github/oneuptime
1
1
Fork 0
mirror of https://github.com/OneUptime/oneuptime.git synced 2026-04-06 00:32:12 +02:00
Code Issues 193 Packages Projects Releases Wiki Activity

Update GreenlockUtil class to handle lets encrypt account key properly

Browse Source
This commit is contained in:
Simon Larsen
2024-05-01 12:37:41 +01:00
parent 1433823efe
commit c6643d7f7c
5 changed files with 18 additions and 6 deletions
Download Patch File Download Diff File Expand all files Collapse all files

17
CommonServer/Utils/Greenlock/Greenlock.ts
View File

@@ -12,6 +12,8 @@ import QueryHelper from '../../Types/Database/QueryHelper';
import BadDataException from 'Common/Types/Exception/BadDataException';
import { Challenge } from 'acme-client/types/rfc8555';
import ServerException from 'Common/Types/Exception/ServerException';
import Text from 'Common/Types/Text';
import Exception from 'Common/Types/Exception/Exception';
export default class GreenlockUtil {
public static async renewAllCertsWhichAreExpiringSoon(data: {
@@ -101,11 +103,19 @@ export default class GreenlockUtil {
const acmeAccountKeyInBase64: string = LetsEncryptAccountKey;
const acmeAccountKey: string = Buffer.from(
if(!acmeAccountKeyInBase64) {
throw new ServerException(
'No lets encrypt account key found in environment variables. Please add one.'
);
}
let acmeAccountKey: string = Buffer.from(
acmeAccountKeyInBase64,
'base64'
).toString();
acmeAccountKey = Text.replaceAll(acmeAccountKey, '\\n', '\n');
//validate cname
const isValidCname: boolean = await data.validateCname(domain);
@@ -235,6 +245,11 @@ export default class GreenlockUtil {
`Error ordering certificate for domain: ${data.domain}`
);
logger.error(e);
if(e instanceof Exception){
throw e;
}
throw new ServerException(
`Unable to order certificate for ${data.domain}. Please contact support at support@oneuptime.com for more information.`
);

