This commit is contained in:
BoHung Chiu 2021-08-11 18:25:03 +08:00
parent dbfd2e0677
commit 613081a3f5
6 changed files with 52 additions and 28 deletions

View File

@ -38,7 +38,7 @@ class Admin::SitePanelController < OrbitAdminController
else else
domain_name_search_text = "" domain_name_search_text = ""
end end
@site_certs = SiteCert.all.where(:is_valid=>true,:domain_names=>/\A#{domain_name_search_text}/) @site_certs = SiteCert.all.where(:is_valid=>true,:domain_names=>/\A#{domain_name_search_text}/,:start_date.lte=>DateTime.now,:end_date.gte=>DateTime.now)
# @site_certs = SiteCert.all # @site_certs = SiteCert.all
if site_construct if site_construct
@enable_cert_id = site_construct.site_cert_id @enable_cert_id = site_construct.site_cert_id

View File

@ -43,10 +43,16 @@
<th><%=t('client_management.domain_name')%></th> <th><%=t('client_management.domain_name')%></th>
</thead> </thead>
<tbody> <tbody>
<tr>
<td><%=radio_button_tag("site_cert","certbot",false)%></td>
<td>Certbot</td>
<td></td>
<td></td>
</tr>
<% @site_certs.each do |site_cert| %> <% @site_certs.each do |site_cert| %>
<tr> <tr>
<td><%=radio_button_tag("site_cert",site_cert.id,site_cert.id == @enable_cert_id)%></td> <td><%=radio_button_tag("site_cert",site_cert.id,site_cert.id == @enable_cert_id)%></td>
<td><%=site_cert.upload_date %></td> <td><%=site_cert.upload_date %><%= '(certbot)' if site_cert.is_certbot%></td>
<td><%=site_cert.display_start_date %> / <%=site_cert.display_end_date %></td> <td><%=site_cert.display_start_date %> / <%=site_cert.display_end_date %></td>
<td><%=site_cert.display_domain_names %></td> <td><%=site_cert.display_domain_names %></td>
</tr> </tr>

View File

@ -16,7 +16,7 @@ namespace :create_site do
if is_certbot if is_certbot
domain_name = @site_construct.domain_name domain_name = @site_construct.domain_name
if domain_name.present? if domain_name.present?
certbot_path = exec_ssh_command_by_sudo_and_see_output(ssh,"bash -l -c 'which certbot'",false,true).strip certbot_path = exec_ssh_command_by_sudo_and_see_output(ssh,"bash -l -c 'which certbot certbot-auto'",false,true).strip.split("\n")[0]
if certbot_path.present? if certbot_path.present?
if @site_cert if @site_cert
update_infos("Using certbot to change cert setting...") update_infos("Using certbot to change cert setting...")

View File

@ -34,7 +34,7 @@ namespace :create_site do
next next
end end
Net::SSH.start(@site_server.ip , @site_server.account , password: @site_server.password) do |ssh| Net::SSH.start(@site_server.ip , @site_server.account , password: @site_server.password) do |ssh|
certbot_path = exec_ssh_command_by_sudo_and_see_output(ssh,"bash -l -c 'which certbot'",false,true).strip certbot_path = exec_ssh_command_by_sudo_and_see_output(ssh,"bash -l -c 'which certbot certbot-auto'",false,true).strip.split("\n")[0]
@site_server.has_certbot = certbot_path.present? @site_server.has_certbot = certbot_path.present?
@site_server.save @site_server.save
if @site_server.has_certbot if @site_server.has_certbot
@ -51,9 +51,10 @@ namespace :create_site do
nginx_include_dir = exec_command_by_user(ssh,'grep include /etc/nginx/nginx.conf | grep -v "\#\|include /etc/nginx/mime.types\|include /etc/nginx/conf.d/\*.conf\|/etc/nginx/sites-enabled/\*"') nginx_include_dir = exec_command_by_user(ssh,'grep include /etc/nginx/nginx.conf | grep -v "\#\|include /etc/nginx/mime.types\|include /etc/nginx/conf.d/\*.conf\|/etc/nginx/sites-enabled/\*"')
nginx_include_dir = nginx_include_dir.gsub(/include|;|\n/,'').strip nginx_include_dir = nginx_include_dir.gsub(/include|;|\n/,'').strip
domain_name = @site_server.domain_name#'serv.rulingcom.com' domain_name = @site_server.domain_name#'serv.rulingcom.com'
server_names = exec_command_by_user(ssh,"grep 'server_name' -r #{nginx_include_dir}") server_names = exec_command_by_user(ssh,"grep -H 'server_name' -r #{nginx_include_dir}")
server_names_array = server_names.scan(/(.*):[ \t]*server_name[ \t]+(.*);/) server_names_array = server_names.scan(/(.*):[ \t]*server_name[ \t]+(.*);/)
server_names_array = server_names_array.group_by{|v| v[0]} server_names_array = server_names_array.group_by{|v| v[0]}
server_names_array.each do |nginx_file, server_name_with_file| server_names_array.each do |nginx_file, server_name_with_file|
server_names_for_site = server_name_with_file.map{|v| v[1].split(/[ |\t]+/)}.flatten.uniq - ["localhost","127.0.0.1"] server_names_for_site = server_name_with_file.map{|v| v[1].split(/[ |\t]+/)}.flatten.uniq - ["localhost","127.0.0.1"]
server_name_list = [] server_name_list = []

