smeserver/smeserver-certificates
6
0
Fork 0
generated from smedev/Template-for-SMEServer-Core-Package
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

Compare commits

base: smeserver:11_0-5_el8_sme
Branches Tags
smeserver:master
smeserver:11_0-10_el8_sme smeserver:11_0-9_el8_sme smeserver:11_0-8_el8_sme smeserver:11_0-7_el8_sme smeserver:11_0-6_el8_sme smeserver:11_0-5_el8_sme smeserver:11_0-4_el8_sme smeserver:11_0-3_el8_sme smeserver:11_0-2_el8_sme smeserver:11_0-1_el8_sme
...
compare: smeserver:11_0-10_el8_sme
Branches Tags
smeserver:master
smeserver:11_0-10_el8_sme smeserver:11_0-9_el8_sme smeserver:11_0-8_el8_sme smeserver:11_0-7_el8_sme smeserver:11_0-6_el8_sme smeserver:11_0-5_el8_sme smeserver:11_0-4_el8_sme smeserver:11_0-3_el8_sme smeserver:11_0-2_el8_sme smeserver:11_0-1_el8_sme

5 Commits
11_0-5_el8 ... 11_0-10_el

Author SHA1 Message Date
Jean-Philippe Pialasse
16b33e6683 * Wed Sep 10 2025 Jean-Philippe Pialasse <jpp@koozali.org> 11.0-10.sme 
- fix unexpected behaviour when item set as disabled [SME: 13136]
  rewrite of 10Domains fragment
 2025-09-11 07:07:38 -04:00
Jean-Philippe Pialasse
b85c294ce4 * Wed Sep 10 2025 Jean-Philippe Pialasse <jpp@koozali.org> 11.0-9.sme 
- fix unexpected behaviour when item set as disabled [SME: 13136]
  rewrite of 10Domains fragment
 2025-09-10 22:28:44 -04:00
John Crisp
c31367eee3 Set KEY_ALFO default to rsa - thanks Knuddi [SME: 13109] 2025-08-25 15:42:05 +02:00
Brian Read
fa30cb09be * Fri Jun 27 2025 Brian Read <brianr@koozali.org> 11.0-7.sme 
- Bring default theme into line with changes made for AdminLTE theme [SME: 13049]
 2025-06-27 15:10:58 +01:00
John Crisp
2a99a49c7b Remove formatting from controller 2025-06-17 15:08:19 +02:00
6 changed files with 107 additions and 121 deletions
Expand all files Collapse all files

1
root/etc/e-smith/db/configuration/defaults/letsencrypt/algorithm Normal file
View File

@@ -0,0 +1 @@
rsa

4
root/etc/e-smith/templates/etc/dehydrated/config/45Algorithm
View File

@@ -1,6 +1,6 @@
# Which public key algorithm should be used? Supported: rsa, prime256v1 and secp384r1
# KEY_ALGO=secp384r1 (default)
#elliptic curve was not supported (qpsmtpd and perl-IO-Socket-SSL < 1.95)
# elliptic curve was not supported (qpsmtpd and perl-IO-Socket-SSL < 1.95)
# SME 11 has perl-IO-Socket-SSL-2.066
#KEY_ALGO=rsa
KEY_ALGO="{$letsencrypt{algorithm}||rsa}"

