From 79920a753510b9663d4cfb1aea1936d0529452d1 Mon Sep 17 00:00:00 2001 From: "alexey.lazarenko" Date: Mon, 11 Oct 2021 09:42:35 +0300 Subject: [PATCH 1/6] JE-60186 [LE] Check https protocol while invalid response from custom domain --- scripts/generate-ssl-cert.sh | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/scripts/generate-ssl-cert.sh b/scripts/generate-ssl-cert.sh index 1388bb3a..4c541948 100644 --- a/scripts/generate-ssl-cert.sh +++ b/scripts/generate-ssl-cert.sh @@ -73,7 +73,7 @@ do [[ -z $error ]] && { error=$(sed -rn 's/.*\s(.*)(Invalid response from http:\/\/.*)\\\"".*/\2/p' $LOG_FILE | sed '$!d') - [[ ! -z $error ]] && invalid_domain=$(echo $error | sed -rn 's/Invalid response from http:\/\/([^/]*)\/\.well-known.*/\1/p') + [[ ! -z $error ]] && invalid_domain=$(echo $error | sed -rn 's/Invalid response from https:\/\/([^/]*)\/\.well-known.*/\1/p') } [[ -z $error ]] && { From 2eb152410c1da97a2d3ea953dab44a5b99b0e6da Mon Sep 17 00:00:00 2001 From: "alexey.lazarenko" Date: Mon, 11 Oct 2021 09:44:00 +0300 Subject: [PATCH 2/6] JE-60186 [LE] Check https protocol while invalid response from custom domain --- scripts/generate-ssl-cert.sh | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/scripts/generate-ssl-cert.sh b/scripts/generate-ssl-cert.sh index 4c541948..222f5cde 100644 --- a/scripts/generate-ssl-cert.sh +++ b/scripts/generate-ssl-cert.sh @@ -73,7 +73,7 @@ do [[ -z $error ]] && { error=$(sed -rn 's/.*\s(.*)(Invalid response from http:\/\/.*)\\\"".*/\2/p' $LOG_FILE | sed '$!d') - [[ ! -z $error ]] && invalid_domain=$(echo $error | sed -rn 's/Invalid response from https:\/\/([^/]*)\/\.well-known.*/\1/p') + [[ ! -z $error ]] && invalid_domain=$(echo $error | sed -rn 's/Invalid response from https?:\/\/([^/]*)\/\.well-known.*/\1/p') } [[ -z $error ]] && { From be8b8c7ca1dfc8b5b978ce04d78f35d0ba059549 Mon Sep 17 00:00:00 2001 From: "alexey.lazarenko" Date: Thu, 9 Dec 2021 15:54:50 +0200 Subject: [PATCH 3/6] JE-54388 [Let's Encrypt] SSL certificates bound to SLB are not deleted with env --- scripts/ssl-manager.js | 17 ++++++++++++++++- 1 file changed, 16 insertions(+), 1 deletion(-) diff --git a/scripts/ssl-manager.js b/scripts/ssl-manager.js index 490e09af..f6d9161a 100644 --- a/scripts/ssl-manager.js +++ b/scripts/ssl-manager.js @@ -1400,13 +1400,28 @@ function SSLManager(config) { me.removeSSLCert = function removeSSLCert() { var resp, - sslCerts; + sslCert, + sslCerts, + extDomain; resp = jelastic.env.binder.GetSSLCerts(config.envName, session); if (resp.result != 0) return resp; sslCerts = resp.responses; + sslCert = sslCerts[sslCerts.length - 1]; + + if (sslCert.extDomains.length) { + for (var i = 0, n = sslCert.extDomains.length; i < n; i++) { + extDomain = sslCert.extDomains[i]; + + if (extDomain.sslEnabled) { + resp = jelastic.env.binder.RemoveExtDomain(config.envName, session, extDomain.domain); + if (resp.result != 0) return resp; + } + } + } + return jelastic.env.binder.RemoveSSLCerts(config.envName, session, sslCerts[sslCerts.length - 1].id); }; From ef485cfcda6ec1fc85a2359b8fd301ab23bfd8a9 Mon Sep 17 00:00:00 2001 From: "alexey.lazarenko" Date: Tue, 5 Jul 2022 10:44:07 +0300 Subject: [PATCH 4/6] JE-54388 [Let's Encrypt] SSL certificates bound to SLB are not deleted with env --- scripts/ssl-manager.js | 9 +++++++++ 1 file changed, 9 insertions(+) diff --git a/scripts/ssl-manager.js b/scripts/ssl-manager.js index f6d9161a..192bdaf2 100644 --- a/scripts/ssl-manager.js +++ b/scripts/ssl-manager.js @@ -94,6 +94,7 @@ function SSLManager(config) { me.invoke = function (action) { var actions = { "install" : me.install, + "delete" : me.delete, "uninstall" : me.uninstall, "auto-update" : me.autoUpdate, "backup-scripts": me.backupScripts, @@ -316,6 +317,14 @@ function SSLManager(config) { return resp; }; + me.delete = function() { + return me.execAll([ + [ me.initAddOnExtIp, config.withExtIp ], + + me.undeploy + ]); + }; + me.uninstall = function () { var autoUpdateScript = nodeManager.getScriptPath(AUTO_UPDATE_SCRIPT); From 22e6189dccea79bea98cd85e753d856f0bd86cea Mon Sep 17 00:00:00 2001 From: "alexey.lazarenko" Date: Tue, 5 Jul 2022 10:44:51 +0300 Subject: [PATCH 5/6] JE-54388 [Let's Encrypt] SSL certificates bound to SLB are not deleted with env --- manifest.jps | 10 +++++++--- 1 file changed, 7 insertions(+), 3 deletions(-) diff --git a/manifest.jps b/manifest.jps index 68637bb8..19a4ab22 100644 --- a/manifest.jps +++ b/manifest.jps @@ -58,7 +58,7 @@ description: globals: scriptSufix: letsencrypt-ssl - + mixins: - configs/vers.yaml @@ -100,7 +100,7 @@ onInstall: - setGlobals: nodeId: ${settings.nodeId:} nodeGroup: ${targetNodes.nodeGroup:} - withExtIp: ${settings.withExtIp:true} + withExtIp: ${settings.withExtIp:false} webroot: ${settings.webroot:} webrootPath: ${settings.webrootPath:} fallbackToX1: ${settings.fallbackToX1:} @@ -114,7 +114,7 @@ onInstall: onUninstall: - callScript: action: uninstall - - delete + - deleteScript onBeforeDelete: delete @@ -165,6 +165,10 @@ actions: action: auto-update configure: installScript delete: + - callScript: + action: delete + - deleteScript + deleteScript: script: | jelastic.dev.scripting.DeleteScript('${env.envName}-${targetNodes.nodeGroup}-${globals.scriptSufix}'); return {result:0} From 8f6838efe6f18f49c8045bb793ddb911d4d02865 Mon Sep 17 00:00:00 2001 From: "alexey.lazarenko" Date: Tue, 5 Jul 2022 10:45:18 +0300 Subject: [PATCH 6/6] JE-54388 [Let's Encrypt] SSL certificates bound to SLB are not deleted with env --- manifest.jps | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/manifest.jps b/manifest.jps index 19a4ab22..bb51b564 100644 --- a/manifest.jps +++ b/manifest.jps @@ -100,7 +100,7 @@ onInstall: - setGlobals: nodeId: ${settings.nodeId:} nodeGroup: ${targetNodes.nodeGroup:} - withExtIp: ${settings.withExtIp:false} + withExtIp: ${settings.withExtIp:true} webroot: ${settings.webroot:} webrootPath: ${settings.webrootPath:} fallbackToX1: ${settings.fallbackToX1:}