add cert verify feature

2021-02-24 18:44:09 +08:00 · 2021-02-24 18:44:09 +08:00 · 8feba06a13
parent a543d6be8f
commit 8feba06a13
2 changed files with 44 additions and 0 deletions
--- a/app/models/site_construct.rb
+++ b/app/models/site_construct.rb
@ -21,6 +21,10 @@ class SiteConstruct
  field :infos, type: Array, :default => []
  field :hidden, type: Boolean, :default  => false
  field :copy_id
+
+  field :cert_ver_added_text
+  field :cert_ver_file_content
+  field :cert_ver_location_path
  after_initialize do |record|
    if record.status.nil?
      record.status = ""
--- a/lib/tasks/add_cert_ver_for_site.rake
+++ b/lib/tasks/add_cert_ver_for_site.rake
@ -0,0 +1,40 @@
+require 'net/ssh'
+require 'pathname'
+namespace :create_site do
+  desc "Add cert ver for site"
+  task :add_cert_ver_for_site,[:id] => :environment do |task,args|
+    begin
+      site_construct = SiteConstruct.find(args.id)
+      site_server = site_construct.site_server
+      if !site_server.nil? && !site_construct.cert_ver_location_path.blank? && !site_construct.cert_ver_file_content.nil?
+        @password = site_server.password
+        Net::SSH.start(site_server.ip , site_server.account , password: site_server.password) do |ssh|
+          nginx_path = site_construct.nginx_file
+          cert_ver_file_content = site_construct.cert_ver_file_content
+          location_path = site_construct.cert_ver_location_path
+          nginx_config = exec_command_by_user(ssh,"cat #{site_construct.nginx_file}")
+          if !site_construct.cert_ver_added_text.nil?
+            nginx_config = nginx_config.gsub(site_construct.cert_ver_added_text,'')
+          end
+          file_name = location_path.split('/')[-1]
+          file_path = "#{site_construct.path}/#{site_construct.site_name}/tmp/#{file_name}"
+          site_construct.cert_ver_added_text = "  location #{location_path}{\n  alias #{file_path};\n  }"
+          site_construct.save
+          server_array = nginx_config.scan(/^[ \t]*server[ \t]{(?:(?!server[ \t]*{).)+}/m)
+          server_array.each do |server|
+            tmp = server[0...-1] + site_construct.cert_ver_added_text + "\n  }"
+            nginx_config = nginx_config.sub(server,tmp)
+          end
+          cmd = "x='#{cert_ver_file_content}'; echo '#{@password}' | sudo -S sh -c \"echo '$x' > #{file_path}\"; unset x"
+          exec_command_by_user(ssh,cmd)
+
+          cmd = "x='#{nginx_config}'; echo '#{@password}' | sudo -S sh -c \"echo '$x' > #{site_construct.nginx_file}\"; unset x"
+          exec_command_by_user(ssh,cmd)
+          exec_ssh_command_by_sudo(ssh,"service nginx restart")
+        end
+      end
+    rescue => e
+      puts [e,e.backtrace]
+    end
+  end
+end