_unsuspended 'user' 'USER' "$user" is_object_valid 'web' 'DOMAIN' "$domain" is_object_unsuspended 'web' 'DOMAIN' "$domain" - +is_object_value_empty 'web' 'DOMAIN' "$domain" '$LETSENCRYPT' +get_domain_values 'web' #----------------------------------------------------------# # Action # @@ -86,11 +87,24 @@ $BIN/v-delete-web-domain-ssl $user $domain >/dev/null 2>&1 $BIN/v-add-web-domain-ssl $user $domain $ssl_dir check_result $? "SSL install" >/dev/null +if [ ! -z "$LETSENCRYPT" ]; then + add_object_key 'web' 'DOMAIN' "$domain" '$LETSENCRYPT' 'yes' +else + update_object_value 'web' 'DOMAIN' "$domain" '$LETSENCRYPT' 'yes' +fi + #----------------------------------------------------------# # Vesta # #----------------------------------------------------------# +# Restarting web +if [ "$restart" != 'no' ]; then + $BIN/v-restart-web $restart + check_result $? "Web restart failed" >/dev/null +fi + + # Logging log_event "$OK" "$ARGUMENTS" From 040f4192a7d61b73a7608cd9601e492d521b8b7c Mon Sep 17 00:00:00 2001 From: Derrick Hammer Date: Sun, 31 Jul 2016 06:47:08 -0400 Subject: [PATCH 02/21] *Add API command to disable letsencrypt for a domain --- bin/v-delete-letsencrypt-domain | 60 +++++++++++++++++++++++++++++++++ 1 file changed, 60 insertions(+) create mode 100755 bin/v-delete-letsencrypt-domain diff --git a/bin/v-delete-letsencrypt-domain b/bin/v-delete-letsencrypt-domain new file mode 100755 index 000000000..89f9cc1fb --- /dev/null +++ b/bin/v-delete-letsencrypt-domain @@ -0,0 +1,60 @@ +#!/bin/bash +# info: deleting letsencrypt ssl cetificate for domain +# options: USER DOMAIN [RESTART] +# +# The function turns off letsencrypt SSL support for a domain. + + +#----------------------------------------------------------# +# Variable&Function # +#----------------------------------------------------------# + +# Argument definition +user=$1 +domain=$2 +restart=$3 + +# Includes +source $VESTA/func/main.sh +source $VESTA/func/domain.sh +source $VESTA/conf/vesta.conf + + +#----------------------------------------------------------# +# Verifications # +#----------------------------------------------------------# + +check_args '2' "$#" 'USER DOMAIN [RESTART]' +is_format_valid 'user' 'domain' +is_system_enabled "$WEB_SYSTEM" 'WEB_SYSTEM' +is_system_enabled "$WEB_SSL" 'SSL_SUPPORT' +is_object_valid 'user' 'USER' "$user" +is_object_unsuspended 'user' 'USER' "$user" +is_object_valid 'web' 'DOMAIN' "$domain" +is_object_unsuspended 'web' 'DOMAIN' "$domain" +is_object_value_exist 'web' 'DOMAIN' "$domain" '$LETSENCRYPT' + +#----------------------------------------------------------# +# Action # +#----------------------------------------------------------# + +# Delete SSL +$BIN/v-delete-web-domain-ssl $user $domain >/dev/null 2>&1 +check_result $? "SSL delete" >/dev/null + +update_object_value 'web' 'DOMAIN' "$domain" '$LETSENCRYPT' 'no' + +#----------------------------------------------------------# +# Vesta # +#----------------------------------------------------------# + +# Restarting web +if [ "$restart" != 'no' ]; then + $BIN/v-restart-web $restart + check_result $? "Web restart failed" >/dev/null +fi + +# Logging +log_event "$OK" "$ARGUMENTS" + +exit From 50f1db1abfdca1b81c1b87f820f524b1c47de4df Mon Sep 17 00:00:00 2001 From: Derrick Hammer Date: Sun, 31 Jul 2016 06:48:06 -0400 Subject: [PATCH 03/21] *Check for letsencrypt by the LETSENCRYPT object, not the cert metadata --- bin/v-update-letsencrypt-ssl | 42 +++++++++++++++++------------------- 1 file changed, 20 insertions(+), 22 deletions(-) diff --git a/bin/v-update-letsencrypt-ssl b/bin/v-update-letsencrypt-ssl index 39052097a..715068e2c 100755 --- a/bin/v-update-letsencrypt-ssl +++ b/bin/v-update-letsencrypt-ssl @@ -28,29 +28,27 @@ users=$(ls $VESTA/data/users/*/ssl/le.conf |cut -f 7 -d /) # Checking users for user in $users; do # Checking user certificates - for crt in $(ls $VESTA/data/users/$user/ssl/*.crt 2>/dev/null); do + for domain in $(search_objects 'web' 'LETSENCRYPT' 'yes' 'DOMAIN'); do # Checking certificate issuer - crt_data=$(openssl x509 -text -in $crt) - issuer=$(echo "$crt_data" |grep Issuer: |grep Encrypt) - if [ ! -z "$issuer" ]; then - expire=$(echo "$crt_data" |grep "Not After") - expire=$(echo "$expire" |cut -f 2,3,4 -d :) - expire=$(date -d "$expire" +%s) - now=$(date +%s) - expire=$((expire - now)) - expire=$((expire / 86400)) - domain=$(basename $crt |sed -e "s/.crt$//") - if [[ "$expire" -lt 31 ]]; then - aliases=$(echo "$crt_data" |grep DNS:) - aliases=$(echo "$aliases" |sed -e "s/DNS://g" -e "s/,//") - aliases=$(echo "$aliases" |tr ' ' '\n' |sed "/^$/d") - aliases=$(echo "$aliases" |grep -v "^$domain$") - if [ ! -z "$aliases" ]; then - aliases=$(echo "$aliases" |sed -e ':a;N;$!ba;s/\n/,/g') - $BIN/v-add-letsencrypt-domain $user $domain $aliases - else - $BIN/v-add-letsencrypt-domain $user $domain - fi + crt_data=$(openssl x509 -text -in "$VESTA/data/users/$user/ssl/$domain.crt") + + expire=$(echo "$crt_data" |grep "Not After") + expire=$(echo "$expire" |cut -f 2,3,4 -d :) + expire=$(date -d "$expire" +%s) + now=$(date +%s) + expire=$((expire - now)) + expire=$((expire / 86400)) + domain=$(basename $crt |sed -e "s/.crt$//") + if [[ "$expire" -lt 31 ]]; then + aliases=$(echo "$crt_data" |grep DNS:) + aliases=$(echo "$aliases" |sed -e "s/DNS://g" -e "s/,//") + aliases=$(echo "$aliases" |tr ' ' '\n' |sed "/^$/d") + aliases=$(echo "$aliases" |grep -v "^$domain$") + if [ ! -z "$aliases" ]; then + aliases=$(echo "$aliases" |sed -e ':a;N;$!ba;s/\n/,/g') + $BIN/v-add-letsencrypt-domain $user $domain $aliases + else + $BIN/v-add-letsencrypt-domain $user $domain fi fi done From 48bced28e38dd41dab8d7ade1deb6082dbf5f6ac Mon Sep 17 00:00:00 2001 From: Derrick Hammer Date: Wed, 3 Aug 2016 03:14:01 -0400 Subject: [PATCH 04/21] *Add letsencrypt GUI support --- web/add/web/index.php | 73 +++++---- web/edit/web/index.php | 253 ++++++++++++++++-------------- web/js/pages/add_web.js | 15 ++ web/js/pages/edit_web.js | 15 ++ web/templates/admin/add_web.html | 7 +- web/templates/admin/edit_web.html | 7 +- 6 files changed, 221 insertions(+), 149 deletions(-) diff --git a/web/add/web/index.php b/web/add/web/index.php index d57a46ad2..6edcf4a74 100644 --- a/web/add/web/index.php +++ b/web/add/web/index.php @@ -79,6 +79,7 @@ if (!empty($_POST['ok'])) { $v_ssl_key = $_POST['v_ssl_key']; $v_ssl_ca = $_POST['v_ssl_ca']; $v_ssl_home = $data[$v_domain]['SSL_HOME']; + $v_letsencrypt = $_POST['v_letsencrypt']; $v_stats = escapeshellarg($_POST['v_stats']); $v_stats_user = $data[$v_domain]['STATS_USER']; $v_stats_password = $data[$v_domain]['STATS_PASSWORD']; @@ -96,6 +97,7 @@ if (!empty($_POST['ok'])) { if ((!empty($_POST['v_ssl'])) || (!empty($_POST['v_elog']))) $v_adv = 'yes'; if ((!empty($_POST['v_ssl_crt'])) || (!empty($_POST['v_ssl_key']))) $v_adv = 'yes'; if ((!empty($_POST['v_ssl_ca'])) || ($_POST['v_stats'] != 'none')) $v_adv = 'yes'; + if ((!empty($_POST['v_letsencrypt']))) $v_adv = 'yes'; // Check advanced features if (empty($_POST['v_dns'])) $v_dns = 'off'; @@ -144,42 +146,51 @@ if (!empty($_POST['ok'])) { unset($output); } - // Add SSL certificates - if ((!empty($_POST['v_ssl'])) && (empty($_SESSION['error_msg']))) { - exec ('mktemp -d', $output, $return_var); - $tmpdir = $output[0]; - unset($output); + // Add Lets Encrypt support - // Save certificate - if (!empty($_POST['v_ssl_crt'])) { - $fp = fopen($tmpdir."/".$_POST['v_domain'].".crt", 'w'); - fwrite($fp, str_replace("\r\n", "\n", $_POST['v_ssl_crt'])); - fwrite($fp, "\n"); - fclose($fp); - } + if ((!empty($_POST['v_letsencrypt'])) && (empty($_SESSION['error_msg']))) { + exec (VESTA_CMD."v-add-letsencrypt-domain ".$user." ".$v_domain." '' 'no'", $output, $return_var); + check_return_code($return_var,$output); + unset($output); + } + else { + // Add SSL certificates only if Lets Encrypt is off + if ((!empty($_POST['v_ssl'])) && (empty($_SESSION['error_msg']))) { + exec ('mktemp -d', $output, $return_var); + $tmpdir = $output[0]; + unset($output); - // Save private key - if (!empty($_POST['v_ssl_key'])) { - $fp = fopen($tmpdir."/".$_POST['v_domain'].".key", 'w'); - fwrite($fp, str_replace("\r\n", "\n", $_POST['v_ssl_key'])); - fwrite($fp, "\n"); - fclose($fp); - } + // Save certificate + if (!empty($_POST['v_ssl_crt'])) { + $fp = fopen($tmpdir."/".$_POST['v_domain'].".crt", 'w'); + fwrite($fp, str_replace("\r\n", "\n", $_POST['v_ssl_crt'])); + fwrite($fp, "\n"); + fclose($fp); + } - // Save CA bundle - if (!empty($_POST['v_ssl_ca'])) { - $fp = fopen($tmpdir."/".$_POST['v_domain'].".ca", 'w'); - fwrite($fp, str_replace("\r\n", "\n", $_POST['v_ssl_ca'])); - fwrite($fp, "\n"); - fclose($fp); - } + // Save private key + if (!empty($_POST['v_ssl_key'])) { + $fp = fopen($tmpdir."/".$_POST['v_domain'].".key", 'w'); + fwrite($fp, str_replace("\r\n", "\n", $_POST['v_ssl_key'])); + fwrite($fp, "\n"); + fclose($fp); + } - $v_ssl_home = escapeshellarg($_POST['v_ssl_home']); - exec (VESTA_CMD."v-add-web-domain-ssl ".$user." ".$v_domain." ".$tmpdir." ".$v_ssl_home." 'no'", $output, $return_var); - check_return_code($return_var,$output); - unset($output); - } + // Save CA bundle + if (!empty($_POST['v_ssl_ca'])) { + $fp = fopen($tmpdir."/".$_POST['v_domain'].".ca", 'w'); + fwrite($fp, str_replace("\r\n", "\n", $_POST['v_ssl_ca'])); + fwrite($fp, "\n"); + fclose($fp); + } + $v_ssl_home = escapeshellarg($_POST['v_ssl_home']); + exec (VESTA_CMD."v-add-web-domain-ssl ".$user." ".$v_domain." ".