From 367c6faab131c38d755188aaf01f3a21fe43bef4 Mon Sep 17 00:00:00 2001 From: Kirtan Gajjar Date: Tue, 14 Aug 2018 13:15:26 +0530 Subject: [PATCH 01/10] Correct --ssl flag behaviour Signed-off-by: Kirtan Gajjar --- src/Site_Command.php | 47 +++++++++++++++++++++++++++++++------------- 1 file changed, 33 insertions(+), 14 deletions(-) diff --git a/src/Site_Command.php b/src/Site_Command.php index a78f2976..8a373c13 100644 --- a/src/Site_Command.php +++ b/src/Site_Command.php @@ -43,9 +43,14 @@ class Site_Command extends EE_Site_Command { private $logger; /** - * @var bool $le Whether the site is letsencrypt or not. + * @var bool $ssl Whether the site is has SSL enabled. */ - private $le; + private $ssl; + + /** + * @var bool $ssl_wildcard Whether the site SSL is wildcard. + */ + private $ssl_wildcard; /** * @var bool $skip_chk To skip site status check pre-installation. @@ -86,9 +91,11 @@ public function __construct() { * * : Name of website. * - * [--letsencrypt] + * [--ssl=] * : Enables ssl via letsencrypt certificate. * + * [--wildcard] + * : Gets wildcard SSL . * [--type=] * : Type of the site to be created. Values: html,php,wp. * @@ -111,8 +118,9 @@ public function create( $args, $assoc_args ) { EE::error( sprintf( "Site %1\$s already exists. If you want to re-create it please delete the older one using:\n`ee site delete %1\$s`", $this->site['name'] ) ); } - $this->le = EE\Utils\get_flag_value( $assoc_args, 'letsencrypt' ); - $this->skip_chk = EE\Utils\get_flag_value( $assoc_args, 'skip-status-check' ); + $this->ssl = EE\Utils\get_flag_value( $assoc_args, 'ssl' ); + $this->ssl_wildcard = EE\Utils\get_flag_value( $assoc_args, 'wildcard' ); + $this->skip_chk = EE\Utils\get_flag_value( $assoc_args, 'skip-status-check' ); EE\SiteUtils\init_checks(); @@ -135,14 +143,18 @@ public function info( $args, $assoc_args ) { $args = EE\SiteUtils\auto_site_name( $args, $this->command, __FUNCTION__ ); $this->populate_site_info( $args ); } - $ssl = $this->le ? 'Enabled' : 'Not Enabled'; - $prefix = ( $this->le ) ? 'https://' : 'http://'; + $ssl = $this->ssl ? 'Enabled' : 'Not Enabled'; + $prefix = ( $this->ssl ) ? 'https://' : 'http://'; $info = [ [ 'Site', $prefix . $this->site['name'] ], [ 'Site Root', $this->site['root'] ], [ 'SSL', $ssl ], ]; + if ( $this->ssl ) { + $info[] = [ 'SSL Wildcard', $this->ssl_wildcard ? 'Yes': 'No' ]; + } + EE\Utils\format_table( $info ); EE\Utils\delem_log( 'site info end' ); @@ -166,7 +178,6 @@ private function configure_site_files() { $filter = []; $filter[] = $this->site['type']; - $filter[] = $this->le; $site_docker = new Site_Docker(); $docker_compose_content = $site_docker->generate_docker_compose_yml( $filter ); $default_conf_content = $default_conf_content = EE\Utils\mustache_render( SITE_TEMPLATE_ROOT . '/config/nginx/default.conf.mustache', [ 'server_name' => $this->site['name'] ] ); @@ -193,7 +204,7 @@ private function configure_site_files() { $this->fs->mkdir( $site_src_dir ); $this->fs->dumpFile( $site_src_dir . '/index.html', $index_html ); - EE\Siteutils\add_site_redirects( $this->site['name'], $this->le ); + EE\Siteutils\add_site_redirects( $this->site['name'], $this->ssl ); EE::success( 'Configuration files copied.' ); } catch ( Exception $e ) { @@ -225,9 +236,14 @@ private function create_site() { } catch ( Exception $e ) { $this->catch_clean( $e ); } - - if ( $this->le ) { - $this->init_le( $this->site['name'], $this->site['root'], false ); + EE::debug( 'Starting SSL procedure' ); + + if ( 'le' === $this->ssl ) { + EE::debug( 'Initializing LE' ); + $this->init_le( $this->site['name'], $this->site['root'], $this->ssl_wildcard ); + } elseif ( 'inherit' === $this->ssl ) { + EE::debug( 'Inheriting certs' ); + $this->inherit_certs( $this->site['name'], $this->ssl_wildcard ); } $this->info( [ $this->site['name'] ], [] ); $this->create_site_db_entry(); @@ -238,13 +254,15 @@ private function create_site() { */ private function create_site_db_entry() { - $ssl = $this->le ? 1 : 0; + $ssl = $this->ssl ? 1 : 0; + $ssl_wildcard = $this->ssl_wildcard ? 1 : 0; $data = [ 'sitename' => $this->site['name'], 'site_type' => $this->site['type'], 'site_path' => $this->site['root'], 'site_command' => $this->command, 'is_ssl' => $ssl, + 'site_ssl_wildcard' => $ssl_wildcard, 'created_on' => date( 'Y-m-d H:i:s', time() ), ]; @@ -272,7 +290,8 @@ private function populate_site_info( $args ) { $this->site['type'] = $db_select['site_type']; $this->site['root'] = $db_select['site_path']; - $this->le = $db_select['is_ssl']; + $this->ssl = $db_select['is_ssl']; + $this->ssl_wildcard = $db_select['site_ssl_wildcard']; } else { EE::error( sprintf( 'Site %s does not exist.', $this->site['name'] ) ); From 83cffb5d02185c7bacc7fe21e849a1669e294432 Mon Sep 17 00:00:00 2001 From: Kirtan Gajjar Date: Tue, 14 Aug 2018 17:01:37 +0530 Subject: [PATCH 02/10] Add error on incorrect --ssl param value Signed-off-by: Kirtan Gajjar --- src/Site_Command.php | 2 ++ 1 file changed, 2 insertions(+) diff --git a/src/Site_Command.php b/src/Site_Command.php index 8a373c13..8d71c6ec 100644 --- a/src/Site_Command.php +++ b/src/Site_Command.php @@ -244,6 +244,8 @@ private function create_site() { } elseif ( 'inherit' === $this->ssl ) { EE::debug( 'Inheriting certs' ); $this->inherit_certs( $this->site['name'], $this->ssl_wildcard ); + } else { + EE::error( "Unrecognized value in --ssl flag: $this->ssl" ); } $this->info( [ $this->site['name'] ], [] ); $this->create_site_db_entry(); From 4f6fa35d83b71abbd65f34c95400fa091b3a7709 Mon Sep 17 00:00:00 2001 From: Kirtan Gajjar Date: Fri, 17 Aug 2018 16:36:41 +0530 Subject: [PATCH 03/10] Correct redirect block placement Signed-off-by: Kirtan Gajjar --- src/Site_Command.php | 5 +++-- 1 file changed, 3 insertions(+), 2 deletions(-) diff --git a/src/Site_Command.php b/src/Site_Command.php index 8d71c6ec..7e774664 100644 --- a/src/Site_Command.php +++ b/src/Site_Command.php @@ -204,8 +204,6 @@ private function configure_site_files() { $this->fs->mkdir( $site_src_dir ); $this->fs->dumpFile( $site_src_dir . '/index.html', $index_html ); - EE\Siteutils\add_site_redirects( $this->site['name'], $this->ssl ); - EE::success( 'Configuration files copied.' ); } catch ( Exception $e ) { $this->catch_clean( $e ); @@ -247,6 +245,9 @@ private function create_site() { } else { EE::error( "Unrecognized value in --ssl flag: $this->ssl" ); } + + EE\Siteutils\add_site_redirects( $this->site['name'], $this->ssl ); + $this->info( [ $this->site['name'] ], [] ); $this->create_site_db_entry(); } From 7194812fe912625e47d3158226c8b828f22c0f2f Mon Sep 17 00:00:00 2001 From: Kirtan Gajjar Date: Tue, 21 Aug 2018 18:37:26 +0530 Subject: [PATCH 04/10] Correct case of SiteUtils namespace Signed-off-by: Kirtan Gajjar --- src/Site_Command.php | 8 ++++---- 1 file changed, 4 insertions(+), 4 deletions(-) diff --git a/src/Site_Command.php b/src/Site_Command.php index 7e774664..96e58fde 100644 --- a/src/Site_Command.php +++ b/src/Site_Command.php @@ -218,15 +218,15 @@ private function create_site() { $this->site['root'] = WEBROOT . $this->site['name']; $this->level = 1; try { - EE\Siteutils\create_site_root( $this->site['root'], $this->site['name'] ); + EE\SiteUtils\create_site_root( $this->site['root'], $this->site['name'] ); $this->level = 2; - EE\Siteutils\setup_site_network( $this->site['name'] ); + EE\SiteUtils\setup_site_network( $this->site['name'] ); $this->level = 3; $this->configure_site_files(); - EE\Siteutils\start_site_containers( $this->site['root'] ); + EE\SiteUtils\start_site_containers( $this->site['root'] ); - EE\Siteutils\create_etc_hosts_entry( $this->site['name'] ); + EE\SiteUtils\create_etc_hosts_entry( $this->site['name'] ); if ( ! $this->skip_chk ) { $this->level = 4; EE\Siteutils\site_status_check( $this->site['name'] ); From 5f4ae99e1e9f28d0d378b7e6c06af2fd37ed5e56 Mon Sep 17 00:00:00 2001 From: Kirtan Gajjar Date: Tue, 21 Aug 2018 18:50:55 +0530 Subject: [PATCH 05/10] Correct SSL and site redirection logic. Signed-off-by: Kirtan Gajjar --- src/Site_Command.php | 33 +++++++++++++++++++-------------- 1 file changed, 19 insertions(+), 14 deletions(-) diff --git a/src/Site_Command.php b/src/Site_Command.php index 96e58fde..6c9f0563 100644 --- a/src/Site_Command.php +++ b/src/Site_Command.php @@ -229,24 +229,29 @@ private function create_site() { EE\SiteUtils\create_etc_hosts_entry( $this->site['name'] ); if ( ! $this->skip_chk ) { $this->level = 4; - EE\Siteutils\site_status_check( $this->site['name'] ); + EE\SiteUtils\site_status_check( $this->site['name'] ); + } + + /* + * This adds http www redirection which is needed for issuing cert for a site. + * i.e. when you create example.com site, certs are issued for example.com and www.example.com + * + * We're issuing certs for both domains as it is needed in order to perform redirection of + * https://www.example.com -> https://example.com + * + * We add redirection config two times in case of ssl as we need http redirection + * when certs are being requested and http+https redirection after we have certs. + */ + EE\SiteUtils\add_site_redirects( $this->site['name'], false ); + EE\SiteUtils\reload_proxy_configuration(); + if ( $this->ssl ) { + $this->init_ssl( $this->site['name'], $this->site['root'], $this->ssl, $this->ssl_wildcard ); + EE\SiteUtils\add_site_redirects( $this->site['name'], true ); + EE\SiteUtils\reload_proxy_configuration(); } } catch ( Exception $e ) { $this->catch_clean( $e ); } - EE::debug( 'Starting SSL procedure' ); - - if ( 'le' === $this->ssl ) { - EE::debug( 'Initializing LE' ); - $this->init_le( $this->site['name'], $this->site['root'], $this->ssl_wildcard ); - } elseif ( 'inherit' === $this->ssl ) { - EE::debug( 'Inheriting certs' ); - $this->inherit_certs( $this->site['name'], $this->ssl_wildcard ); - } else { - EE::error( "Unrecognized value in --ssl flag: $this->ssl" ); - } - - EE\Siteutils\add_site_redirects( $this->site['name'], $this->ssl ); $this->info( [ $this->site['name'] ], [] ); $this->create_site_db_entry(); From 92fc974d519f29716707439e68ea814b62709ef8 Mon Sep 17 00:00:00 2001 From: Kirtan Gajjar Date: Tue, 21 Aug 2018 20:22:38 +0530 Subject: [PATCH 06/10] Add inherit argument Signed-off-by: Kirtan Gajjar --- src/Site_Command.php | 5 +++-- 1 file changed, 3 insertions(+), 2 deletions(-) diff --git a/src/Site_Command.php b/src/Site_Command.php index 6c9f0563..5930e263 100644 --- a/src/Site_Command.php +++ b/src/Site_Command.php @@ -242,11 +242,12 @@ private function create_site() { * We add redirection config two times in case of ssl as we need http redirection * when certs are being requested and http+https redirection after we have certs. */ - EE\SiteUtils\add_site_redirects( $this->site['name'], false ); + EE\SiteUtils\add_site_redirects( $this->site['name'], false, 'inherit' === $this->ssl ); EE\SiteUtils\reload_proxy_configuration(); + if ( $this->ssl ) { $this->init_ssl( $this->site['name'], $this->site['root'], $this->ssl, $this->ssl_wildcard ); - EE\SiteUtils\add_site_redirects( $this->site['name'], true ); + EE\SiteUtils\add_site_redirects( $this->site['name'], true, 'inherit' === $this->ssl ); EE\SiteUtils\reload_proxy_configuration(); } } catch ( Exception $e ) { From c5eb301daf9785e32ac39ff96c334f869f7f48c1 Mon Sep 17 00:00:00 2001 From: Kirtan Gajjar Date: Tue, 21 Aug 2018 22:13:14 +0530 Subject: [PATCH 07/10] Replace site['name'] with site['url'] Signed-off-by: Kirtan Gajjar --- src/Site_Command.php | 6 +++--- 1 file changed, 3 insertions(+), 3 deletions(-) diff --git a/src/Site_Command.php b/src/Site_Command.php index 1dd1d33e..0aef98a7 100644 --- a/src/Site_Command.php +++ b/src/Site_Command.php @@ -231,12 +231,12 @@ private function create_site() { * We add redirection config two times in case of ssl as we need http redirection * when certs are being requested and http+https redirection after we have certs. */ - EE\SiteUtils\add_site_redirects( $this->site['name'], false, 'inherit' === $this->ssl ); + EE\SiteUtils\add_site_redirects( $this->site['url'], false, 'inherit' === $this->ssl ); EE\SiteUtils\reload_proxy_configuration(); if ( $this->ssl ) { - $this->init_ssl( $this->site['name'], $this->site['root'], $this->ssl, $this->ssl_wildcard ); - EE\SiteUtils\add_site_redirects( $this->site['name'], true, 'inherit' === $this->ssl ); + $this->init_ssl( $this->site['url'], $this->site['root'], $this->ssl, $this->ssl_wildcard ); + EE\SiteUtils\add_site_redirects( $this->site['url'], true, 'inherit' === $this->ssl ); EE\SiteUtils\reload_proxy_configuration(); } } catch ( Exception $e ) { From 9a6081d430370337be4030d72e442a0c929a974a Mon Sep 17 00:00:00 2001 From: Kirtan Gajjar Date: Tue, 21 Aug 2018 22:18:28 +0530 Subject: [PATCH 08/10] Remove site_command Signed-off-by: Kirtan Gajjar --- src/Site_Command.php | 1 - 1 file changed, 1 deletion(-) diff --git a/src/Site_Command.php b/src/Site_Command.php index 0aef98a7..1074ef77 100644 --- a/src/Site_Command.php +++ b/src/Site_Command.php @@ -259,7 +259,6 @@ private function create_site_db_entry() { 'site_url' => $this->site['url'], 'site_type' => $this->site['type'], 'site_fs_path' => $this->site['root'], - 'site_command' => $this->command, 'site_ssl' => $ssl, 'site_ssl_wildcard' => $ssl_wildcard, 'created_on' => date( 'Y-m-d H:i:s', time() ), From 5e14dea7fdcd7cfa80b2d8d7f1a62260add972e1 Mon Sep 17 00:00:00 2001 From: Kirtan Gajjar Date: Tue, 21 Aug 2018 22:39:31 +0530 Subject: [PATCH 09/10] Correct ssl flag Signed-off-by: Kirtan Gajjar --- features/redirect.feature | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/features/redirect.feature b/features/redirect.feature index 273e3dbb..73d7d245 100644 --- a/features/redirect.feature +++ b/features/redirect.feature @@ -17,7 +17,7 @@ Feature: Site Redirection | Location: http://www.example1.test/ | Scenario: no_www-ssl redirection works properly - When I run 'sudo bin/ee site create example2.test --le --le-mail=test@test.com --skip-status-check' + When I run 'sudo bin/ee site create example2.test --ssl=le --skip-status-check' Then After delay of 5 seconds Then Request on 'localhost' with header 'Host: www.example2.test' should contain following headers: | header | @@ -29,7 +29,7 @@ Feature: Site Redirection | Location: https://example2.test/ | Scenario: www-ssl redirection works properly - When I run 'sudo bin/ee site create www.example3.test --le --le-mail=test@test.com --skip-status-check' + When I run 'sudo bin/ee site create www.example3.test --ssl=le --skip-status-check' Then After delay of 5 seconds Then Request on 'localhost' with header 'Host: example3.test' should contain following headers: | header | From 04899d5734eecd7753a9cb3697e5752b24cc8281 Mon Sep 17 00:00:00 2001 From: Kirtan Gajjar Date: Wed, 22 Aug 2018 11:35:25 +0530 Subject: [PATCH 10/10] Add le-email in config Signed-off-by: Kirtan Gajjar --- features/bootstrap/FeatureContext.php | 2 ++ 1 file changed, 2 insertions(+) diff --git a/features/bootstrap/FeatureContext.php b/features/bootstrap/FeatureContext.php index bec661c4..b9553169 100644 --- a/features/bootstrap/FeatureContext.php +++ b/features/bootstrap/FeatureContext.php @@ -65,6 +65,8 @@ public function __construct() { $this->commands = []; $this->ee_path = getcwd(); + $config_contents = \Mustangostang\Spyc::YAMLDump(['le-mail' => 'abc@example.com']); + file_put_contents( EE_CONF_ROOT . '/config.yml', $config_contents ); } /**