As per RFC 2818 [0], a CN of *.dokku.me will only match direct
subdomains of dokku.me, not sub-subdomains like www.test.dokku.me, but
Dokku currently enables TLS for subdomains of all levels.
I have changed the regex from .*\.dokku\.me to [^.]*\.dokku\.me so TLS
is only enabled for direct subdomains.
[0] - http://tools.ietf.org/html/rfc2818#section-3.1
Signed-off-by: Lewis Marshall <lewis@lmars.net>
Previously, the presence of TLS certificates would cause `dokku urls` to
output all https URLs, even for domains which were not configured to use
TLS.
This change introduces a URLS file in the app's directory which contains
the URLs with schemes based on whether they have been configured to use
TLS in the nginx config.
Signed-off-by: Lewis Marshall <lewis@lmars.net>
Previous to this change, each TLS domain would be written to nginx.conf
using the nginx.ssl.conf template (lines 69-73) but with an empty
"server_name" directive (because NOSSL_SERVER_NAME was not set).
This would then become irrelevant because nginx.conf would get truncated
on line 88, and a single parsing of the template would then be written to
nginx.conf on line 89, meaning only the last TLS domain would be set up to
actually use TLS.
This patch changes this behaviour so that all TLS domains get added to
nginx.conf using the nginx.ssl.conf template (which includes redirecting
HTTP -> HTTPS), and all non-TLS domains get added using the nginx.conf
template, so do not get redirected to a TLS domain.
Signed-off-by: Lewis Marshall <lewis@lmars.net>
- don't match substrings in VHOSTS
- handle case where NOSSL_SERVER_NAME is \' \'
- rebuild nginx config on ssl import
- prevent cwd errors after we rm the temp dir
Plugins with commands will need to implement a catch-all command that exits with the `DOKKU_NOT_IMPLEMENTED_EXIT`` code (10). This signals to dokku that a given plugin has indeed not executed anything for a plugin (which may not always be the case).
Using plugins that do not implement this pattern will result in those plugins silencing the error message.