View File

@ -119,21 +119,29 @@ namespace :exec_commands do
end end
return output return output
end end
def update_infos_for_exec(info,update_last=false) def update_infos_for_exec(info,update_last=false,update_array=false)
return if @site_construct.nil? return if @site_construct.nil?
if update_last && !@site_construct.infos.empty? if update_last && !@site_construct.infos.empty?
@site_construct.infos[-1] += info.to_s @site_construct.infos[-1] += info.to_s
else else
@site_construct.infos = @site_construct.infos.push(info.to_s) if update_array
@site_construct.infos += info
else
@site_construct.infos.push(info.to_s)
end
end end
@site_construct.save! @site_construct.save!
return @site_construct.infos return @site_construct.infos
end end
def update_thread_infos_for_exec(info,update_last=false) def update_thread_infos_for_exec(info,update_last=false,update_array=false)
if update_last && !@thread.status["infos"].empty? if update_last && !@thread.status["infos"].empty?
@thread.status["infos"][-1] += info.to_s @thread.status["infos"][-1] += info.to_s
else else
@thread.status["infos"] = @thread.status["infos"].push(info.to_s) if update_array
@thread.status["infos"] += info
else
@thread.status["infos"].push(info.to_s)
end
end end
@thread.save! @thread.save!
return @thread.status["infos"] return @thread.status["infos"]
@ -154,26 +162,28 @@ namespace :exec_commands do
channel.exec(command) do |ch, success| channel.exec(command) do |ch, success|
abort "could not execute command: #{command}" unless success abort "could not execute command: #{command}" unless success
channel.on_data do |ch, data| channel.on_data do |ch, data|
print "#{data}"
if data.include? "\n" || outputs.empty?
outputs.push(data.to_s)
if update
update_thread_infos_for_exec(data) if @flag
update_infos_for_exec(data)
end
else
if outputs.count == 0
outputs.push(data.to_s)
else
outputs[-1] += (data.to_s rescue "")
end
if update
update_thread_infos_for_exec(data,true) if @flag
update_infos_for_exec(data,true)
end
end
if data.to_s.include?("sudo password:") || data.to_s.include?("Password:") if data.to_s.include?("sudo password:") || data.to_s.include?("Password:")
channel.send_data "#{@password}\n" channel.send_data "#{@password}\n"
else
print "#{data}"
if data.include?("\n") || outputs.empty?
output_lines = data.to_s.split("\n").select{|l| l.present?}
outputs += output_lines
if update
update_thread_infos_for_exec(output_lines,false,true) if @flag
update_infos_for_exec(output_lines,false,true)
end
else
if outputs.count == 0
outputs.push(data.to_s)
else
outputs[-1] += (data.to_s rescue "")
end
if update
update_thread_infos_for_exec(data,true) if @flag
update_infos_for_exec(data,true)
end
end
end end
end end
channel.on_close do |ch| channel.on_close do |ch|

View File

@ -37,9 +37,16 @@ namespace :create_site do
certbot_path = exec_ssh_command_by_sudo_and_see_output(ssh,"bash -l -c 'which certbot'",false,true).strip certbot_path = exec_ssh_command_by_sudo_and_see_output(ssh,"bash -l -c 'which certbot'",false,true).strip
snap_path = exec_ssh_command_by_sudo_and_see_output(ssh,"bash -l -c 'which snap'",false,true).strip snap_path = exec_ssh_command_by_sudo_and_see_output(ssh,"bash -l -c 'which snap'",false,true).strip
if certbot_path.blank? if certbot_path.blank?
update_thread_infos("checking kernel version")
kernel_version = exec_ssh_command_by_sudo_and_see_output(ssh,"sudo -p 'sudo password:' uname -r",false,true).strip.to_f rescue 0.0
update_thread_infos("kernel_version: #{kernel_version}")
if kernel_version < 4.4
raise "Kernel version need upgrade to >= 4.4(snap need kernel >= 4.4)"
end
if snap_path.blank? if snap_path.blank?
update_thread_infos("execing apt update...")
exec_ssh_command_by_sudo_and_see_output(ssh,"sudo -p 'sudo password:' apt-get -y -o DPkg::options::='--force-confdef' -o DPkg::options::='--force-confold' update",true,false)
update_thread_infos("Installing snap...") update_thread_infos("Installing snap...")
exec_ssh_command_by_sudo_and_see_output(ssh,"sudo -p 'sudo password:' apt update",true,false)
exec_ssh_command_by_sudo_and_see_output(ssh,"sudo -p 'sudo password:' apt install snapd -y",true,false) exec_ssh_command_by_sudo_and_see_output(ssh,"sudo -p 'sudo password:' apt install snapd -y",true,false)
snap_path = exec_ssh_command_by_sudo_and_see_output(ssh,"bash -l -c 'which snap'",false,true).strip snap_path = exec_ssh_command_by_sudo_and_see_output(ssh,"bash -l -c 'which snap'",false,true).strip
end end