mirror of
https://github.com/Ylianst/MeshCentral.git
synced 2024-12-24 22:25:52 -05:00
Added extra checking for Let's Encrypt NodeJS version.
This commit is contained in:
parent
8573d45753
commit
2ab89dc8a9
@ -25,8 +25,9 @@ module.exports.CreateLetsEncrypt = function (parent) {
|
|||||||
parent.debug('cert', "Initializing Let's Encrypt support, using GreenLock v" + greenLockVersion);
|
parent.debug('cert', "Initializing Let's Encrypt support, using GreenLock v" + greenLockVersion);
|
||||||
}
|
}
|
||||||
|
|
||||||
// Check the current node version
|
// Check the current node version and support for generateKeyPair
|
||||||
if (Number(process.version.match(/^v(\d+\.\d+)/)[1]) < 8) { return null; }
|
if (require('crypto').generateKeyPair == null) { return null; }
|
||||||
|
if (Number(process.version.match(/^v(\d+\.\d+)/)[1]) < 10) { return null; }
|
||||||
|
|
||||||
// Try to delete the "./ursa-optional" or "./node_modules/ursa-optional" folder if present.
|
// Try to delete the "./ursa-optional" or "./node_modules/ursa-optional" folder if present.
|
||||||
// This is an optional module that GreenLock uses that causes issues.
|
// This is an optional module that GreenLock uses that causes issues.
|
||||||
@ -217,59 +218,12 @@ module.exports.CreateLetsEncrypt = function (parent) {
|
|||||||
|
|
||||||
// Check if we need to renew the certificate, call this every day.
|
// Check if we need to renew the certificate, call this every day.
|
||||||
obj.checkRenewCertificate = function () {
|
obj.checkRenewCertificate = function () {
|
||||||
obj.certCheckStart = Date.now();
|
parent.debug('cert', "Checking certificate for " + obj.leDomains[0] + " (" + (obj.runAsProduction ? "Production" : "Staging") + ")");
|
||||||
|
|
||||||
// Check if there is anything in the let's encrypt folder
|
|
||||||
var somethingIsinFolder = false;
|
|
||||||
try {
|
|
||||||
var filesinFolder = require('fs').readdirSync(obj.runAsProduction ? obj.configPath : obj.configPathStaging);
|
|
||||||
somethingIsinFolder = (filesinFolder.indexOf(obj.runAsProduction ? 'live' : 'staging') != -1);
|
|
||||||
} catch (ex) { console.log(ex); }
|
|
||||||
|
|
||||||
// Setup renew options
|
// Setup renew options
|
||||||
|
obj.certCheckStart = Date.now();
|
||||||
const xle = (obj.runAsProduction === true) ? obj.le : obj.leStaging;
|
const xle = (obj.runAsProduction === true) ? obj.le : obj.leStaging;
|
||||||
var renewOptions = { servername: obj.leDomains[0], altnames: obj.leDomains };
|
var renewOptions = { servername: obj.leDomains[0], altnames: obj.leDomains };
|
||||||
|
|
||||||
// Add the domains
|
|
||||||
if (somethingIsinFolder == false) {
|
|
||||||
try {
|
|
||||||
var addOptions = { subject: obj.leDomains[0], altnames: obj.leDomains };
|
|
||||||
parent.debug('cert', "Adding domains: " + JSON.stringify(addOptions));
|
|
||||||
xle.add(addOptions);
|
|
||||||
} catch (ex) {
|
|
||||||
parent.debug('cert', "add certificate exception: (" + JSON.stringify(ex) + ")");
|
|
||||||
console.log(ex);
|
|
||||||
}
|
|
||||||
}
|
|
||||||
|
|
||||||
/*
|
|
||||||
if (somethingIsinFolder == false) {
|
|
||||||
parent.debug('cert', "Getting certificate for " + obj.leDomains[0] + " (" + (obj.runAsProduction ? "Production" : "Staging") + ")");
|
|
||||||
xle.get({ servername: obj.leDomains[0] })
|
|
||||||
.then(function (results) {
|
|
||||||
