feat(server-api): Implement support for staging acme certificates

Related to https://letsencrypt.org/docs/staging-environment/ to not get domain banned by constant renewal
This commit is contained in:
NaiJi 2022-11-17 11:21:49 +04:00
parent 51dc4c67b2
commit 611fe6bf45
3 changed files with 7 additions and 2 deletions

View file

@ -322,7 +322,7 @@ class DigitalOceanApi extends ServerProviderApi with VolumeProviderApi {
const String infectBranch = 'providers/digital-ocean';
final String userdataString =
"#cloud-config\nruncmd:\n- curl https://git.selfprivacy.org/SelfPrivacy/selfprivacy-nixos-infect/raw/branch/$infectBranch/nixos-infect | PROVIDER=$infectProviderName DOMAIN='$domainName' LUSER='${rootUser.login}' ENCODED_PASSWORD='$base64Password' CF_TOKEN=$dnsApiToken DB_PASSWORD=$dbPassword API_TOKEN=$apiToken HOSTNAME=$formattedHostname bash 2>&1 | tee /tmp/infect.log";
"#cloud-config\nruncmd:\n- curl https://git.selfprivacy.org/SelfPrivacy/selfprivacy-nixos-infect/raw/branch/$infectBranch/nixos-infect | PROVIDER=$infectProviderName STAGING_ACME='$stagingAcme' DOMAIN='$domainName' LUSER='${rootUser.login}' ENCODED_PASSWORD='$base64Password' CF_TOKEN=$dnsApiToken DB_PASSWORD=$dbPassword API_TOKEN=$apiToken HOSTNAME=$formattedHostname bash 2>&1 | tee /tmp/infect.log";
print(userdataString);
final Dio client = await getClient();

View file

@ -360,7 +360,7 @@ class HetznerApi extends ServerProviderApi with VolumeProviderApi {
base64.encode(utf8.encode(rootUser.password ?? 'PASS'));
final String userdataString =
"#cloud-config\nruncmd:\n- curl https://git.selfprivacy.org/SelfPrivacy/selfprivacy-nixos-infect/raw/branch/$infectBranch/nixos-infect | PROVIDER=$infectProviderName NIX_CHANNEL=nixos-21.05 DOMAIN='$domainName' LUSER='${rootUser.login}' ENCODED_PASSWORD='$base64Password' CF_TOKEN=$dnsApiToken DB_PASSWORD=$dbPassword API_TOKEN=$apiToken HOSTNAME=$hostname bash 2>&1 | tee /tmp/infect.log";
"#cloud-config\nruncmd:\n- curl https://git.selfprivacy.org/SelfPrivacy/selfprivacy-nixos-infect/raw/branch/$infectBranch/nixos-infect | STAGING_ACME='$stagingAcme' PROVIDER=$infectProviderName NIX_CHANNEL=nixos-21.05 DOMAIN='$domainName' LUSER='${rootUser.login}' ENCODED_PASSWORD='$base64Password' CF_TOKEN=$dnsApiToken DB_PASSWORD=$dbPassword API_TOKEN=$apiToken HOSTNAME=$hostname bash 2>&1 | tee /tmp/infect.log";
ServerHostingDetails? serverDetails;
DioError? hetznerError;

View file

@ -55,4 +55,9 @@ abstract class ServerProviderApi extends ApiMap {
/// Actual provider name to render on information page for user,
/// for example 'Digital Ocean' for Digital Ocean
String get appearanceProviderName;
/// Whether we request for staging temprorary certificates.
/// Hardcode to 'true' in the middle of testing to not
/// get your domain banned but constant certificate renewal
String get stagingAcme => 'false';
}