2
config.example.env
View File

@@ -207,6 +207,6 @@ E2E_TESTS_FAILED_WEBHOOK_URL=
# Lets encrypt notification email. This email will be used when certs are about to expire
LETS_ENCRYPT_NOTIFICATION_EMAIL=
# Generate a private key via openssl, encode it to base64 and paste it here.
LETS_ENCRYPT_ACCOUNT_KEY="Ii0tLS0tQkVHSU4gUFJJVkFURSBLRVktLS0tLVxuTUlJRXZRSUJBREFOQmdrcWhraUc5dzBCQVFFRkFBU0NCS2N3Z2dTakFnRUFBb0lCQVFDbVhvYXZ4cmlLMzVDeVxud3YybG40dUlNc3hIVFp4YWVwa21qSWN4NUtzOTBxdmFlZzYvY1Z4SkM2Zmo0WHlyQWc5dEw2b01PWDVzQytzL1xuZ21aQlR4YTg5Z0Jta0c0cHkzamYyQXptRllYVDJtMVp3d2lWN3UzK2FSczcyU2h6U0lteHVhY0RmY0JZNDRPaVxuUTdjWVNMaW9hZkZoN2ppWnlkQUxZcGYxU0FYU2FwUTB6U2xocGFLZzRaSnU1YmYxZkVyR0didXltRThCY0ZRUlxuVm5kRFpvbk5OcmpSUGExNTRyVGJyaVIyaWZUc0xCSU90dTRPb1dYaFJDYVFrTHBGSzVMbGRFWStraWhqWjk4a1xuTGVhQW9ISXRaeTdJVHUzYzZ5enk2ZW5Nc1NnNldlSXVTUHNnaUxnSmxZa0Z3UC9lcHp5WCtwS1pBY013LzErZlxueDJFeTA2YzlBZ01CQUFFQ2dnRUFBNERTRFRsK0FVNmIyV2ZKdDRjWWhSR3N3NE9hMnp6aHBMSW8xcUFlQ3ZzNFxucXkwT3luRTBwRVVlaituYm1pNDg3T3VvQlFIZzY1MkVvcDI0VVgrODF0WEhSR0dlTURzY25Ib01LM3dnaVVsOFxuSy91elhwVGRaaElJaE1ZWjEvT2JFcWI2SVZTd2pDNmVRdmh5RG96WmRwSmtoczloV2J1cUtkTTFwL0NRVHRIdVxuKzE3dUxVUGw0dGRBQURqdms5cnVWRnhuTWdocDByQklidkhmQ2poa1V6dWZqdUh6WjlkL09DS1dqZVJSanhrVlxuQVVoRmtCeStUYkhiaGJhVTNvQnNlSXdENC9qd2Y0aUdXZmFPV1FRc3ExNXIweFQzWWIvaUNJT1ZiNXJ1WkRTN1xudWVtMk1CN3VLU2gwcXZ1VnlsMkEvV3p4dFlSbERDWFdpQ093ZnVMeUFRS0JnUURoWWtQT1V2NUlLbjdQYWFUQ1xuOWNkWTkydUlLR2V0TzZLMi9iZWtoS3VleGFScXZlMXlrTWN1WCsvYnNBeGhZeHNnZFlpL3pGSmwvNmhZNEVkU1xucExCc1NuODdiNy8yRW1kQWNmc2ZHMFpZdGRZTWx1MXNjc3Z4K3NDNndham1tTWUvR0NnVzRoMTFWRlNDdXNFcVxuZzgwaGk2cDFGaGhlMzF4blpaUjN2SGRCM1FLQmdRQzgrQVo0czczRmpHK1hWclFDTldqYU1acjlxVzJCU2p4V1xudWlZL0VIVnY3Q0JCdlBWSE1VbTBqck5sb0IwMjQ5aUh5cWpVWnZ0eHM1S3NZSC9WL1A2dU4yOWxWblZiQ2xIa1xudWpFOHR6L1ExVHMxTlBHK2Y4YjRIUFpkTXdpZ3hWbkJZOFpZWndYcjM4NXAxRHBQYllpYUlqY0wvUFRKNEZBYlxuZWxmbFJqdVU0UUtCZ0FTNmlnK25JQnlsZjVtY2JzK0VWcFZnUTRwTXhyZ1V1em81b29PNklOdW82K1V0YlBEdFxuWnJCclpOM29HS3BtYU9oS2J2OFBLMTltZU1LOG1lSjdBQlNWajR2UXNXZFpSWDlOcE9ZbkxWZXBJUCtNbnhpYVxuWS9zRXRzeDBTYlhrMkxRQ3JyeWtLOWdOVitTU1JJRSsyS3Z1Z1RvSnA2TTk3bk5nNXplSDVieWxBb0dBUTFhM1xuSjZnVmhpSW5XZXpCdE0vSGo0bUJ5OGJtaU40bFpscHJhcW00ejZ0N1N6SEV6aHZZUWdsZ0VHVGdSRUVwVmlwM1xudzBqM2JXc3FaMWJ6OXhOeXhpNW0rZHUzY2p2Wk53TEtyUEk0UVhqYTRuajlkSDhnTGlaVC9KNUZBdFdReUlOL1xubU4wTmxTSnA4Zmg0MXZrWFpxV3VyQXoyUmtJekNiZXRQcnlxV3NFQ2dZRUF0R3dkRTlCeUplOFJjVHpNdEREOFxubEx1ZzE4SXBrQWhYV1QxU1FEQlJjYXpmOGNNN0xQb1o0STd6dDZmbTJ2WEk5bm83Y2c0cG9aVFZoRm01eTZ5dVxuZSsrdi9yM1RaOGhxWmtXOGYzOGc1Z09tQ3lSRmhIWU1VdS9MK0kvQTdtUmRQY1R4TFBreXcwbDM2ZnRvM2pudVxuUnRNOVNzeGtOamlTeE5qa0ZERkNrVGM9XG4tLS0tLUVORCBQUklWQVRFIEtFWS0tLS0tXG4i"
LETS_ENCRYPT_ACCOUNT_KEY=

1
docker-compose.base.yml
View File

@@ -1,4 +1,3 @@
version: '3.7'
x-common-variables: &common-variables
HOST: ${HOST}

2
docker-compose.dev.yml
View File

@@ -1,4 +1,4 @@
version: '3.7'
services:

2
docker-compose.yml
View File

@@ -1,8 +1,6 @@
# Images are pushed to both Docker Hub and Github Container Registry. If you're using Github Container Registry, you can change the image tag to use the Github Container Registry.
# For example, if you want to use the image from Github Container Registry, you can change the image tag from oneuptime/dashboard:latest to ghcr.io/oneuptime/dashboard:latest
version: '3.7'
services:
haraka: