Commit c655e1a3 authored by Florian Schaal's avatar Florian Schaal

option to disable pre-check for LE (#4658)

parent 4338a06e
......@@ -89,6 +89,7 @@ php_ini_path_cgi=/etc/php5/cgi/php.ini
check_apache_config=y
enable_sni=y
enable_spdy=n
skip_le_check=n
enable_ip_wildcard=y
overtraffic_notify_admin=y
overtraffic_notify_client=y
......
......@@ -1228,6 +1228,15 @@ $form["tabs"]['web'] = array(
'width' => '40',
'maxlength' => '255'
),
'skip_le_check' => array (
'datatype' => 'VARCHAR',
'formtype' => 'CHECKBOX',
'default' => 'n',
'value' => array (
0 => 'n',
1 => 'y'
)
),
//#################################
// ENDE Datatable fields
//#################################
......
......@@ -281,4 +281,5 @@ $wb['xmpp_port_https_txt'] = 'HTTPS';
$wb['xmpp_port_pastebin_txt'] = 'Pastebin';
$wb['xmpp_port_bosh_txt'] = 'BOSH';
$wb['backup_time_txt'] = 'Backup time';
$wb['skip_le_check_txt'] = 'Skip Lets Encrypt Check';
?>
......@@ -281,4 +281,5 @@ $wb['xmpp_port_https_txt'] = 'HTTPS';
$wb['xmpp_port_pastebin_txt'] = 'Pastebin';
$wb['xmpp_port_bosh_txt'] = 'BOSH';
$wb['backup_time_txt'] = 'Backup time';
$wb['skip_le_check_txt'] = 'Skip Lets Encrypt Check';
?>
......@@ -281,4 +281,5 @@ $wb['xmpp_port_https_txt'] = 'HTTPS';
$wb['xmpp_port_pastebin_txt'] = 'Pastebin';
$wb['xmpp_port_bosh_txt'] = 'BOSH';
$wb['backup_time_txt'] = 'Hora do backup';
$wb['skip_le_check_txt'] = 'Skip Lets Encrypt Check';
?>
......@@ -281,4 +281,5 @@ $wb['xmpp_port_bosh_txt'] = 'BOSH';
$wb['disable_bind_log_txt'] = 'Disable bind9 messages for Loglevel WARN';
$wb['apps_vhost_enabled_txt'] = 'Apps-vhost enabled';
$wb['backup_time_txt'] = 'Backup time';
$wb['skip_le_check_txt'] = 'Skip Lets Encrypt Check';
?>
......@@ -281,4 +281,5 @@ $wb['hostname_txt'] = 'Název hostitele';
$wb['hostname_error_empty'] = 'Název hostitele je prázdný';
$wb['hostname_error_regex'] = 'Neplatný název hostitele.';
$wb['backup_time_txt'] = 'Spustit zálohovaní v';
$wb['skip_le_check_txt'] = 'Skip Lets Encrypt Check';
?>
......@@ -281,4 +281,5 @@ $wb['xmpp_port_http_txt'] = 'HTTP';
$wb['xmpp_port_https_txt'] = 'HTTPS';
$wb['xmpp_port_pastebin_txt'] = 'Pastebin';
$wb['xmpp_port_bosh_txt'] = 'BOSH';
$wb['skip_le_check_txt'] = 'Skip Lets Encrypt Check';
?>
......@@ -281,4 +281,5 @@ $wb['xmpp_port_pastebin_txt'] = 'Pastebin';
$wb['xmpp_port_bosh_txt'] = 'BOSH';
$wb['disable_bind_log_txt'] = 'Disable bind9 messages for Loglevel WARN';
$wb['apps_vhost_enabled_txt'] = 'Apps-vhost enabled';
$wb['skip_le_check_txt'] = 'Skip Lets Encrypt Check';
?>
......@@ -281,4 +281,5 @@ $wb['xmpp_port_https_txt'] = 'HTTPS';
$wb['xmpp_port_pastebin_txt'] = 'Pastebin';
$wb['xmpp_port_bosh_txt'] = 'BOSH';
$wb['backup_time_txt'] = 'Backup time';
$wb['skip_le_check_txt'] = 'Skip Lets Encrypt Check';
?>
......@@ -284,4 +284,5 @@ $wb['xmpp_port_pastebin_txt'] = 'Pastebin';
$wb['xmpp_port_bosh_txt'] = 'BOSH';
$wb["disable_bind_log_txt"] = "Disable bind9 messages for Loglevel WARN";
$wb["apps_vhost_enabled_txt"] = "Apps-vhost enabled";
$wb['skip_le_check_txt'] = 'Skip Lets Encrypt Check';
?>
......@@ -281,4 +281,5 @@ $wb['xmpp_server_admins_txt'] = 'Administradores del Servidor (JIDs)';
$wb['xmpp_server_txt'] = 'Servidor XMPP';
$wb['xmpp_use_ipv6_txt'] = 'Usar IPv6';
$wb['backup_time_txt'] = 'Backup time';