$tmpdir." ".$v_ssl_home." 'no'", $output, $return_var); + check_return_code($return_var,$output); + unset($output); + } + + } // Add web stats if ((!empty($_POST['v_stats'])) && ($_POST['v_stats'] != 'none' ) && (empty($_SESSION['error_msg']))) { $v_stats = escapeshellarg($_POST['v_stats']); diff --git a/web/edit/web/index.php b/web/edit/web/index.php index 4a2eb6a21..34e72efb7 100644 --- a/web/edit/web/index.php +++ b/web/edit/web/index.php @@ -35,7 +35,8 @@ $v_tpl = $data[$v_domain]['IP']; $v_cgi = $data[$v_domain]['CGI']; $v_elog = $data[$v_domain]['ELOG']; $v_ssl = $data[$v_domain]['SSL']; -if ( $v_ssl == 'yes' ) { +$v_letsencrypt = $data[$v_domain]['LETSENCRYPT']; +if ( $v_ssl == 'yes' && ($v_letsencrypt == 'no' || empty($v_letsencrypt))) { exec (VESTA_CMD."v-list-web-domain-ssl ".$user." '".$v_domain."' json", $output, $return_var); $ssl_str = json_decode(implode('', $output), true); unset($output); @@ -256,139 +257,159 @@ if (!empty($_POST['save'])) { $restart_proxy = 'yes'; } - // Delete SSL certificate - if (( $v_ssl == 'yes' ) && (empty($_POST['v_ssl'])) && (empty($_SESSION['error_msg']))) { - exec (VESTA_CMD."v-delete-web-domain-ssl ".$v_username." ".$v_domain." 'no'", $output, $return_var); + // Disable Lets Encrypt support + + if (( $v_letsencrypt == 'yes' ) && (empty($_POST['v_letsencrypt'])) && (!empty($_POST['v_letsencrypt'])) && (empty($_SESSION['error_msg']))) { + exec (VESTA_CMD."v-add-letsencrypt-domain ".$user." ".$v_domain." '' 'no'", $output, $return_var); check_return_code($return_var,$output); unset($output); - $v_ssl = 'no'; + $v_letsencrypt = 'no'; $restart_web = 'yes'; $restart_proxy = 'yes'; - } - - // Change SSL certificate - if (($v_ssl == 'yes') && (!empty($_POST['v_ssl'])) && (empty($_SESSION['error_msg']))) { - if (( $v_ssl_crt != str_replace("\r\n", "\n", $_POST['v_ssl_crt'])) || ( $v_ssl_key != str_replace("\r\n", "\n", $_POST['v_ssl_key'])) || ( $v_ssl_ca != str_replace("\r\n", "\n", $_POST['v_ssl_ca']))) { - exec ('mktemp -d', $mktemp_output, $return_var); - $tmpdir = $mktemp_output[0]; - - // Certificate - if (!empty($_POST['v_ssl_crt'])) { - $fp = fopen($tmpdir."/".$_POST['v_domain'].".crt", 'w'); - fwrite($fp, str_replace("\r\n", "\n", $_POST['v_ssl_crt'])); - fwrite($fp, "\n"); - fclose($fp); - } - - // Key - if (!empty($_POST['v_ssl_key'])) { - $fp = fopen($tmpdir."/".$_POST['v_domain'].".key", 'w'); - fwrite($fp, str_replace("\r\n", "\n", $_POST['v_ssl_key'])); - fwrite($fp, "\n"); - fclose($fp); - } - - // CA - if (!empty($_POST['v_ssl_ca'])) { - $fp = fopen($tmpdir."/".$_POST['v_domain'].".ca", 'w'); - fwrite($fp, str_replace("\r\n", "\n", $_POST['v_ssl_ca'])); - fwrite($fp, "\n"); - fclose($fp); - } - - exec (VESTA_CMD."v-change-web-domain-sslcert ".$user." ".$v_domain." ".$tmpdir." 'no'", $output, $return_var); + } + else { + // Delete SSL certificate + if (( $v_ssl == 'yes' ) && (empty($_POST['v_ssl'])) && (empty($_SESSION['error_msg']))) { + exec (VESTA_CMD."v-delete-web-domain-ssl ".$v_username." ".$v_domain." 'no'", $output, $return_var); check_return_code($return_var,$output); unset($output); + $v_ssl = 'no'; $restart_web = 'yes'; $restart_proxy = 'yes'; - $v_ssl_crt = $_POST['v_ssl_crt']; - $v_ssl_key = $_POST['v_ssl_key']; - $v_ssl_ca = $_POST['v_ssl_ca']; - - // Cleanup certificate tempfiles - if (!empty($_POST['v_ssl_crt'])) { - unlink($tmpdir."/".$_POST['v_domain'].".crt"); - } - - if (!empty($_POST['v_ssl_key'])) { - unlink($tmpdir."/".$_POST['v_domain'].".key"); - } - - if (!empty($_POST['v_ssl_ca'])) { - unlink($tmpdir."/".$_POST['v_domain'].".ca"); - } - - rmdir($tmpdir); } - } + } + if (( $v_letsencrypt == 'no' || empty( $v_letsencrypt)) && (!empty($_POST['v_letsencrypt'])) && empty($_SESSION['error_msg'])) { + exec (VESTA_CMD."v-add-letsencrypt-domain ".$user." ".$v_domain." '' 'no'", $output, $return_var); + check_return_code($return_var,$output); + unset($output); + $v_letsencrypt = 'yes'; + $restart_web = 'yes'; + $restart_proxy = 'yes'; + } + else{ + // Change SSL certificate + if (($v_ssl == 'yes') && (!empty($_POST['v_ssl'])) && (empty($_SESSION['error_msg']))) { + if (( $v_ssl_crt != str_replace("\r\n", "\n", $_POST['v_ssl_crt'])) || ( $v_ssl_key != str_replace("\r\n", "\n", $_POST['v_ssl_key'])) || ( $v_ssl_ca != str_replace("\r\n", "\n", $_POST['v_ssl_ca']))) { + exec ('mktemp -d', $mktemp_output, $return_var); + $tmpdir = $mktemp_output[0]; - // Add SSL certificate - if (( $v_ssl == 'no') && (!empty($_POST['v_ssl'])) && (empty($_SESSION['error_msg']))) { - if ((!empty($_POST['v_ssl'])) && (empty($_POST['v_ssl_crt']))) $errors[] = 'ssl certificate'; - if ((!empty($_POST['v_ssl'])) && (empty($_POST['v_ssl_key']))) $errors[] = 'ssl key'; - if ((!empty($_POST['v_ssl'])) && (empty($_POST['v_ssl_home']))) $errors[] = 'ssl home'; - $v_ssl_home = escapeshellarg($_POST['v_ssl_home']); - if (!empty($errors[0])) { - foreach ($errors as $i => $error) { - if ( $i == 0 ) { - $error_msg = $error; - } else { - $error_msg = $error_msg.", ".