Skip to content

Commit

Permalink
added the ability to renew certs and view their expiration dates
Browse files Browse the repository at this point in the history
  • Loading branch information
@adrum
adrum committed Dec 20, 2023
1 parent c4fb099 commit eec8d5f
Show file tree
Hide file tree
Showing 2 changed files with 57 additions and 8 deletions.
17 changes: 14 additions & 3 deletions cli/Valet/Site.php
View file
Original file line number Diff line number Diff line change
Expand Up @@ -2,6 +2,7 @@

namespace Valet;

use DateTime;
use DomainException;
use Illuminate\Support\Collection;
use PhpFpm;
Expand Down Expand Up @@ -423,15 +424,25 @@ public function replaceOldLoopbackWithNew(string $siteConf, string $old, string
}

/**
* Get all of the URLs that are currently secured.
* Get all of the URLs with expiration dates that are currently secured.
*/
public function secured(): array
{
return collect($this->files->scandir($this->certificatesPath()))
->filter(function ($file) {
return ends_with($file, ['.key', '.csr', '.crt', '.conf']);
return ends_with($file, ['.crt']);
})->map(function ($file) {
return str_replace(['.key', '.csr', '.crt', '.conf'], '', $file);

$host = str_replace(['.crt'], '', $file);

$filePath = $this->certificatesPath() . '/' . $file;

$expiration = $this->cli->run("openssl x509 -enddate -noout -in $filePath");

return [
'host' => $host,
'exp' => new DateTime(str_replace('notAfter=', '', $expiration)),
];
})->unique()->values()->all();
}

Expand Down
48 changes: 43 additions & 5 deletions cli/app.php
View file
Original file line number Diff line number Diff line change
Expand Up @@ -278,13 +278,51 @@ function (ConsoleCommandEvent $event) {
/**
* Display all of the currently secured sites.
*/
$app->command('secured', function (OutputInterface $output) {
$sites = collect(Site::secured())->map(function ($url) {
return ['Site' => $url];
$app->command('secured [--expiring] [--days=]', function (OutputInterface $output, $expiring = null, $days = 60) {
$now = (new Datetime())->add(new DateInterval('P' . $days . 'D'));
$sites = collect(Site::secured())
->when($expiring, fn ($collection) => $collection->filter(fn ($row) => $row['exp'] < $now))
->map(function ($row) {
return [
'Site' => $row['host'],
'Valid Until' => $row['exp']->format('Y-m-d H:i:s T'),
];
})
->when($expiring, fn ($collection) => $collection->sortBy('Valid Until'));

return table(['Site', 'Valid Until'], $sites->all());
})->descriptions('Display all of the currently secured sites', [
'--expiring' => 'Limits the results to only sites expiring within the next 60 days.',
'--days' => 'To be used with --expiring. Limits the results to only sites expiring within the next X days. Default is set to 60.',
]);

/**
* Renews expired or expiring (within 60 days) domains with a trusted TLS certificate.
*/
$app->command('renew [--expireIn=] [--days=]', function (OutputInterface $output, $expireIn = 368, $days = 60) {
$now = (new DateTime())->add(new DateInterval('P' . $days . 'D'));
// Update anything expiring in the next 60 days
$sites = collect(Site::secured())
->filter(fn ($row) => $row['exp'] < $now)
->values();
if ($sites->isEmpty()) {
info('No sites need renewing.');
exit;
}
$sites->each(function ($row) use ($expireIn) {
$url = Site::domain($row['host']);

Site::unsecure($url);
Site::secure($url, null, $expireIn);

info('The [' . $url . '] site has been secured with a fresh TLS certificate.');
});

table(['Site'], $sites->all());
})->descriptions('Display all of the currently secured sites');
Nginx::restart();
})->descriptions('Renews expired or expiring (within 60 days) domains with a trusted TLS certificate.', [
'--expireIn' => 'The amount of days the self signed certificate is valid for. Default is set to "368"',
'--days' => 'Renews sites expiring within the next X days. Default is set to 60.',
]);

/**
* Create an Nginx proxy config for the specified domain.
Expand Down

0 comments on commit eec8d5f

Please sign in to comment.