diff --git a/app/controllers/admin/plow_controller.rb b/app/controllers/admin/plow_controller.rb index 302c256..1d48622 100644 --- a/app/controllers/admin/plow_controller.rb +++ b/app/controllers/admin/plow_controller.rb @@ -8,12 +8,12 @@ class Admin::PlowController < ApplicationController skip_before_action :verify_authenticity_token def index - reverse_proxy "unix://#{Rails.root}/tmp/plow.sock", path: '/' do |config| + reverse_proxy "unix://#{SocketFile}", path: '/' do |config| end end def show path = request.env['ORIGINAL_FULLPATH']#.gsub("/admin/plow", "") - reverse_proxy "unix://#{Rails.root}/tmp/plow.sock", path: path do |config| + reverse_proxy "unix://#{SocketFile}", path: path do |config| end end def setting @@ -25,7 +25,7 @@ class Admin::PlowController < ApplicationController def save_setting @setting.update_attributes(params[:plow_setting].permit!) if File.exist?(SocketFile) - if @plow_pid + if @plow_pid != 0 Process.kill(:INT, @plow_pid) end `rm #{SocketFile}` diff --git a/app/models/site_cert.rb b/app/models/site_cert.rb index f382943..81260b6 100644 --- a/app/models/site_cert.rb +++ b/app/models/site_cert.rb @@ -1,4 +1,5 @@ class SiteCert + require 'fileutils' include Mongoid::Document include Mongoid::Timestamps mount_uploader :cert_file, AssetUploader #Public key @@ -35,13 +36,12 @@ class SiteCert org_cert_file_name = self.cert_file.file.file.to_s cert_file_name = org_cert_file_name.sub(/.cer$/, '.crt') if org_cert_file_name != cert_file_name - if File.open(org_cert_file_name, 'r').read().match(/\A\s*---/) - new_sf = CarrierWave::SanitizedFile.new(self.cert_file.file.move_to(cert_file_name)) + if File.read(org_cert_file_name).match(/\A\s*---/) + FileUtils.cp(org_cert_file_name, cert_file_name) else `openssl x509 --inform DER -in #{org_cert_file_name} --out #{cert_file_name}` - new_sf = CarrierWave::SanitizedFile.new(cert_file_name) end - self.cert_file.cache!(new_sf) + self.cert_file.retrieve_from_store!(File.basename(cert_file_name)) end cert_file_md5 = `openssl x509 -noout -modulus -in #{cert_file_name} | openssl md5` private_key_md5 = `openssl rsa -noout -modulus -in #{self.private_key.file.file} | openssl md5` diff --git a/lib/tasks/change_site_cert.rake b/lib/tasks/change_site_cert.rake index e63902e..42172f2 100644 --- a/lib/tasks/change_site_cert.rake +++ b/lib/tasks/change_site_cert.rake @@ -58,16 +58,16 @@ namespace :create_site do site_cert = SiteCert.new if site_cert.nil? end if true #site_cert.source_paths.count == 0 - site_cert["cert_file"] = File.basename(crt_file_path) - cert_file_store_path = site_cert.cert_file.file.file + cert_file_store_path = "public/#{site_cert.cert_file.store_dir}/#{File.basename(crt_file_path)}" crt_file_content = exec_ssh_command_by_sudo_and_see_output(ssh,"cat #{crt_file_path}",false).select{|s| s.present?}.join("\n").strip.split(/(\r\n|\n)/).select{|s| s.present?}.join("\n") FileUtils.mkdir_p(File.dirname(cert_file_store_path)) unless Dir.exist?(File.dirname(cert_file_store_path)) - File.open(site_cert.cert_file.file.file,'w+'){|f| f.write(crt_file_content)} - site_cert["private_key"] = File.basename(private_key_path) - private_key_store_path = site_cert.private_key.file.file + File.open(cert_file_store_path,'w+'){|f| f.write(crt_file_content)} + site_cert.cert_file.retrieve_from_store!(File.basename(cert_file_store_path)) + private_key_store_path = "public/#{site_cert.cert_file.store_dir}/#{File.basename(private_key_path)}" private_key_content = exec_ssh_command_by_sudo_and_see_output(ssh,"cat #{private_key_path}",false).select{|s| s.present?}.join("\n").strip.split(/(\r\n|\n)/).select{|s| s.present?}.join("\n") FileUtils.mkdir_p(File.dirname(private_key_store_path)) unless Dir.exist?(File.dirname(private_key_path)) - File.open(site_cert.private_key.file.file,'w+'){|f| f.write(private_key_content)} + File.open(private_key_store_path,'w+'){|f| f.write(private_key_content)} + site_cert.private_key.retrieve_from_store!(File.basename(private_key_path)) site_cert.source_paths = [crt_file_path,private_key_path] site_cert.is_certbot = private_key_path.include?("letsencrypt") site_cert.save diff --git a/lib/tasks/detect_sites.rake b/lib/tasks/detect_sites.rake index 86249c6..0dbfcf3 100644 --- a/lib/tasks/detect_sites.rake +++ b/lib/tasks/detect_sites.rake @@ -143,16 +143,16 @@ namespace :create_site do site_cert = SiteCert.new if site_cert.nil? end if true #site_cert.source_paths.count == 0 - site_cert["cert_file"] = File.basename(crt_file_path) - cert_file_store_path = site_cert.cert_file.file.file + cert_file_store_path = "public/#{site_cert.cert_file.store_dir}/#{File.basename(crt_file_path)}" crt_file_content = exec_ssh_command_by_sudo_and_see_output(ssh,"cat #{crt_file_path}",false).select{|s| s.present?}.join("\n").strip.split(/(\r\n|\n)/).select{|s| s.present?}.join("\n") FileUtils.mkdir_p(File.dirname(cert_file_store_path)) unless Dir.exist?(File.dirname(cert_file_store_path)) File.open(cert_file_store_path,'w+'){|f| f.write(crt_file_content)} - site_cert["private_key"] = File.basename(private_key_path) - private_key_store_path = site_cert.private_key.file.file + site_cert.cert_file.retrieve_from_store!(File.basename(cert_file_store_path)) + private_key_store_path = "public/#{site_cert.cert_file.store_dir}/#{File.basename(private_key_path)}" private_key_content = exec_ssh_command_by_sudo_and_see_output(ssh,"cat #{private_key_path}",false).select{|s| s.present?}.join("\n").strip.split(/(\r\n|\n)/).select{|s| s.present?}.join("\n") FileUtils.mkdir_p(File.dirname(private_key_store_path)) unless Dir.exist?(File.dirname(private_key_store_path)) File.open(private_key_store_path,'w+'){|f| f.write(private_key_content)} + site_cert.private_key.retrieve_from_store!(File.basename(private_key_path)) site_cert.source_paths = [crt_file_path,private_key_path] site_cert.is_certbot = private_key_path.include?("letsencrypt") site_cert.save