$error; - } - } - $_SESSION['error_msg'] = __('Field "%s" can not be blank.',$error_msg); - } else { - exec ('mktemp -d', $mktemp_output, $return_var); - $tmpdir = $mktemp_output[0]; + // Certificate + if (!empty($_POST['v_ssl_crt'])) { + $fp = fopen($tmpdir."/".$_POST['v_domain'].".crt", 'w'); + fwrite($fp, str_replace("\r\n", "\n", $_POST['v_ssl_crt'])); + fwrite($fp, "\n"); + fclose($fp); + } - // Certificate - if (!empty($_POST['v_ssl_crt'])) { - $fp = fopen($tmpdir."/".$_POST['v_domain'].".crt", 'w'); - fwrite($fp, str_replace("\r\n", "\n", $_POST['v_ssl_crt'])); - fclose($fp); - } + // Key + if (!empty($_POST['v_ssl_key'])) { + $fp = fopen($tmpdir."/".$_POST['v_domain'].".key", 'w'); + fwrite($fp, str_replace("\r\n", "\n", $_POST['v_ssl_key'])); + fwrite($fp, "\n"); + fclose($fp); + } - // Key - if (!empty($_POST['v_ssl_key'])) { - $fp = fopen($tmpdir."/".$_POST['v_domain'].".key", 'w'); - fwrite($fp, str_replace("\r\n", "\n", $_POST['v_ssl_key'])); - fclose($fp); - } + // CA + if (!empty($_POST['v_ssl_ca'])) { + $fp = fopen($tmpdir."/".$_POST['v_domain'].".ca", 'w'); + fwrite($fp, str_replace("\r\n", "\n", $_POST['v_ssl_ca'])); + fwrite($fp, "\n"); + fclose($fp); + } - // CA - if (!empty($_POST['v_ssl_ca'])) { - $fp = fopen($tmpdir."/".$_POST['v_domain'].".ca", 'w'); - fwrite($fp, str_replace("\r\n", "\n", $_POST['v_ssl_ca'])); - fclose($fp); - } - exec (VESTA_CMD."v-add-web-domain-ssl ".$user." ".$v_domain." ".$tmpdir." ".$v_ssl_home." 'no'", $output, $return_var); - check_return_code($return_var,$output); - unset($output); - $v_ssl = 'yes'; - $restart_web = 'yes'; - $restart_proxy = 'yes'; - $v_ssl_crt = $_POST['v_ssl_crt']; - $v_ssl_key = $_POST['v_ssl_key']; - $v_ssl_ca = $_POST['v_ssl_ca']; - $v_ssl_home = $_POST['v_ssl_home']; + exec (VESTA_CMD."v-change-web-domain-sslcert ".$user." ".$v_domain." ".$tmpdir." 'no'", $output, $return_var); + check_return_code($return_var,$output); + unset($output); + $restart_web = 'yes'; + $restart_proxy = 'yes'; + $v_ssl_crt = $_POST['v_ssl_crt']; + $v_ssl_key = $_POST['v_ssl_key']; + $v_ssl_ca = $_POST['v_ssl_ca']; - // Cleanup certificate tempfiles - if (!empty($_POST['v_ssl_crt'])) { - unlink($tmpdir."/".$_POST['v_domain'].".crt"); - } + // Cleanup certificate tempfiles + if (!empty($_POST['v_ssl_crt'])) { + unlink($tmpdir."/".$_POST['v_domain'].".crt"); + } - if (!empty($_POST['v_ssl_key'])) { - unlink($tmpdir."/".$_POST['v_domain'].".key"); - } + if (!empty($_POST['v_ssl_key'])) { + unlink($tmpdir."/".$_POST['v_domain'].".key"); + } - if (!empty($_POST['v_ssl_ca'])) { - unlink($tmpdir."/".$_POST['v_domain'].".ca"); - } + if (!empty($_POST['v_ssl_ca'])) { + unlink($tmpdir."/".$_POST['v_domain'].".ca"); + } - rmdir($tmpdir); - } - } + rmdir($tmpdir); + } + } + // Add SSL certificate + if (( $v_ssl == 'no') && (!empty($_POST['v_ssl'])) && (empty($_SESSION['error_msg']))) { + if ((!empty($_POST['v_ssl'])) && (empty($_POST['v_ssl_crt']))) $errors[] = 'ssl certificate'; + if ((!empty($_POST['v_ssl'])) && (empty($_POST['v_ssl_key']))) $errors[] = 'ssl key'; + if ((!empty($_POST['v_ssl'])) && (empty($_POST['v_ssl_home']))) $errors[] = 'ssl home'; + $v_ssl_home = escapeshellarg($_POST['v_ssl_home']); + if (!empty($errors[0])) { + foreach ($errors as $i => $error) { + if ( $i == 0 ) { + $error_msg = $error; + } else { + $error_msg = $error_msg.", ".$error; + } + } + $_SESSION['error_msg'] = __('Field "%s" can not be blank.',$error_msg); + } else { + exec ('mktemp -d', $mktemp_output, $return_var); + $tmpdir = $mktemp_output[0]; + + // Certificate + if (!empty($_POST['v_ssl_crt'])) { + $fp = fopen($tmpdir."/".$_POST['v_domain'].".crt", 'w'); + fwrite($fp, str_replace("\r\n", "\n", $_POST['v_ssl_crt'])); + fclose($fp); + } + + // Key + if (!empty($_POST['v_ssl_key'])) { + $fp = fopen($tmpdir."/".$_POST['v_domain'].".key", 'w'); + fwrite($fp, str_replace("\r\n", "\n", $_POST['v_ssl_key'])); + fclose($fp); + } + + // CA + if (!empty($_POST['v_ssl_ca'])) { + $fp = fopen($tmpdir."/".$_POST['v_domain'].".ca", 'w'); + fwrite($fp, str_replace("\r\n", "\n", $_POST['v_ssl_ca'])); + fclose($fp); + } + exec (VESTA_CMD."v-add-web-domain-ssl ".$user." ".$v_domain." ".$tmpdir." ".$v_ssl_home." 'no'", $output, $return_var); + check_return_code($return_var,$output); + unset($output); + $v_ssl = 'yes'; + $restart_web = 'yes'; + $restart_proxy = 'yes'; + $v_ssl_crt = $_POST['v_ssl_crt']; + $v_ssl_key = $_POST['v_ssl_key']; + $v_ssl_ca = $_POST['v_ssl_ca']; + $v_ssl_home = $_POST['v_ssl_home']; + + // Cleanup certificate tempfiles + if (!empty($_POST['v_ssl_crt'])) { + unlink($tmpdir."