$wb['skip_le_check_txt'] = 'Skip Lets Encrypt Check';
?>
......@@ -281,4 +281,5 @@ $wb['xmpp_port_https_txt'] = 'HTTPS';
$wb['xmpp_port_pastebin_txt'] = 'Pastebin';
$wb['xmpp_port_bosh_txt'] = 'BOSH';
$wb['backup_time_txt'] = 'Backup time';
$wb['skip_le_check_txt'] = 'Skip Lets Encrypt Check';
?>
......@@ -281,4 +281,5 @@ $wb['xmpp_port_bosh_txt'] = 'BOSH';
$wb['disable_bind_log_txt'] = 'Disable bind9 messages for Loglevel WARN';
$wb['apps_vhost_enabled_txt'] = 'Apps-vhost enabled';
$wb['backup_time_txt'] = 'Backup time';
$wb['skip_le_check_txt'] = 'Skip Lets Encrypt Check';
?>
......@@ -281,4 +281,5 @@ $wb['xmpp_port_https_txt'] = 'HTTPS';
$wb['xmpp_port_pastebin_txt'] = 'Pastebin';
$wb['xmpp_port_bosh_txt'] = 'BOSH';
$wb['backup_time_txt'] = 'Backup time';
$wb['skip_le_check_txt'] = 'Skip Lets Encrypt Check';
?>
......@@ -281,4 +281,5 @@ $wb['xmpp_port_https_txt'] = 'HTTPS';
$wb['xmpp_port_pastebin_txt'] = 'Pastebin';
$wb['xmpp_port_bosh_txt'] = 'BOSH';
$wb['backup_time_txt'] = 'Backup time';
$wb['skip_le_check_txt'] = 'Skip Lets Encrypt Check';
?>
......@@ -281,4 +281,5 @@ $wb['xmpp_port_https_txt'] = 'HTTPS';
$wb['xmpp_port_pastebin_txt'] = 'Pastebin';
$wb['xmpp_port_bosh_txt'] = 'BOSH';
$wb['backup_time_txt'] = 'Backup time';
$wb['skip_le_check_txt'] = 'Skip Lets Encrypt Check';
?>
......@@ -281,4 +281,5 @@ $wb['xmpp_port_bosh_txt'] = 'BOSH';
$wb['disable_bind_log_txt'] = 'Disable bind9 messages for Loglevel WARN';
$wb['apps_vhost_enabled_txt'] = 'Apps-vhost enabled';
$wb['backup_time_txt'] = 'Backup time';
$wb['skip_le_check_txt'] = 'Skip Lets Encrypt Check';
?>
......@@ -281,4 +281,5 @@ $wb['xmpp_port_https_txt'] = 'HTTPS';
$wb['xmpp_port_pastebin_txt'] = 'Pastebin';
$wb['xmpp_port_bosh_txt'] = 'BOSH';
$wb['backup_time_txt'] = 'Backup time';
$wb['skip_le_check_txt'] = 'Skip Lets Encrypt Check';
?>
......@@ -281,4 +281,5 @@ $wb['xmpp_port_https_txt'] = 'HTTPS';
$wb['xmpp_port_pastebin_txt'] = 'Pastebin';
$wb['xmpp_port_bosh_txt'] = 'BOSH';
$wb['backup_time_txt'] = 'Backup time';
$wb['skip_le_check_txt'] = 'Skip Lets Encrypt Check';
?>
......@@ -281,4 +281,5 @@ $wb['xmpp_port_https_txt'] = 'HTTPS';
$wb['xmpp_port_pastebin_txt'] = 'Pastebin';
$wb['xmpp_port_bosh_txt'] = 'BOSH';
$wb['backup_time_txt'] = 'Backup time';
$wb['skip_le_check_txt'] = 'Skip Lets Encrypt Check';
?>
......@@ -281,4 +281,5 @@ $wb['xmpp_port_https_txt'] = 'HTTPS';
$wb['xmpp_port_pastebin_txt'] = 'Pastebin';
$wb['xmpp_port_bosh_txt'] = 'BOSH';
$wb['backup_time_txt'] = 'Backup time';
$wb['skip_le_check_txt'] = 'Skip Lets Encrypt Check';
?>
......@@ -281,4 +281,5 @@ $wb['xmpp_port_https_txt'] = 'HTTPS';
$wb['xmpp_port_pastebin_txt'] = 'Pastebin';
$wb['xmpp_port_bosh_txt'] = 'BOSH';
$wb['backup_time_txt'] = 'Backup time';
$wb['skip_le_check_txt'] = 'Skip Lets Encrypt Check';
?>
......@@ -281,4 +281,5 @@ $wb['xmpp_port_https_txt'] = 'HTTPS';
$wb['xmpp_port_pastebin_txt'] = 'Pastebin';
$wb['xmpp_port_bosh_txt'] = 'BOSH';
$wb['backup_time_txt'] = 'Время копирования';
$wb['skip_le_check_txt'] = 'Skip Lets Encrypt Check';
?>
......@@ -281,4 +281,5 @@ $wb['xmpp_port_https_txt'] = 'HTTPS';
$wb['xmpp_port_pastebin_txt'] = 'Pastebin';
$wb['xmpp_port_bosh_txt'] = 'BOSH';
$wb['backup_time_txt'] = 'Backup time';
$wb['skip_le_check_txt'] = 'Skip Lets Encrypt Check';
?>
