mirror of
https://github.com/dokku/dokku.git
synced 2025-12-29 00:25:08 +01:00
45 lines
1.3 KiB
Bash
Executable File
45 lines
1.3 KiB
Bash
Executable File
#!/usr/bin/env bash
|
|
set -eo pipefail; [[ $DOKKU_TRACE ]] && set -x
|
|
source "$PLUGIN_PATH/common/functions"
|
|
|
|
# returns 'global', 'app', 'false'
|
|
# if both are configured, app trumps global
|
|
is_ssl_enabled() {
|
|
local APP=$1; verify_app_name $APP
|
|
APP_SSL_PATH="$DOKKU_ROOT/$APP/tls"
|
|
WILDCARD_SSL_PATH="$DOKKU_ROOT/tls"
|
|
|
|
if [[ -e "$APP_SSL_PATH/server.crt" ]] && [[ -e "$APP_SSL_PATH/server.key" ]]; then
|
|
echo app
|
|
return 0
|
|
elif [[ -e "$WILDCARD_SSL_PATH/server.crt" ]] && [[ -e "$WILDCARD_SSL_PATH/server.key" ]]; then
|
|
echo global
|
|
return 0
|
|
else
|
|
return 1
|
|
fi
|
|
}
|
|
|
|
get_ssl_hostnames() {
|
|
local APP=$1; verify_app_name $APP
|
|
case "$(is_ssl_enabled $APP)" in
|
|
app)
|
|
SSL_PATH="$DOKKU_ROOT/$APP/tls"
|
|
;;
|
|
|
|
global)
|
|
SSL_PATH="$DOKKU_ROOT/tls"
|
|
;;
|
|
esac
|
|
|
|
SSL_HOSTNAME=$(openssl x509 -in $SSL_PATH/server.crt -noout -subject | tr '/' '\n' | grep CN= | cut -c4-)
|
|
SSL_HOSTNAME_ALT=$(openssl x509 -in $SSL_PATH/server.crt -noout -text | grep --after-context=1 '509v3 Subject Alternative Name:' | tail -n 1 | sed -e "s/[[:space:]]*DNS://g" | tr ',' '\n' || true)
|
|
if [[ -n "$SSL_HOSTNAME_ALT" ]]; then
|
|
SSL_HOSTNAMES="${SSL_HOSTNAME}\n${SSL_HOSTNAME_ALT}"
|
|
else
|
|
SSL_HOSTNAMES=$SSL_HOSTNAME
|
|
fi
|
|
echo -e $SSL_HOSTNAMES
|
|
return 0
|
|
}
|