/".$_POST['v_domain'].".crt"); + } + + if (!empty($_POST['v_ssl_key'])) { + unlink($tmpdir."/".$_POST['v_domain'].".key"); + } + + if (!empty($_POST['v_ssl_ca'])) { + unlink($tmpdir."/".$_POST['v_domain'].".ca"); + } + + rmdir($tmpdir); + } + } + } // Change document root for ssl domain if (( $v_ssl == 'yes') && (!empty($_POST['v_ssl'])) && (empty($_SESSION['error_msg']))) { if ( $v_ssl_home != $_POST['v_ssl_home'] ) { diff --git a/web/js/pages/add_web.js b/web/js/pages/add_web.js index 084540f0c..aea18a1c9 100644 --- a/web/js/pages/add_web.js +++ b/web/js/pages/add_web.js @@ -151,6 +151,21 @@ App.Actions.WEB.toggle_additional_ftp_accounts = function(elm) { } } +App.Actions.WEB.toggle_letsencrypt = function(elm) { + if ($(elm).attr('checked')) { + $('#ssltable textarea[name=v_ssl_crt],#ssltable textarea[name=v_ssl_key], #ssltable textarea[name=v_ssl_ca]').attr('disabled', 'disabled'); + $('input[name=v_ssl]').prop('checked', true); + $('#ssltable').show(); + $('#generate-csr').hide(); + } + else { + $('#ssltable textarea[name=v_ssl_crt],#ssltable textarea[name=v_ssl_key], #ssltable textarea[name=v_ssl_ca]').removeAttr('disabled'); + $('input[name=v_ssl]').prop('checked', false); + $('#ssltable').hide(); + $('#generate-csr').show(); + } +} + // // Page entry point App.Listeners.WEB.keypress_ftp_username(); diff --git a/web/js/pages/edit_web.js b/web/js/pages/edit_web.js index 3c41f938c..fed5acff9 100644 --- a/web/js/pages/edit_web.js +++ b/web/js/pages/edit_web.js @@ -132,6 +132,21 @@ App.Actions.WEB.toggle_additional_ftp_accounts = function(elm) { } } +App.Actions.WEB.toggle_letsencrypt = function(elm) { + if ($(elm).attr('checked')) { + $('#ssltable textarea[name=v_ssl_crt],#ssltable textarea[name=v_ssl_key], #ssltable textarea[name=v_ssl_ca]').attr('disabled', 'disabled'); + $('input[name=v_ssl]').prop('checked', true); + $('#ssltable').show(); + $('#generate-csr').hide(); + } + else { + $('#ssltable textarea[name=v_ssl_crt],#ssltable textarea[name=v_ssl_key], #ssltable textarea[name=v_ssl_ca]').removeAttr('disabled'); + $('input[name=v_ssl]').prop('checked', false); + $('#ssltable').hide(); + $('#generate-csr').show(); + } +} + App.Actions.WEB.randomPasswordGenerated = function(elm) { return App.Actions.WEB.passwordChanged(elm); } diff --git a/web/templates/admin/add_web.html b/web/templates/admin/add_web.html index b5549b012..ee9171825 100644 --- a/web/templates/admin/add_web.html +++ b/web/templates/admin/add_web.html @@ -128,7 +128,7 @@ / - + @@ -184,6 +184,11 @@ + + + + + diff --git a/web/templates/admin/edit_web.html b/web/templates/admin/edit_web.html index afa34174d..56ff0bade 100644 --- a/web/templates/admin/edit_web.html +++ b/web/templates/admin/edit_web.html @@ -186,7 +186,7 @@ / - + @@ -243,6 +243,11 @@ + + + + + From a1d53e0489e8f956c6771914f5e9b187f33769ac Mon Sep 17 00:00:00 2001 From: Derrick Hammer Date: Wed, 3 Aug 2016 05:07:26 -0400 Subject: [PATCH 05/21] *Fetch agreement URL from API --- bin/v-add-letsencrypt-user | 3 ++- 1 file changed, 2 insertions(+), 1 deletion(-) diff --git a/bin/v-add-letsencrypt-user b/bin/v-add-letsencrypt-user index 431c2543b..52ada0dec 100755 --- a/bin/v-add-letsencrypt-user +++ b/bin/v-add-letsencrypt-user @@ -41,11 +41,12 @@ fi #----------------------------------------------------------# api='https://acme-v01.api.letsencrypt.org' -agreement='https://letsencrypt.org/documents/LE-SA-v1.0.1-July-27-2015.pdf' if [ -z "$email" ]; then email=$(get_user_value '$CONTACT') fi +agreement=$(curl -s -I "$api/terms" |grep Location |cut -f 2 -d \ |tr -d '\r\n') + # Generating key key="$USER_DATA/ssl/user.key" if [ ! -e "$key" ]; then From 046ca885c0331dcabc865e10d2edd492ce49468b Mon Sep 17 00:00:00 2001 From: Derrick Hammer Date: Wed, 3 Aug 2016 05:31:44 -0400 Subject: [PATCH 06/21] *Fix typo --- web/templates/admin/add_web.html | 2 +- web/templates/admin/edit_web.html | 2 +- 2 files changed, 2 insertions(+), 2 deletions(-) diff --git a/web/templates/admin/add_web.html b/web/templates/admin/add_web.html index ee9171825..40e1c18d5 100644 --- a/web/templates/admin/add_web.html +++ b/web/templates/admin/add_web.html @@ -186,7 +186,7 @@ - + diff --git a/web/templates/admin/edit_web.html b/web/templates/admin/edit_web.html index 56ff0bade..e3c1843f7 100644 --- a/web/templates/admin/edit_web.html +++ b/web/templates/admin/edit_web.html @@ -245,7 +245,7 @@ - + From f1c7bafe7c950d2c9dc8d258a39cd20a846e6bc7 Mon Sep 17 00:00:00 2001 From: Derrick Hammer Date: Wed, 3 Aug 2016 05:46:36 -0400 Subject: [PATCH 07/21] *Don't error on empty ssl data if letsencrypt is on --- web/add/web/index.php | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/web/add/web/index.php b/web/add/web/index.php index 6edcf4a74..1347e0c58 100644 --- a/web/add/web/index.php +++ b/web/add/web/index.php @@ -18,8 +18,8 @@ if (!empty($_POST['ok'])) { // Check for empty fields if (empty($_POST['v_domain'])) $errors[] = __('domain'); if (empty($_POST['v_ip'])) $errors[] = __('ip'); - if ((!empty($_POST['v_ssl'])) && (empty($_POST['v_ssl_crt']))) $errors[] = __('ssl certificate'); - if ((!empty($_POST['v_ssl'])) && (empty($_POST['v_ssl_key']))) $errors[] = __('ssl key'); + if ((!empty($_POST['v_ssl'])) && (empty($_POST['v_ssl_crt']))&& (empty($_POST['v_letsencrypt']))) $errors[] = __('ssl certificate'); + if ((!empty($_POST['v_ssl'])) && (empty($_POST['v_ssl_key']))&& (empty($_POST['v_letsencrypt']))) $errors[] = __('ssl key'); if (!empty($errors[0])) { foreach ($errors as $i => $error) { if ( $i == 0 ) { From 894522e77b74a2072f07aa04eebb82e0af14529c Mon Sep 17 00:00:00 2001 From: Derrick Hammer Date: Wed, 3 Aug 2016 05:50:59 -0400 Subject: [PATCH 08/21] *Update letsencrypt UI on load --- web/js/pages/add_web.js | 1 + web/js/pages/edit_web.js | 11 +++++++---- 2 files changed, 8 insertions(+), 4 deletions(-) diff --git a/web/js/pages/add_web.js b/web/js/pages/add_web.js index aea18a1c9..2272e545f 100644 --- a/web/js/pages/add_web.js +++ b/web/js/pages/add_web.js @@ -178,6 +178,7 @@ $(function() { var prefix = 'www.'; document.getElementById('v_aliases').value = prefix + document.getElementById('v_domain').value; }); + App.Actions.WEB.toggle_letsencrypt($('input[name=v_letsencrypt]')) }); function WEBrandom() { diff --git a/web/js/pages/edit_web.js b/web/js/pages/edit_web.js index fed5acff9..ae9c28606 100644 --- a/web/js/pages/edit_web.js +++ b/web/js/pages/edit_web.js @@ -174,11 +174,14 @@ App.Actions.WEB.passwordChanged = function(elm) { App.Listeners.WEB.keypress_ftp_username(); App.Listeners.WEB.keypress_ftp_path(); -$('.v-ftp-user-psw').on('keypress', function(evt) { - var elm = $(evt.target); - App.Actions.WEB.passwordChanged(elm); -}); +$(function() { + $('.v-ftp-user-psw').on('keypress', function (evt) { + var elm = $(evt.target); + App.Actions.WEB.passwordChanged(elm); + }); + App.Actions.WEB.toggle_letsencrypt($('input[name=v_letsencrypt]')) +}); function WEBrandom() { var chars = '0123456789ABCDEFGHIJKLMNOPQRSTUVWXTZabcdefghiklmnopqrstuvwxyz'; From 56b57040d54ff95085e0e5d93052aa6fbf45d2a9 Mon Sep 17 00:00:00 2001 From: Derrick Hammer Date: Sat, 13 Aug 2016 14:07:13 -0400 Subject: [PATCH 09/21] *Invert logic --- bin/v-add-letsencrypt-domain | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/bin/v-add-letsencrypt-domain b/bin/v-add-letsencrypt-domain index c47d0dba0..86afe3382 100755 --- a/bin/v-add-letsencrypt-domain +++ b/bin/v-add-letsencrypt-domain @@ -88,9 +88,9 @@ $BIN/v-add-web-domain-ssl $user $domain $ssl_dir check_result $? "SSL install" >/dev/null if [ ! -z "$LETSENCRYPT" ]; then - add_object_key 'web' 'DOMAIN' "$domain" '$LETSENCRYPT' 'yes' + update_object_value 'web' 'DOMAIN' "$domain" '$LETSENCRYPT' 'yes' else - update_object_value 'web' 'DOMAIN' "$domain" '$LETSENCRYPT' 'yes' + add_object_key 'web' 'DOMAIN' "$domain" '$LETSENCRYPT' 'yes' fi From 443bf6709583567cf37222c3e13beee29dc3d9ea Mon Sep 17 00:00:00 2001 From: Derrick Hammer Date: Sat, 13 Aug 2016 14:23:08 -0400 Subject: [PATCH 10/21] *Increase sign limit to 100 --- bin/v-add-letsencrypt-domain | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/bin/v-add-letsencrypt-domain b/bin/v-add-letsencrypt-domain index 86afe3382..8700592eb 100755 --- a/bin/v-add-letsencrypt-domain +++ b/bin/v-add-letsencrypt-domain @@ -56,8 +56,8 @@ i=1 for alias in $(echo $domain,$aliases |tr ',' '\n' |sort -u); do $BIN/v-check-letsencrypt-domain $user $alias check_result $? "LE domain validation" >/dev/null - if [ "$i" -gt 6 ]; then - check_result $E_LIMIT "LE can't sign more than 6 domains" + if [ "$i" -gt 100 ]; then + check_result $E_LIMIT "LE can't sign more than 100 domains" fi i=$((i++)) done From 949576ff1942d0a3ffbafda24d14f4486942ebe2 Mon Sep 17 00:00:00 2001 From: Derrick Hammer Date: Sat, 13 Aug 2016 15:21:50 -0400 Subject: [PATCH 11/21] *Leave out variable sign when running add_object_key --- bin/v-add-letsencrypt-domain | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/bin/v-add-letsencrypt-domain b/bin/v-add-letsencrypt-domain index 8700592eb..0ec3d9382 100755 --- a/bin/v-add-letsencrypt-domain +++ b/bin/v-add-letsencrypt-domain @@ -90,7 +90,7 @@ check_result $? "SSL install" >/dev/null if [ ! -z "$LETSENCRYPT" ]; then update_object_value 'web' 'DOMAIN' "$domain" '$LETSENCRYPT' 'yes' else - add_object_key 'web' 'DOMAIN' "$domain" '$LETSENCRYPT' 'yes' + add_object_key 