if ((results == null) || (typeof results != 'object') || (results.length == 0) || (results[0].error != null)) {
|
|
||||||
parent.debug('cert', "Unable to get a certificate (" + (obj.runAsProduction ? "Production" : "Staging") + ", " + (Date.now() - obj.certCheckStart) + "ms): " + JSON.stringify(results));
|
|
||||||
} else {
|
|
||||||
parent.debug('cert', "Get certificate completed (" + (obj.runAsProduction ? "Production" : "Staging") + ", " + (Date.now() - obj.certCheckStart) + "ms): " + JSON.stringify(results));
|
|
||||||
if (obj.performRestart === true) { parent.debug('cert', "Certs changed, restarting..."); obj.parent.performServerCertUpdate(); } // Reset the server, TODO: Reset all peers
|
|
||||||
else if (obj.performMoveToProduction == true) {
|
|
||||||
parent.debug('cert', "Staging certificate received, moving to production...");
|
|
||||||
obj.runAsProduction = true;
|
|
||||||
obj.performMoveToProduction = false;
|
|
||||||
obj.performRestart = true;
|
|
||||||
setTimeout(obj.checkRenewCertificate, 10000); // Check the certificate in 10 seconds.
|
|
||||||
}
|
|
||||||
}
|
|
||||||
})
|
|
||||||
.catch(function (ex) {
|
|
||||||
parent.debug('cert', "getCertificate exception: (" + JSON.stringify(ex) + ")");
|
|
||||||
console.log(ex);
|
|
||||||
});
|
|
||||||
return;
|
|
||||||
}
|
|
||||||
*/
|
|
||||||
|
|
||||||
parent.debug('cert', "Checking certificate for " + obj.leDomains[0] + " (" + (obj.runAsProduction ? "Production" : "Staging") + ")");
|
|
||||||
try {
|
try {
|
||||||
xle.renew(renewOptions)
|
xle.renew(renewOptions)
|
||||||
.then(function (results) {
|
.then(function (results) {
|
||||||
@ -332,19 +286,15 @@ module.exports.create = function (options) {
|
|||||||
//console.log('LE-DEFAULTS-Production', options);
|
//console.log('LE-DEFAULTS-Production', options);
|
||||||
if (options != null) { for (var i in options) { if (manager.parent.leDefaults[i] == null) { manager.parent.leDefaults[i] = options[i]; } } }
|
if (options != null) { for (var i in options) { if (manager.parent.leDefaults[i] == null) { manager.parent.leDefaults[i] = options[i]; } } }
|
||||||
r = manager.parent.leDefaults;
|
r = manager.parent.leDefaults;
|
||||||
var mainsite = { subject: manager.parent.leDomains[0] };
|
|
||||||
if (manager.parent.leDomains.length > 0) { mainsite.altnames = manager.parent.leDomains; }
|
|
||||||
r.subscriberEmail = manager.parent.parent.config.letsencrypt.email;
|
r.subscriberEmail = manager.parent.parent.config.letsencrypt.email;
|
||||||
r.sites = { mainsite: mainsite };
|
r.sites = { mainsite: { subject: manager.parent.leDomains[0], altnames: manager.parent.leDomains } };
|
||||||
} else {
|
} else {
|
||||||
// Staging
|
// Staging
|
||||||
//console.log('LE-DEFAULTS-Staging', options);
|
//console.log('LE-DEFAULTS-Staging', options);
|
||||||
if (options != null) { for (var i in options) { if (manager.parent.leDefaultsStaging[i] == null) { manager.parent.leDefaultsStaging[i] = options[i]; } } }
|
if (options != null) { for (var i in options) { if (manager.parent.leDefaultsStaging[i] == null) { manager.parent.leDefaultsStaging[i] = options[i]; } } }
|
||||||
r = manager.parent.leDefaultsStaging;
|
r = manager.parent.leDefaultsStaging;
|
||||||
var mainsite = { subject: manager.parent.leDefaultsStaging[0] };
|
|
||||||
if (manager.parent.leDefaultsStaging.length > 0) { mainsite.altnames = manager.parent.leDefaultsStaging; }
