From 0a761e9e79e77cc0fd1c0a739066f8a15e0dd075 Mon Sep 17 00:00:00 2001 From: zhengkunwang <31820853+zhengkunwang223@users.noreply.github.com> Date: Mon, 4 Dec 2023 18:04:09 +0800 Subject: [PATCH] =?UTF-8?q?feat:=20=E6=9B=B4=E6=96=B0=E6=89=8B=E5=8A=A8?= =?UTF-8?q?=E8=AF=81=E4=B9=A6=E5=90=8C=E6=AD=A5=E5=88=B0=E7=BD=91=E7=AB=99?= =?UTF-8?q?=E5=92=8C=E9=9D=A2=E6=9D=BF=20(#3170)?= MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit --- backend/app/service/website_ssl.go | 3 ++ backend/app/service/website_utils.go | 49 ++++++++++++++++++++++++++++ backend/cron/job/ssl.go | 20 +----------- 3 files changed, 53 insertions(+), 19 deletions(-) diff --git a/backend/app/service/website_ssl.go b/backend/app/service/website_ssl.go index 3dd1c8f2f..3d66d1d5b 100644 --- a/backend/app/service/website_ssl.go +++ b/backend/app/service/website_ssl.go @@ -454,6 +454,9 @@ func (w WebsiteSSLService) Upload(req request.WebsiteSSLUpload) error { websiteSSL.Domains = strings.Join(domains, ",") if websiteSSL.ID > 0 { + if err := UpdateSSLConfig(*websiteSSL); err != nil { + return err + } return websiteSSLRepo.Save(websiteSSL) } return websiteSSLRepo.Create(context.Background(), websiteSSL) diff --git a/backend/app/service/website_utils.go b/backend/app/service/website_utils.go index b46f887b6..8d935dab6 100644 --- a/backend/app/service/website_utils.go +++ b/backend/app/service/website_utils.go @@ -3,6 +3,7 @@ package service import ( "fmt" "github.com/1Panel-dev/1Panel/backend/buserr" + "github.com/1Panel-dev/1Panel/backend/global" "github.com/1Panel-dev/1Panel/backend/i18n" "github.com/1Panel-dev/1Panel/backend/utils/cmd" "github.com/1Panel-dev/1Panel/backend/utils/common" @@ -772,3 +773,51 @@ func saveCertificateFile(websiteSSL *model.WebsiteSSL, logger *log.Logger) { } } } + +func GetSystemSSL() (bool, uint) { + sslSetting, err := settingRepo.Get(settingRepo.WithByKey("SSL")) + if err != nil { + global.LOG.Errorf("load service ssl from setting failed, err: %v", err) + return false, 0 + } + if sslSetting.Value == "enable" { + sslID, _ := settingRepo.Get(settingRepo.WithByKey("SSLID")) + idValue, _ := strconv.Atoi(sslID.Value) + if idValue > 0 { + return true, uint(idValue) + } + } + return false, 0 +} + +func UpdateSSLConfig(websiteSSL model.WebsiteSSL) error { + websites, _ := websiteRepo.GetBy(websiteRepo.WithWebsiteSSLID(websiteSSL.ID)) + if len(websites) > 0 { + for _, website := range websites { + if err := createPemFile(website, websiteSSL); err != nil { + return buserr.WithMap("ErrUpdateWebsiteSSL", map[string]interface{}{"name": website.PrimaryDomain, "err": err.Error()}, err) + } + } + nginxInstall, err := getAppInstallByKey(constant.AppOpenresty) + if err != nil { + return err + } + if err := opNginx(nginxInstall.ContainerName, constant.NginxReload); err != nil { + return buserr.WithErr(constant.ErrSSLApply, err) + } + } + enable, sslID := GetSystemSSL() + if enable && sslID == websiteSSL.ID { + fileOp := files.NewFileOp() + secretDir := path.Join(global.CONF.System.BaseDir, "1panel/secret") + if err := fileOp.WriteFile(path.Join(secretDir, "server.crt"), strings.NewReader(websiteSSL.Pem), 0600); err != nil { + global.LOG.Errorf("Failed to update the SSL certificate File for 1Panel System domain [%s] , err:%s", websiteSSL.PrimaryDomain, err.Error()) + return err + } + if err := fileOp.WriteFile(path.Join(secretDir, "server.key"), strings.NewReader(websiteSSL.PrivateKey), 0600); err != nil { + global.LOG.Errorf("Failed to update the SSL certificate for 1Panel System domain [%s] , err:%s", websiteSSL.PrimaryDomain, err.Error()) + return err + } + } + return nil +} diff --git a/backend/cron/job/ssl.go b/backend/cron/job/ssl.go index 3d4cc2199..1256fcf1d 100644 --- a/backend/cron/job/ssl.go +++ b/backend/cron/job/ssl.go @@ -9,7 +9,6 @@ import ( "github.com/1Panel-dev/1Panel/backend/utils/common" "github.com/1Panel-dev/1Panel/backend/utils/files" "path" - "strconv" "strings" "time" ) @@ -21,25 +20,8 @@ func NewSSLJob() *ssl { return &ssl{} } -func getSystemSSL() (bool, uint) { - settingRepo := repo.NewISettingRepo() - sslSetting, err := settingRepo.Get(settingRepo.WithByKey("SSL")) - if err != nil { - global.LOG.Errorf("load service ssl from setting failed, err: %v", err) - return false, 0 - } - if sslSetting.Value == "enable" { - sslID, _ := settingRepo.Get(settingRepo.WithByKey("SSLID")) - idValue, _ := strconv.Atoi(sslID.Value) - if idValue > 0 { - return true, uint(idValue) - } - } - return false, 0 -} - func (ssl *ssl) Run() { - systemSSLEnable, sslID := getSystemSSL() + systemSSLEnable, sslID := service.GetSystemSSL() sslRepo := repo.NewISSLRepo() sslService := service.NewIWebsiteSSLService() sslList, _ := sslRepo.List()