Merge pull request #51 from sudosammy/dev

Certificate location bugfix
sudosammy · Jan 24, 2022 · 3c0bb48 · 3c0bb48
2 parents 6e9d501 + 78a48e3
commit 3c0bb48
Show file tree

Hide file tree

Showing 6 changed files with 30 additions and 17 deletions.
diff --git a/VERSION b/VERSION
@@ -1 +1 @@
-3.4.0
+3.4.1
diff --git a/libknary/certbot.go b/libknary/certbot.go
@@ -5,6 +5,7 @@ import (
 	"errors"
 	"log"
 	"os"
+	"path/filepath"
 	"time"
 
 	"github.com/go-acme/lego/v4/certcrypto"
@@ -65,7 +66,7 @@ func (d *DNSProvider) CleanUp(domain, token, keyAuth string) error {
 	return nil
 }
 
-func StartLetsEncrypt() string {
+func StartLetsEncrypt() {
 	// check if folder structure is correct
 	cmd.CreateFolderStructure()
 
@@ -136,7 +137,12 @@ func StartLetsEncrypt() string {
 			Printy("TLS private key found: "+certsStorage.GetFileName("*."+GetFirstDomain(), ".key"), 3)
 			Printy("TLS certificate found: "+certsStorage.GetFileName("*."+GetFirstDomain(), ".crt"), 3)
 		}
-		return cmd.SanitizedDomain("*." + GetFirstDomain())
+
+		// Set TLS_CRT and TLS_KEY to our LE generated certs
+		os.Setenv("TLS_CRT", filepath.Join(cmd.GetCertPath(), cmd.SanitizedDomain("*."+GetFirstDomain())+".crt"))
+		os.Setenv("TLS_KEY", filepath.Join(cmd.GetCertPath(), cmd.SanitizedDomain("*."+GetFirstDomain())+".key"))
+
+		return
 	}
 
 	if os.Getenv("DEBUG") == "true" {
@@ -158,7 +164,10 @@ func StartLetsEncrypt() string {
 	}
 
 	certsStorage.SaveResource(certificates)
-	return cmd.SanitizedDomain(certificates.Domain)
+
+	// Set TLS_CRT and TLS_KEY to our LE generated certs
+	os.Setenv("TLS_CRT", filepath.Join(cmd.GetCertPath(), cmd.SanitizedDomain(certificates.Domain)+".crt"))
+	os.Setenv("TLS_KEY", filepath.Join(cmd.GetCertPath(), cmd.SanitizedDomain(certificates.Domain)+".key"))
 }
 
 func renewError(msg string) {

diff --git a/libknary/lego/accounts_storage.go b/libknary/lego/accounts_storage.go
@@ -92,14 +92,14 @@ func (s *AccountsStorage) GetPrivateKey(keyType certcrypto.KeyType) crypto.Priva
 	accKeyPath := s.keyFilePath
 
 	if _, err := os.Stat(accKeyPath); os.IsNotExist(err) {
-		log.Printf("No key found for account %s. Generating a %s key.", s.userID, keyType)
+		// log.Printf("No key found for account %s. Generating a %s key.", s.userID, keyType)
 
 		privateKey, err := generatePrivateKey(accKeyPath, keyType)
 		if err != nil {
 			log.Fatalf("Could not generate RSA private account key for account %s: %v", s.userID, err)
 		}
 
-		log.Printf("Saved key to %s", accKeyPath)
+		// log.Printf("Saved key to %s", accKeyPath)
 		return privateKey
 	}
 

diff --git a/libknary/lego/cert_storage.go b/libknary/lego/cert_storage.go
@@ -30,21 +30,29 @@ import (
 //
 func GetCertPath() string {
 	var certFolderName string
+	var certPath string
 
-	if !filepath.IsAbs(os.Getenv("TLS_CRT")) {
+	if os.Getenv("TLS_CRT") == "" || os.Getenv("TLS_KEY") == "" {
+		// this is the default LE config
+		certPath = "./certs" // put LE certs in ./certs/* dir. if it doesn't exist, it'll be created by StartLetsEncrypt()
+	} else {
+		certPath = filepath.Dir(os.Getenv("TLS_CRT"))
+	}
+
+	if !filepath.IsAbs(certPath) {
 		pwd, err := os.Getwd()
 		if err != nil {
 			log.Fatalf(err.Error())
 		}
 
-		path, err := filepath.Abs(filepath.Join(pwd, os.Getenv("TLS_CRT")))
+		path, err := filepath.Abs(filepath.Join(pwd, certPath))
 		if err != nil {
 			log.Fatalf(err.Error())
 		}
 
-		certFolderName = filepath.Dir(path)
+		certFolderName = path
 	} else {
-		certFolderName = filepath.Dir(os.Getenv("TLS_CRT"))
+		certFolderName = certPath
 	}
 
 	return certFolderName

diff --git a/libknary/lego/storage.go b/libknary/lego/storage.go
@@ -7,7 +7,7 @@ import (
 )
 
 func CreateFolderStructure() {
-	folder := filepath.Join(GetCertPath() + "archives")
+	folder := filepath.Join(GetCertPath(), "archives")
 	err := os.MkdirAll(folder, os.ModePerm)
 	if err != nil {
 		log.Fatal(err)

diff --git a/main.go b/main.go
@@ -14,7 +14,7 @@ import (
 )
 
 const (
-	VERSION       = "3.4.0"
+	VERSION       = "3.4.1"
 	GITHUB        = "https://github.com/sudosammy/knary"
 	GITHUBVERSION = "https://raw.githubusercontent.com/sudosammy/knary/master/VERSION"
 )
@@ -149,11 +149,7 @@ func main() {
 
 	// generate a let's encrypt certificate
 	if os.Getenv("LETS_ENCRYPT") != "" && os.Getenv("HTTP") == "true" && os.Getenv("DNS") == "true" && (os.Getenv("TLS_CRT") == "" || os.Getenv("TLS_KEY") == "") {
-		certName := libknary.StartLetsEncrypt()
-		// out of this we need to set TLS_CRT and TLS_KEY
-		// TODO make these not rely on hardcoded paths
-		os.Setenv("TLS_CRT", "certs/"+certName+".crt")
-		os.Setenv("TLS_KEY", "certs/"+certName+".key")
+		libknary.StartLetsEncrypt()
 		libknary.Printy("Let's Encrypt certificate is loaded", 1)
 
 	} else if os.Getenv("LETS_ENCRYPT") != "" && (os.Getenv("HTTP") != "true" || os.Getenv("DNS") != "true") {