|
|
||||||
r.subscriberEmail = manager.parent.parent.config.letsencrypt.email;
|
r.subscriberEmail = manager.parent.parent.config.letsencrypt.email;
|
||||||
r.sites = { mainsite: mainsite };
|
r.sites = { mainsite: { subject: manager.parent.leDomains[0], altnames: manager.parent.leDomains } };
|
||||||
}
|
}
|
||||||
return r;
|
return r;
|
||||||
};
|
};
|
||||||
|
@ -833,7 +833,7 @@ function CreateMeshCentralServer(config, args) {
|
|||||||
obj.certificateOperations.GetMeshServerCertificate(obj.args, obj.config, function (certs) {
|
obj.certificateOperations.GetMeshServerCertificate(obj.args, obj.config, function (certs) {
|
||||||
// Get the current node version
|
// Get the current node version
|
||||||
const nodeVersion = Number(process.version.match(/^v(\d+\.\d+)/)[1]);
|
const nodeVersion = Number(process.version.match(/^v(\d+\.\d+)/)[1]);
|
||||||
if ((nodeVersion < 8) || (obj.config.letsencrypt == null) || (obj.redirserver == null)) {
|
if ((nodeVersion < 8) || (require('crypto').generateKeyPair == null) || (obj.config.letsencrypt == null) || (obj.redirserver == null)) {
|
||||||
obj.StartEx3(certs); // Just use the configured certificates
|
obj.StartEx3(certs); // Just use the configured certificates
|
||||||
} else {
|
} else {
|
||||||
var le = require('./letsencrypt.js');
|
var le = require('./letsencrypt.js');
|
||||||
@ -2040,7 +2040,7 @@ function mainStart() {
|
|||||||
if (require('os').platform() == 'win32') { modules.push('node-windows'); if (sspi == true) { modules.push('node-sspi'); } } // Add Windows modules
|
if (require('os').platform() == 'win32') { modules.push('node-windows'); if (sspi == true) { modules.push('node-sspi'); } } // Add Windows modules
|
||||||
if (ldap == true) { modules.push('ldapauth-fork'); }
|
if (ldap == true) { modules.push('ldapauth-fork'); }
|
||||||
//if (config.letsencrypt != null) { modules.push('greenlock@2.8.8'); modules.push('le-store-certbot'); modules.push('le-challenge-fs'); modules.push('le-acme-core'); } // Add Greenlock Modules
|
//if (config.letsencrypt != null) { modules.push('greenlock@2.8.8'); modules.push('le-store-certbot'); modules.push('le-challenge-fs'); modules.push('le-acme-core'); } // Add Greenlock Modules
|
||||||
if (config.letsencrypt != null) { if (nodeVersion < 8) { console.log("WARNING: Let's Encrypt support requires Node v8 or higher."); } else { modules.push('greenlock'); } } // Add Greenlock Module
|
if (config.letsencrypt != null) { if ((nodeVersion < 10) || (require('crypto').generateKeyPair == null)) { console.log("WARNING: Let's Encrypt support requires Node v10.12.0 or higher."); } else { modules.push('greenlock'); } } // Add Greenlock Module
|
||||||
if (config.settings.mqtt != null) { modules.push('aedes'); } // Add MQTT Modules
|
if (config.settings.mqtt != null) { modules.push('aedes'); } // Add MQTT Modules
|
||||||
if (config.settings.mongodb != null) { modules.push('mongodb'); } // Add MongoDB, official driver.
|
if (config.settings.mongodb != null) { modules.push('mongodb'); } // Add MongoDB, official driver.
|
||||||
if (config.settings.vault != null) { modules.push('node-vault'); } // Add official HashiCorp's Vault module.
|
if (config.settings.vault != null) { modules.push('node-vault'); } // Add official HashiCorp's Vault module.
|
||||||
|
Loading…
Reference in New Issue
Block a user