2022-04-23 01:57:43 +02:00
|
|
|
<?php require "../../common/top.php"; ?>
|
2021-02-17 22:48:49 +01:00
|
|
|
<p>
|
2022-04-18 16:05:00 +02:00
|
|
|
Installer un certificat Let's Encrypt
|
2021-02-17 22:48:49 +01:00
|
|
|
</p>
|
2021-01-22 21:58:46 +01:00
|
|
|
|
2021-02-17 22:48:49 +01:00
|
|
|
<form method="post">
|
2022-04-18 16:05:00 +02:00
|
|
|
<label for="domain">Domaine ciblé</label><br>
|
|
|
|
|
<select required="" name="domain">
|
|
|
|
|
<option value="" disabled="" selected="">---</option>
|
|
|
|
|
<?php
|
|
|
|
|
$sites = selectSites($_SESSION['username'], "dns", "http", false);
|
|
|
|
|
$leAvailable = selectSites($_SESSION['username'], "dns", "http", true);
|
|
|
|
|
foreach ($sites as $site) { ?>
|
2022-05-03 15:27:46 +02:00
|
|
|
<option value="<?= $site['domain'] ?>"><?= $site['domain'] . " (/" . $site['siteDir'] . ")" ?></option>
|
2022-04-18 16:05:00 +02:00
|
|
|
<?php } ?>
|
|
|
|
|
</select>
|
|
|
|
|
<br>
|
|
|
|
|
<input value="Valider" type="submit">
|
2021-02-17 22:48:49 +01:00
|
|
|
</form>
|
2021-01-22 21:58:46 +01:00
|
|
|
|
2021-02-17 22:48:49 +01:00
|
|
|
<?php
|
2021-01-22 21:58:46 +01:00
|
|
|
|
2021-10-03 18:03:08 +02:00
|
|
|
if (isset($_POST['domain']) AND isset($_SESSION['username'])) {
|
2021-08-05 14:04:33 +02:00
|
|
|
|
2022-04-18 16:05:00 +02:00
|
|
|
antiCSRF();
|
2021-01-22 21:58:46 +01:00
|
|
|
|
2022-05-20 00:15:13 +02:00
|
|
|
exec(CONF['ht']['sudo_path'] . " " . CONF['ht']['certbot_path'] . " certonly --dry-run --test-cert --webroot --webroot-path /srv/acme --register-unsafely-without-email --agree-tos --domain " . $_POST['domain'], $output, $returnCode);
|
2021-10-03 18:03:08 +02:00
|
|
|
|
2022-04-18 16:05:00 +02:00
|
|
|
// Log Certbot response
|
|
|
|
|
addNiverLog($_SESSION['username'] . " installed a Let's Encrypt certificate on their site", $output, $returnCode);
|
2021-10-03 18:03:08 +02:00
|
|
|
|
2022-04-18 16:05:00 +02:00
|
|
|
// Abort if Certbot failed
|
|
|
|
|
if ($returnCode !== 0)
|
2022-05-20 02:19:45 +02:00
|
|
|
serverError("Certbot failed to get a Let's Encrypt certificate.");
|
2021-10-03 18:03:08 +02:00
|
|
|
|
2022-04-18 16:05:00 +02:00
|
|
|
// Replace self-signed certificate by Let's Encrypt certificate in Nginx configuration
|
2022-05-20 00:15:13 +02:00
|
|
|
$conf = file_get_contents(CONF['ht']['nginx_config_path'] . "/" . $_POST['domain'] . ".conf");
|
2022-04-18 16:05:00 +02:00
|
|
|
$conf = preg_replace("#/etc/ssl/certs/niver\.crt#", "/etc/letsencrypt/live/" . $_POST['domain'] . "/fullchain.pem", $conf);
|
|
|
|
|
$conf = preg_replace("#/etc/ssl/private/niver\.key#", "/etc/letsencrypt/live/" . $_POST['domain'] . "/privkey.pem", $conf);
|
2022-05-20 00:15:13 +02:00
|
|
|
file_put_contents(CONF['ht']['nginx_config_path'] . "/" . $_POST['domain'] . ".conf", $conf);
|
2021-01-22 21:58:46 +01:00
|
|
|
|
2022-04-18 16:05:00 +02:00
|
|
|
// Reload Nginx
|
2022-05-20 00:15:13 +02:00
|
|
|
exec(CONF['ht']['sudo_path'] . " " . CONF['ht']['systemctl_path'] . " reload nginx reload", $output, $returnCode);
|
2021-10-03 18:03:08 +02:00
|
|
|
|
2022-05-06 15:21:32 +02:00
|
|
|
// Abort if Nginx reload failed
|
2022-04-18 16:05:00 +02:00
|
|
|
if ($returnCode !== 0)
|
2022-05-20 02:19:45 +02:00
|
|
|
serverError("Nginx configuration reload failed.");
|
2021-01-22 21:58:46 +01:00
|
|
|
|
2022-04-18 16:05:00 +02:00
|
|
|
echo "Succès : La connexion avec votre site utilise désomais un certificat TLS émis par Let's Encrypt.";
|
2021-02-17 22:48:49 +01:00
|
|
|
}
|
2021-01-22 21:58:46 +01:00
|
|
|
|
2021-02-17 22:48:49 +01:00
|
|
|
?>
|
2021-01-22 21:58:46 +01:00
|
|
|
|
2022-04-23 01:57:43 +02:00
|
|
|
<?php require "../../common/bottom.php"; ?>
|