187
root/etc/e-smith/templates/etc/dehydrated/domains.txt/10Domains
View File

@@ -2,132 +2,91 @@
use strict;
use warnings;
use esmith::ConfigDB;
# $domain : current domain name
# $DomainName : primary domain name
# $domainname : domain name related to current host
my $configDB = esmith::ConfigDB->open_ro or die("can't open Config DB");
my $domainsDB = esmith::ConfigDB->open_ro('domains')
or die("can't connect to domains database");
my $hostsDB = esmith::ConfigDB->open_ro('hosts')
or die("can't connect to hosts database");
# my $dbKey = 'domain';
# my $systemMode = $configDB->get("SystemMode")->value;
# if ( $systemMode ne 'servergateway' ) {
# $OUT .= "# System not in Server Gateway mode\n";
# }
my $letsencryptStatus = $configDB->get_prop( 'letsencrypt', 'status' )
|| 'disabled';
if ( $letsencryptStatus ne 'disabled' ) {
# This should get all the connections in an array
my @domains = $domainsDB->keys;
my @hosts = $hostsDB->keys;
# print "@domains\n";
# Need to check here if we want ALL set
# all, domains, hosts, both, none
my $letsencryptConfig = $configDB->get_prop( 'letsencrypt', 'configure' ) || 'none';
# First get all the domains
# We could do this BUT only once as the array drops $vars
# my $dom = shift @domains;
# Patch from JPP
# Put Primary domain at top
my $DomainName = $configDB->get('DomainName')->value;
my $mainDomainStatus = $domainsDB->get_prop( "$DomainName", 'letsencryptSSLcert' )
|| 'disabled';
$OUT .= "$DomainName " unless $mainDomainStatus eq 'disabled';
foreach my $domain (@domains) {
# If we are all or domains then lets do all regardless
if ( $letsencryptConfig eq 'all' || $letsencryptConfig eq 'domains' ) {
# Check for self
#my $domainStatus =
# $domainsDB->get_prop( "Nameservers", 'HostType' ) || '';
#
#if ( $domainStatus eq 'Localhost' ) {
$OUT .= "$domain ";
#}
}
else {
my $domainEnabled = $domainsDB->get_prop( "$domain", 'letsencryptSSLcert' )
|| 'disabled';
if ( $domainEnabled eq 'enabled' ) {
$OUT .= "$domain " unless $DomainName eq $domain;
}
}
# Now check for hosts
# Buggered if I remember why we check that
# the host has a domain name in domains !
# Must have been a reason
foreach my $fqdn (@hosts) {
# If we are set to all or hosts just do it
if ( $letsencryptConfig eq 'all' || $letsencryptConfig eq 'hosts' ) {
$OUT .= "$fqdn " unless $DomainName eq $fqdn;
}
# Just do selected entries
else {
# Lets get the hostname
my $hostname = $fqdn;
$hostname =~ s/\..*//;
# print "$hostname\n";
# Lets get the domain name
my $domainname = $fqdn;
$domainname =~ s/.*?\.//;
# print "$domainname\n";
# is the domain name from the hosts file
# the same as that in the domains file ?
my $hostEnabled = $hostsDB->get_prop( "$fqdn", 'letsencryptSSLcert' )
return "# letsencrypt is disabled\n" if ( $letsencryptStatus eq 'disabled' ) ;
# if disabled will only ask certs for host pointing to self.
# if set otherwise, will try to get one even if host set as remote or local.
my $hostOverride = $configDB->get_prop( 'letsencrypt', 'hostOverride' )
|| 'disabled';
if ( $domainname eq $domain && $hostEnabled eq 'enabled' ) {
# Are we self ?
my $type = $hostsDB->get_prop( "$fqdn", 'HostType' );
my $hostOverride = $configDB->get_prop( 'letsencrypt', 'hostOverride' )
|| 'disabled';
# print "Override $hostOverride";
if ( $hostOverride eq 'yes' ) {
$OUT .= "$fqdn " unless $DomainName eq $fqdn;
}
elsif ( $type eq 'Self' ) {
# print "Here: $fqdn $type\n";
$OUT .= "$fqdn " unless $DomainName eq $fqdn;
}
}
}
my @domains = $domainsDB->keys;
my @hosts = $hostsDB->keys;
# Need to check here if we want ALL set if not explicitly disabled
# all, domains, hosts, both, none
my $letsencryptConfig = $configDB->get_prop( 'letsencrypt', 'configure' ) || 'none';
# Put Primary domain at top : needs to be the main cert domain.
my $DomainName = $configDB->get('DomainName')->value;
my $mainDomainStatus = $domainsDB->get_prop( "$DomainName", 'letsencryptSSLcert' )
|| 'disabled';
$OUT = "$DomainName " unless $mainDomainStatus eq 'disabled';
foreach my $domain (@domains) {
# If default set to all or domains then do all except if explicitly disabled
if ( $letsencryptConfig eq 'all' || $letsencryptConfig eq 'domains' ) {
my $domainEnabled = $domainsDB->get_prop( "$domain", 'letsencryptSSLcert' )
|| 'enabled';
$OUT .= "$domain " unless ( $domainEnabled eq 'disabled' || $DomainName eq $domain) ;
}
# otherwise only do if explicitly enabled
else {
my $domainEnabled = $domainsDB->get_prop( "$domain", 'letsencryptSSLcert' )
|| 'disabled';
if ( $domainEnabled eq 'enabled' ) {
$OUT .= "$domain " unless $DomainName eq $domain;
}
}
# Now check for this domain hosts
foreach my $fqdn (@hosts) {
# exclude host identical to primary domain, already done
next if $DomainName eq $fqdn;
# exclude host identical to current domain, already done
next if $domain eq $fqdn;
}
# overide hostOverride : default disabled do not ask if host is not self
my $type = $hostsDB->get_prop( "$fqdn", 'HostType' ) || "Self";
next unless ( $type eq "Self" || $hostOverride eq "disabled");
else {
$OUT .= "# letsencrypt is disabled\n";
# check if host related to current domain
# Lets get the hostname
my $hostname = $fqdn;
$hostname =~ s/\..*//;
# Lets get the domain name
my $domainname = $fqdn;
$domainname =~ s/.*?\.//;
next unless ($domainname eq $domain);
# If we are set to all or hosts just do it
if ( $letsencryptConfig eq 'all' || $letsencryptConfig eq 'hosts' ) {
my $hostEnabled = $hostsDB->get_prop( "$fqdn", 'letsencryptSSLcert' )
|| 'enabled';
$OUT .= "$fqdn " unless $hostEnabled eq 'disabled';
}
else {
# the same as that in the domains file ?
my $hostEnabled = $hostsDB->get_prop( "$fqdn", 'letsencryptSSLcert' )
|| 'disabled';
$OUT .= "$fqdn " unless $hostEnabled eq 'disabled';
}
}
}
}