'web' 'DOMAIN' "$domain" 'LETSENCRYPT' 'yes' fi From cdd70c3fdcb847713eea07de3913735ecf819917 Mon Sep 17 00:00:00 2001 From: Derrick Hammer Date: Sat, 13 Aug 2016 15:25:27 -0400 Subject: [PATCH 12/21] *Use double quotes to follow formatting style --- bin/v-add-letsencrypt-domain | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/bin/v-add-letsencrypt-domain b/bin/v-add-letsencrypt-domain index 0ec3d9382..351421ca1 100755 --- a/bin/v-add-letsencrypt-domain +++ b/bin/v-add-letsencrypt-domain @@ -90,7 +90,7 @@ check_result $? "SSL install" >/dev/null if [ ! -z "$LETSENCRYPT" ]; then update_object_value 'web' 'DOMAIN' "$domain" '$LETSENCRYPT' 'yes' else - add_object_key 'web' 'DOMAIN' "$domain" 'LETSENCRYPT' 'yes' + add_object_key "web" 'DOMAIN' "$domain" 'LETSENCRYPT' 'yes' fi From 5da94dff31d27f0d9c3a47b5f5d38b8abf7d7779 Mon Sep 17 00:00:00 2001 From: Derrick Hammer Date: Sat, 13 Aug 2016 15:56:24 -0400 Subject: [PATCH 13/21] *Fix usage of add_object_key --- bin/v-add-letsencrypt-domain | 7 +++---- 1 file changed, 3 insertions(+), 4 deletions(-) diff --git a/bin/v-add-letsencrypt-domain b/bin/v-add-letsencrypt-domain index 351421ca1..9b0c73848 100755 --- a/bin/v-add-letsencrypt-domain +++ b/bin/v-add-letsencrypt-domain @@ -87,12 +87,11 @@ $BIN/v-delete-web-domain-ssl $user $domain >/dev/null 2>&1 $BIN/v-add-web-domain-ssl $user $domain $ssl_dir check_result $? "SSL install" >/dev/null -if [ ! -z "$LETSENCRYPT" ]; then - update_object_value 'web' 'DOMAIN' "$domain" '$LETSENCRYPT' 'yes' -else - add_object_key "web" 'DOMAIN' "$domain" 'LETSENCRYPT' 'yes' +if [ -z "$LETSENCRYPT" ]; then + add_object_key "web" 'DOMAIN' "$domain" 'LETSENCRYPT' 'FTP_USER' fi +update_object_value 'web' 'DOMAIN' "$domain" '$LETSENCRYPT' 'yes' #----------------------------------------------------------# # Vesta # From 0f5f4175815785e4ea6dfe619cd1b120f5b74e63 Mon Sep 17 00:00:00 2001 From: Derrick Hammer Date: Sat, 13 Aug 2016 16:13:08 -0400 Subject: [PATCH 14/21] *Fix fetching users --- bin/v-update-letsencrypt-ssl | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/bin/v-update-letsencrypt-ssl b/bin/v-update-letsencrypt-ssl index 715068e2c..ea526a087 100755 --- a/bin/v-update-letsencrypt-ssl +++ b/bin/v-update-letsencrypt-ssl @@ -23,7 +23,7 @@ source $VESTA/conf/vesta.conf #----------------------------------------------------------# # Defining user list -users=$(ls $VESTA/data/users/*/ssl/le.conf |cut -f 7 -d /) +users=$($BIN/v-list-users | tail -n+3 | awk '{ print $1 }') # Checking users for user in $users; do From 715d7d600fd4e30aef021e71def9120bd462404e Mon Sep 17 00:00:00 2001 From: Derrick Hammer Date: Sat, 13 Aug 2016 16:21:57 -0400 Subject: [PATCH 15/21] *Run main.sh for each user --- bin/v-update-letsencrypt-ssl | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/bin/v-update-letsencrypt-ssl b/bin/v-update-letsencrypt-ssl index ea526a087..7de37eb6c 100755 --- a/bin/v-update-letsencrypt-ssl +++ b/bin/v-update-letsencrypt-ssl @@ -14,7 +14,6 @@ source /etc/profile # Includes -source $VESTA/func/main.sh source $VESTA/conf/vesta.conf @@ -27,6 +26,7 @@ users=$($BIN/v-list-users | tail -n+3 | awk '{ print $1 }') # Checking users for user in $users; do + source $VESTA/func/main.sh # Checking user certificates for domain in $(search_objects 'web' 'LETSENCRYPT' 'yes' 'DOMAIN'); do # Checking certificate issuer From 90c4d479ba2ef92cb39d45eb5a21f7c9d134881c Mon Sep 17 00:00:00 2001 From: Derrick Hammer Date: Sat, 13 Aug 2016 16:25:08 -0400 Subject: [PATCH 16/21] *main.sh needs to be executed outside of loop as well --- bin/v-update-letsencrypt-ssl | 1 + 1 file changed, 1 insertion(+) diff --git a/bin/v-update-letsencrypt-ssl b/bin/v-update-letsencrypt-ssl index 7de37eb6c..348a3e7c4 100755 --- a/bin/v-update-letsencrypt-ssl +++ b/bin/v-update-letsencrypt-ssl @@ -14,6 +14,7 @@ source /etc/profile # Includes +source $VESTA/func/main.sh source $VESTA/conf/vesta.conf From 6016d266b25c65a497e44465e9b9cf681ab59f90 Mon Sep 17 00:00:00 2001 From: Derrick Hammer Date: Sat, 13 Aug 2016 16:28:28 -0400 Subject: [PATCH 17/21] Revert "*main.sh needs to be executed outside of loop as well" This reverts commit 90c4d479ba2ef92cb39d45eb5a21f7c9d134881c. --- bin/v-update-letsencrypt-ssl | 1 - 1 file changed, 1 deletion(-) diff --git a/bin/v-update-letsencrypt-ssl b/bin/v-update-letsencrypt-ssl index 348a3e7c4..7de37eb6c 100755 --- a/bin/v-update-letsencrypt-ssl +++ b/bin/v-update-letsencrypt-ssl @@ -14,7 +14,6 @@ source /etc/profile # Includes -source $VESTA/func/main.sh source $VESTA/conf/vesta.conf From 777939b7c281907470535c62e9858407db82d3a4 Mon Sep 17 00:00:00 2001 From: Derrick Hammer Date: Sat, 13 Aug 2016 16:28:51 -0400 Subject: [PATCH 18/21] Revert "*Run main.sh for each user" This reverts commit 715d7d600fd4e30aef021e71def9120bd462404e. --- bin/v-update-letsencrypt-ssl | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/bin/v-update-letsencrypt-ssl b/bin/v-update-letsencrypt-ssl index 7de37eb6c..ea526a087 100755 --- a/bin/v-update-letsencrypt-ssl +++ b/bin/v-update-letsencrypt-ssl @@ -14,6 +14,7 @@ source /etc/profile # Includes +source $VESTA/func/main.sh source $VESTA/conf/vesta.conf @@ -26,7 +27,6 @@ users=$($BIN/v-list-users | tail -n+3 | awk '{ print $1 }') # Checking users for user in $users; do - source $VESTA/func/main.sh # Checking user certificates for domain in $(search_objects 'web' 'LETSENCRYPT' 'yes' 'DOMAIN'); do # Checking certificate issuer From b40e33165aeb9b0cbf871882c8f5c1286c3dab0f Mon Sep 17 00:00:00 2001 From: Derrick Hammer Date: Sat, 13 Aug 2016 16:29:28 -0400 Subject: [PATCH 19/21] *Define USER_DATA in loop --- bin/v-update-letsencrypt-ssl | 1 + 1 file changed, 1 insertion(+) diff --git a/bin/v-update-letsencrypt-ssl b/bin/v-update-letsencrypt-ssl index ea526a087..596b42f5c 100755 --- a/bin/v-update-letsencrypt-ssl +++ b/bin/v-update-letsencrypt-ssl @@ -27,6 +27,7 @@ users=$($BIN/v-list-users | tail -n+3 | awk '{ print $1 }') # Checking users for user in $users; do + USER_DATA=$VESTA/data/users/$user # Checking user certificates for domain in $(search_objects 'web' 'LETSENCRYPT' 'yes' 'DOMAIN'); do # Checking certificate issuer From c85967f894dc7a48bd1fb78b0fe9af519bc22b5e Mon Sep 17 00:00:00 2001 From: Derrick Hammer Date: Sun, 25 Sep 2016 03:00:13 -0400 Subject: [PATCH 20/21] *Add support for aliases --- web/add/web/index.php | 8 +++++--- web/edit/web/index.php | 6 +++++- 2 files changed, 10 insertions(+), 4 deletions(-) diff --git a/web/add/web/index.php b/web/add/web/index.php index 1347e0c58..d3eea2cd6 100644 --- a/web/add/web/index.php +++ b/web/add/web/index.php @@ -149,9 +149,11 @@ if (!empty($_POST['ok'])) { // Add Lets Encrypt support if ((!empty($_POST['v_letsencrypt'])) && (empty($_SESSION['error_msg']))) { - exec (VESTA_CMD."v-add-letsencrypt-domain ".$user." ".$v_domain." '' 'no'", $output, $return_var); - check_return_code($return_var,$output); - unset($output); + exec (VESTA_CMD."v-list-web-domain ".$user." ".$v_domain." json", $output, $return_var); + $data = json_decode(implode('', $output), true); + exec (VESTA_CMD."v-add-letsencrypt-domain ".$user." ".$v_domain." '".$data['ALIAS']."' 'no'", $output, $return_var); + check_return_code($return_var,$output); + unset($output); } else { // Add SSL certificates only if Lets Encrypt is off diff --git a/web/edit/web/index.php b/web/edit/web/index.php index 34e72efb7..c2a602211 100644 --- a/web/edit/web/index.php +++ b/web/edit/web/index.php @@ -270,7 +270,9 @@ if (!empty($_POST['save'])) { else { // Delete SSL certificate if (( $v_ssl == 'yes' ) && (empty($_POST['v_ssl'])) && (empty($_SESSION['error_msg']))) { - exec (VESTA_CMD."v-delete-web-domain-ssl ".$v_username." ".$v_domain." 'no'", $output, $return_var); + exec (VESTA_CMD."v-list-web-domain ".$user." ".$v_domain." json", $output, $return_var); + $data = json_decode(implode('', $output), true); + exec (VESTA_CMD."v-add-letsencrypt-domain ".$user." ".$v_domain." '".$data['ALIAS']."' 'no'", $output, $return_var); check_return_code($return_var,$output); unset($output); $v_ssl = 'no'; @@ -279,6 +281,8 @@ if (!empty($_POST['save'])) { } } if (( $v_letsencrypt == 'no' || empty( $v_letsencrypt)) && (!empty($_POST['v_letsencrypt'])) && empty($_SESSION['error_msg'])) { + exec (VESTA_CMD."v-list-web-domain ".$user." ".$v_domain." json", $output, $return_var); + $data = json_decode(implode('', $output), true); exec (VESTA_CMD."v-add-letsencrypt-domain ".$user." ".$v_domain." '' 'no'", $output, $return_var); check_return_code($return_var,$output); unset($output); From 8ef2f19a5ea3403f8a10076b978e2a6c7289a690 Mon Sep 17 00:00:00 2001 From: Derrick Hammer Date: Thu, 13 Oct 2016 09:00:04 -0400 Subject: [PATCH 21/21] *Add missing crt variable --- bin/v-update-letsencrypt-ssl | 3 ++- 1 file changed, 2 insertions(+), 1 deletion(-) diff --git a/bin/v-update-letsencrypt-ssl b/bin/v-update-letsencrypt-ssl index 596b42f5c..76e5fee45 100755 --- a/bin/v-update-letsencrypt-ssl +++ b/bin/v-update-letsencrypt-ssl @@ -30,8 +30,9 @@ for user in $users; do USER_DATA=$VESTA/data/users/$user # Checking user certificates for domain in $(search_objects 'web' 'LETSENCRYPT' 'yes' 'DOMAIN'); do + crt="$VESTA/data/users/$user/ssl/$domain.crt" # Checking certificate issuer - crt_data=$(openssl x509 -text -in "$VESTA/data/users/$user/ssl/$domain.crt") + crt_data=$(openssl x509 -text -in "$crt") expire=$(echo "$crt_data" |grep "Not After") expire=$(echo "$expire" |cut -f 2,3,4 -d :)