Start9/start-os
2
0
Fork 0
mirror of https://github.com/Start9Labs/start-os.git synced 2026-03-26 02:11:53 +00:00
Code Issues Packages Projects Releases Wiki Activity

appmgr: bugfix: use fullchain cert

Browse Source
This commit is contained in:
Aiden McClelland
2021-02-24 16:23:48 -07:00
committed by Aiden McClelland
parent c52f75c9e3
commit ee1c66d0c2
3 changed files with 28 additions and 1 deletions
Download Patch File Download Diff File Expand all files Collapse all files

2
appmgr/src/nginx-standard.conf.template
View File

@@ -1,7 +1,7 @@
server {{
listen 443 ssl;
server_name {hostname}.local;
ssl_certificate /root/appmgr/apps/{app_id}/cert-local.crt.pem;
ssl_certificate /root/appmgr/apps/{app_id}/cert-local.fullchain.crt.pem;
ssl_certificate_key /root/appmgr/apps/{app_id}/cert-local.key.pem;
location / {{
proxy_pass http://{app_ip}:{internal_port}/;

26
appmgr/src/tor.rs
View File

@@ -302,6 +302,32 @@ pub async fn write_lan_services(hidden_services: &ServicesMap) -> Result<(), Err
.invoke("OpenSSL GenKey")
.await?;
}
let fullchain_path = base_path.join("cert-local.fullchain.crt.pem");
if !fullchain_path.exists().await {
let mut fullchain_file = fullchain_path.write(None).await?;
tokio::io::copy(
&mut tokio::fs::File::open(&cert_path).await?,
&mut *fullchain_file,
)
.await?;
tokio::io::copy(
&mut tokio::fs::File::open(
"/root/agent/ca/intermediate/certs/embassy-int-ca.crt.pem",
)
.await?,
&mut *fullchain_file,
)
.await?;
tokio::io::copy(
&mut tokio::fs::File::open(
"/root/agent/ca/certs/embassy-int-ca.crt.pem",
)
.await?,
&mut *fullchain_file,
)
.await?;
fullchain_file.commit().await?;
}
f.write_all(
format!(
include_str!("nginx-standard.conf.template"),

1
appmgr/src/util.rs
View File

@@ -137,6 +137,7 @@ impl PersistenceFile {
if let Some(mut file) = self.file.take() {
file.flush().await?;
file.shutdown().await?;
file.sync_all().await?;
drop(file);
}
if let Some(path) = self.needs_commit.take() {