From 97ccb98ef871d76a97752d6c49ac28fc75168311 Mon Sep 17 00:00:00 2001 From: MattIPv4 Date: Sun, 21 Jun 2020 15:52:07 +0100 Subject: [PATCH] Provide an option for LE cert dir (fixes #156) --- .../generators/conf/website.conf.js | 2 +- .../en/templates/global_sections/https.js | 1 + .../templates/global_sections/https.vue | 21 +++++++++++++++++++ src/nginxconfig/util/get_ssl_certificate.js | 4 ++-- 4 files changed, 25 insertions(+), 3 deletions(-) diff --git a/src/nginxconfig/generators/conf/website.conf.js b/src/nginxconfig/generators/conf/website.conf.js index 393a13c..eaf2605 100644 --- a/src/nginxconfig/generators/conf/website.conf.js +++ b/src/nginxconfig/generators/conf/website.conf.js @@ -48,7 +48,7 @@ const sslConfig = (domain, global) => { // Let's encrypt if (domain.https.certType.computed === 'letsEncrypt') config.push(['ssl_trusted_certificate', - `/etc/letsencrypt/live/${domain.server.domain.computed}/chain.pem`]); + `${global.https.letsEncryptCertRoot.computed.replace(/\/+$/, '')}/${domain.server.domain.computed}/chain.pem`]); } return config; }; diff --git a/src/nginxconfig/i18n/en/templates/global_sections/https.js b/src/nginxconfig/i18n/en/templates/global_sections/https.js index 03935ff..ddef688 100644 --- a/src/nginxconfig/i18n/en/templates/global_sections/https.js +++ b/src/nginxconfig/i18n/en/templates/global_sections/https.js @@ -40,6 +40,7 @@ export default { quad9: 'Quad9', verisign: 'Verisign', letsEncryptWebroot: `${common.letsEncrypt} webroot`, + letsEncryptCertRoot: `${common.letsEncrypt} certificate directory`, mozillaModern: `${mozilla} Modern`, mozillaIntermediate: `${mozilla} Intermediate`, mozillaOld: `${mozilla} Old`, diff --git a/src/nginxconfig/templates/global_sections/https.vue b/src/nginxconfig/templates/global_sections/https.vue index cd37051..9a8edcc 100644 --- a/src/nginxconfig/templates/global_sections/https.vue +++ b/src/nginxconfig/templates/global_sections/https.vue @@ -194,6 +194,23 @@ THE SOFTWARE. + +
+
+ +
+
+
+
+ +
+
+
+
@@ -261,6 +278,10 @@ THE SOFTWARE. default: '/var/www/_letsencrypt/', enabled: true, }, + letsEncryptCertRoot: { + default: '/etc/letsencrypt/live/', + enabled: true, + }, }; export default { diff --git a/src/nginxconfig/util/get_ssl_certificate.js b/src/nginxconfig/util/get_ssl_certificate.js index 325d371..e6924ed 100644 --- a/src/nginxconfig/util/get_ssl_certificate.js +++ b/src/nginxconfig/util/get_ssl_certificate.js @@ -26,7 +26,7 @@ THE SOFTWARE. export const getSslCertificate = (domain, global) => { if (domain.https.certType.computed === 'letsEncrypt') - `/etc/letsencrypt/live/${domain.server.domain.computed}/fullchain.pem`; + return `${global.https.letsEncryptCertRoot.computed.replace(/\/+$/, '')}/${domain.server.domain.computed}/fullchain.pem`; if (domain.https.sslCertificate.computed) return domain.https.sslCertificate.computed; @@ -36,7 +36,7 @@ export const getSslCertificate = (domain, global) => { export const getSslCertificateKey = (domain, global) => { if (domain.https.certType.computed === 'letsEncrypt') - `/etc/letsencrypt/live/${domain.server.domain.computed}/privkey.pem`; + return `${global.https.letsEncryptCertRoot.computed.replace(/\/+$/, '')}/${domain.server.domain.computed}/privkey.pem`; if (domain.https.sslCertificateKey.computed) return domain.https.sslCertificateKey.computed;