8
root/usr/share/smanager/lib/SrvMngr/Controller/Letsencrypt-Custom.pm
View File

@@ -237,6 +237,7 @@ sub get_data_for_panel_CHECKONEDOMAIN {
# Get control data for table(s)
# Define a constant hash for field name mapping
use constant DomainList_FIELD_MAPPING => (
'Table1-TYPE' => 'Type',
'Table1-Domain name / HOSTNAME' => 'Domain',
'Table1-Brief description' => 'Description',
'Table1-Content' => 'Content',
@@ -246,6 +247,7 @@ use constant DomainList_FIELD_MAPPING => (
'Table1-IS_IN_CERT' => 'isincert',
'Table1-CHECK' => 'Check'
#'target_field2' => 'source_field2',
# Add more mappings as needed
);
@@ -280,7 +282,7 @@ sub actual_DomainList {
my $dname = $_->key;
my $isincert = "N";
my $link = $c->create_link("letsencryptd", "CHECKONEDOMAIN", "");
my $checklink = "<a href='" . $link . "&CHECKONEDOMAIN=" . $_->key . "'>" . $check . "</a>";
my $checklink = $link . "&CHECKONEDOMAIN=" . $_->key;
#my $checklink = "<a href=''>check</a>";
$isincert = "Y" if (grep(/^$dname$/, @list));
@@ -288,6 +290,7 @@ sub actual_DomainList {
# domain
push @data,
{
Type => "Domain",
Domain => $_->key,
$_->props,
letsencryptSSLcert => $le,
@@ -305,7 +308,8 @@ sub actual_DomainList {
$isincert = "N";
$isincert = "Y" if (grep(/^$hname$/, @list));
push @data, {
Domain => "--> " . $hname,
Type => "Host",
Domain => $hname,
$h->props,
Description => $h->prop('ExternalIP') || $h->prop('InternalIP') || "",
Content => $h->prop('HostType'),