......@@ -281,4 +281,5 @@ $wb['xmpp_port_https_txt'] = 'HTTPS';
$wb['xmpp_port_pastebin_txt'] = 'Pastebin';
$wb['xmpp_port_bosh_txt'] = 'BOSH';
$wb['backup_time_txt'] = 'Backup time';
$wb['skip_le_check_txt'] = 'Skip Lets Encrypt Check';
?>
......@@ -281,4 +281,5 @@ $wb['xmpp_port_pastebin_txt'] = 'Pastebin';
$wb['xmpp_port_bosh_txt'] = 'BOSH';
$wb['disable_bind_log_txt'] = 'Disable bind9 messages for Loglevel WARN';
$wb['apps_vhost_enabled_txt'] = 'Apps-vhost enabled';
$wb['skip_le_check_txt'] = 'Skip Lets Encrypt Check';
?>
......@@ -183,6 +183,10 @@
<div class="form-group">
<label for="CA_pass" class="col-sm-3 control-label">{tmpl_var name='CA_pass_txt'}</label>
<div class="col-sm-9"><input type="password" name="CA_pass" id="CA_pass" value="{tmpl_var name='CA_pass'}" autocomplete="new-password" class="form-control" /></div></div>
<div class="form-group">
<label class="col-sm-3 control-label"><tmpl_var name="skip_le_check_txt"></label>
<div class="col-sm-9"><tmpl_var name="skip_le_check"></div>
</div>
<!-- End content -->
</div>
</div>
......
......@@ -1226,12 +1226,16 @@ class apache2_plugin {
$le_domains = array();
foreach($temp_domains as $temp_domain) {
$le_hash_check = trim(@file_get_contents('http://' . $temp_domain . '/.well-known/acme-challenge/' . $le_rnd_file));
if($le_hash_check == $le_rnd_hash) {
if(isset($web_config['skip_le_check']) && $web_config['skip_le_check'] == 'y') {
$le_domains[] = $temp_domain;
$app->log("Verified domain " . $temp_domain . " should be reachable for letsencrypt.", LOGLEVEL_DEBUG);
} else {
$app->log("Could not verify domain " . $temp_domain . ", so excluding it from letsencrypt request.", LOGLEVEL_WARN);
$le_hash_check = trim(@file_get_contents('http://' . $temp_domain . '/.well-known/acme-challenge/' . $le_rnd_file));
if($le_hash_check == $le_rnd_hash) {
$le_domains[] = $temp_domain;
$app->log("Verified domain " . $temp_domain . " should be reachable for letsencrypt.", LOGLEVEL_DEBUG);
} else {
$app->log("Could not verify domain " . $temp_domain . ", so excluding it from letsencrypt request.", LOGLEVEL_WARN);
}
}
}
$temp_domains = $le_domains;
......
......@@ -1299,12 +1299,16 @@ class nginx_plugin {
$le_domains = array();
foreach($temp_domains as $temp_domain) {
$le_hash_check = trim(@file_get_contents('http://' . $temp_domain . '/.well-known/acme-challenge/' . $le_rnd_file));
if($le_hash_check == $le_rnd_hash) {
if(isset($web_config['skip_le_check']) && $web_config['skip_le_check'] == 'y') {
$le_domains[] = $temp_domain;
$app->log("Verified domain " . $temp_domain . " should be reachable for letsencrypt.", LOGLEVEL_DEBUG);
} else {
$app->log("Could not verify domain " . $temp_domain . ", so excluding it from letsencrypt request.", LOGLEVEL_WARN);
$le_hash_check = trim(@file_get_contents('http://' . $temp_domain . '/.well-known/acme-challenge/' . $le_rnd_file));
if($le_hash_check == $le_rnd_hash) {
$le_domains[] = $temp_domain;
$app->log("Verified domain " . $temp_domain . " should be reachable for letsencrypt.", LOGLEVEL_DEBUG);
} else {
$app->log("Could not verify domain " . $temp_domain . ", so excluding it from letsencrypt request.", LOGLEVEL_WARN);
}
}
}
$temp_domains = $le_domains;
......
Markdown is supported
0% or
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment