mirror of
https://github.com/bunkerity/bunkerized-nginx
synced 2023-12-13 21:30:18 +01:00
Fix customcert plugin
This commit is contained in:
parent
63f4e44c61
commit
b8d89fe79a
3 changed files with 15 additions and 8 deletions
|
@ -1,12 +1,15 @@
|
|||
{% set os_path = import("os.path") %}
|
||||
{% if USE_CUSTOM_SSL == "yes" and os_path.isfile("/data/cache/customcert/{}".format(CUSTOM_SSL_CERT.replace("/", "_"))) and os_path.isfile("/data/cache/customcert/{}".format(CUSTOM_SSL_KEY.replace("/", "_"))) +%}
|
||||
{% set cert_file_path = "/data/cache/customcert/{}".format(CUSTOM_SSL_CERT.replace("/", "_")) %}
|
||||
{% set key_file_path = "/data/cache/customcert/{}".format(CUSTOM_SSL_KEY.replace("/", "_")) %}
|
||||
|
||||
{% if USE_CUSTOM_SSL == "yes" and os_path.isfile(cert_file_path) and os_path.isfile(key_file_path) +%}
|
||||
|
||||
# listen on HTTPS PORT
|
||||
listen 0.0.0.0:{{ HTTPS_PORT }} ssl {% if HTTP2 == "yes" %}http2{% endif %} {% if USE_PROXY_PROTOCOL == "yes" %}proxy_protocol{% endif %};
|
||||
|
||||
# TLS config
|
||||
ssl_certificate {{ CUSTOM_SSL_CERT }};
|
||||
ssl_certificate_key {{ CUSTOM_SSL_KEY }};
|
||||
ssl_certificate {{ cert_file_path }};
|
||||
ssl_certificate_key {{ key_file_path }};
|
||||
ssl_protocols {{ SSL_PROTOCOLS }};
|
||||
ssl_prefer_server_ciphers on;
|
||||
ssl_session_tickets off;
|
||||
|
|
|
@ -1,12 +1,15 @@
|
|||
{% set os_path = import("os.path") %}
|
||||
{% if USE_CUSTOM_SSL == "yes" and os_path.isfile(CUSTOM_SSL_CERT) and os_path.isfile(CUSTOM_SSL_KEY) +%}
|
||||
{% set cert_file_path = "/data/cache/customcert/{}".format(CUSTOM_SSL_CERT.replace("/", "_")) %}
|
||||
{% set key_file_path = "/data/cache/customcert/{}".format(CUSTOM_SSL_KEY.replace("/", "_")) %}
|
||||
|
||||
{% if USE_CUSTOM_SSL == "yes" and os_path.isfile(cert_file_path) and os_path.isfile(key_file_path) +%}
|
||||
|
||||
# listen
|
||||
listen 0.0.0.0:{{ LISTEN_STREAM_PORT_SSL }} ssl {% if USE_UDP == "yes" %} udp {% endif %}{% if USE_PROXY_PROTOCOL == "yes" %} proxy_protocol {% endif %};
|
||||
|
||||
# TLS config
|
||||
ssl_certificate {{ CUSTOM_SSL_CERT }};
|
||||
ssl_certificate_key {{ CUSTOM_SSL_KEY }};
|
||||
ssl_certificate {{ cert_file_path }};
|
||||
ssl_certificate_key {{ key_file_path }};
|
||||
ssl_protocols {{ SSL_PROTOCOLS }};
|
||||
ssl_prefer_server_ciphers on;
|
||||
ssl_session_tickets off;
|
||||
|
|
|
@ -1,6 +1,7 @@
|
|||
#!/usr/bin/python3
|
||||
|
||||
from os import getenv
|
||||
from os.path import basename
|
||||
from pathlib import Path
|
||||
from shutil import copy
|
||||
from sys import exit as sys_exit, path as sys_path
|
||||
|
@ -85,7 +86,7 @@ def check_cert(cert_path, key_path, first_server: Optional[str] = None) -> bool:
|
|||
err = db.update_job_cache(
|
||||
"custom-cert",
|
||||
first_server,
|
||||
key_cache_path.replace(".hash", "").split("/")[-1],
|
||||
basename(key_cache_path.replace(".hash", "")),
|
||||
Path(key_path).read_bytes(),
|
||||
checksum=key_hash,
|
||||
)
|
||||
|
@ -99,7 +100,7 @@ def check_cert(cert_path, key_path, first_server: Optional[str] = None) -> bool:
|
|||
err = db.update_job_cache(
|
||||
"custom-cert",
|
||||
first_server,
|
||||
cert_cache_path.replace(".hash", "").split("/")[-1],
|
||||
basename(cert_cache_path.replace(".hash", "")),
|
||||
Path(cert_path).read_bytes(),
|
||||
checksum=cert_hash,
|
||||
)
|
||||
|
|
Loading…
Reference in a new issue