9
root/usr/share/smanager/themes/default/templates/partials/_lets_LIST.html.ep
View File

@@ -89,6 +89,8 @@
<br></span></p>
<h2 class='subh4'><%=l('lets_List_of_Domains_and_Hosts')%></h2>
% my $linkbtn = l 'lets_CHECK';
<br /><table class="sme-border TableSort sme-table tabl1 ">
<thead class='tabl1'>
@@ -106,6 +108,7 @@
<tbody class='tabl1'>
% my $control_data = $c->stash('DomainList');
% foreach my $row (@$control_data) {
% my $link = $c->render_to_string(inline=>$row->{'Table1-CHECK'});
<tr class='table-row'>
<td class='sme-border table-col table-col-Table1-Domain name / HOSTNAME'><%=$c->render_to_string(inline=>$row->{'Table1-Domain name / HOSTNAME'})%></td>
<td class='sme-border table-col table-col-Table1-Brief description'><%=$c->render_to_string(inline=>$row->{'Table1-Brief description'})%></td>
@@ -114,7 +117,11 @@
<td class='sme-border table-col table-col-Table1-LABEL_POINT'><%=$c->render_to_string(inline=>$row->{'Table1-LABEL_POINT'})%></td>
<td class='sme-border table-col table-col-Table1-LABEL_LECERT'><%=$c->render_to_string(inline=>$row->{'Table1-LABEL_LECERT'})%></td>
<td class='sme-border table-col table-col-Table1-IS_IN_CERT'><%=$c->render_to_string(inline=>$row->{'Table1-IS_IN_CERT'})%></td>
<td class='sme-border table-col table-col-Table1-CHECK'><%=$c->render_to_string(inline=>$row->{'Table1-CHECK'})%></td>
% if ($link ne "") {
<td><a href= "<%= $link %>" class="btn btn-outline-primary btn-sm" role="button" > <%= $linkbtn %></a></td>
% } else {
<td>&nbsp</td>
% }
</tr>
%}
</tbody>

19
smeserver-certificates.spec
View File

@@ -1,6 +1,6 @@
%define name smeserver-certificates
%define version 11.0
%define release 5
%define release 10
Summary: This is what smeserver-certificates does.
Name: %{name}
Version: %{version}
@@ -18,13 +18,28 @@ Requires: smeserver-release >= 11.0
Requires: q
Requires: jq
Requires: dehydrated >= 0.6.5
Requires: smeserver-manager >= 11.0.0-52
Requires: smeserver-manager >= 11.0.0-110
AutoReqProv: no
%description
%changelog
* Wed Sep 10 2025 Jean-Philippe Pialasse <jpp@koozali.org> 11.0-10.sme
- fix unexpected behaviour when item set as disabled [SME: 13136]
rewrite of 10Domains fragment
* Mon Aug 25 2025 John Crisp <jcrisp@safeandsoundit.co.uk> 11.0-8.sme
- Set KEY_ALGO default to rsa - thanks Knuddi [SME: 13109]
- bump server-manager version
* Fri Jun 27 2025 Brian Read <brianr@koozali.org> 11.0-7.sme
- Bring default theme into line with changes made for AdminLTE theme [SME: 13049]
* Tue Jun 17 2025 John Crisp <jcrisp@safeandsoundit.co.uk> 11.0-6.sme
- Remove formatting from controller file [SME: 13045]
- Add Domain/Host as Types for template checking [SME: 13045]
* Wed Jun 11 2025 Jean-Philippe Pialasse <jpp@koozali.org> 11.0-5.sme
- open esmith using UTF8 [SME: 13036]
rewrite smartmatches to grep