diff options
| author | Alexandre Alouit <alexandre.alouit@gmail.com> | 2015-12-04 09:47:54 +0100 |
|---|---|---|
| committer | Alexandre Alouit <alexandre.alouit@gmail.com> | 2015-12-04 09:47:54 +0100 |
| commit | 599d73b54549d808e3d05c3a98c4729d942edd5f (patch) | |
| tree | 6a35115fa53dc553196510b32caf3e24f2af155f /src/server/plugins-available/nginx_plugin.inc.php | |
| parent | 876dc671ef09e855eea7714c519977462e90f30c (diff) | |
bugfix & improvements
prevent apache with conf.d directory instead conf-available
create challenge directory (prevent Let’s Encrypt create file with bad
permission)
use debug ispconfig function
use fullchain for apache
Diffstat (limited to 'src/server/plugins-available/nginx_plugin.inc.php')
| -rwxr-xr-x | src/server/plugins-available/nginx_plugin.inc.php | 17 |
1 files changed, 16 insertions, 1 deletions
diff --git a/src/server/plugins-available/nginx_plugin.inc.php b/src/server/plugins-available/nginx_plugin.inc.php index 6c2aaa3..fb2329a 100755 --- a/src/server/plugins-available/nginx_plugin.inc.php +++ b/src/server/plugins-available/nginx_plugin.inc.php @@ -1127,7 +1127,22 @@ class nginx_plugin { //* check if we have already a Let's Encrypt cert if(!file_exists($crt_tmp_file) && !file_exists($key_tmp_file)) { $app->log("Create Let's Encrypt SSL Cert for: $domain", LOGLEVEL_DEBUG); - exec("/root/.local/share/letsencrypt/bin/letsencrypt auth -a webroot --email postmaster@$domain --domains $lddomain --webroot-path $webroot --text --agree-tos"); + + if(is_dir($webroot . "/.well-known/")) { + $app->log("Remove old challenge directory", LOGLEVEL_DEBUG); + $this->_exec("rm -rf " . $webroot . "/.well-known/"); + } + + $app->log("Create challenge directory", LOGLEVEL_DEBUG); + $app->system->mkdirpath($webroot . "/.well-known/"); + $app->system->chown($webroot . "/.well-known/", $$data['new']['system_user']); + $app->system->chgrp($webroot . "/.well-known/", $data['new']['system_group']); + $app->system->mkdirpath($webroot . "/.well-known/acme-challenge"); + $app->system->chown($webroot . "/.well-known/acme-challenge/", $data['new']['system_user']); + $app->system->chgrp($webroot . "/.well-known/acme-challenge/", $data['new']['system_group']); + $app->system->chmod($webroot . "/.well-known/acme-challenge", "g+s"); + + $this->_exec("/root/.local/share/letsencrypt/bin/letsencrypt auth -a webroot --email postmaster@$domain --domains $lddomain --webroot-path $webroot"); }; //* check is been correctly created |