YunoHost/yunohost
1
0
Fork 0
mirror of https://github.com/YunoHost/yunohost.git synced 2024-09-03 20:06:10 +02:00
Code Issues Projects Releases Packages Wiki Activity

Merge branch 'dev_on_muc' of github.com:larchange/yunohost into larchange-dev_on_muc

Browse source
This commit is contained in:
Alexandre Aubin 2022-11-27 03:02:42 +01:00
commit a5a2a15351
4 changed files with 24 additions and 13 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

2
conf/nginx/server.tpl.conf
View file

@ -6,7 +6,7 @@ map $http_upgrade $connection_upgrade {
server { server {
listen 80; listen 80;
listen [::]:80; listen [::]:80;
server_name {{ domain }}{% if xmpp_enabled != "True" %} xmpp-upload.{{ domain }}{% endif %}; server_name {{ domain }}{% if xmpp_enabled != "True" %} xmpp-upload.{{ domain }} muc.{{ domain }}{% endif %};
access_by_lua_file /usr/share/ssowat/access.lua; access_by_lua_file /usr/share/ssowat/access.lua;

1
locales/en.json
View file

@ -311,6 +311,7 @@
"disk_space_not_sufficient_install": "There is not enough disk space left to install this application", "disk_space_not_sufficient_install": "There is not enough disk space left to install this application",
"disk_space_not_sufficient_update": "There is not enough disk space left to update this application", "disk_space_not_sufficient_update": "There is not enough disk space left to update this application",
"domain_cannot_add_xmpp_upload": "You cannot add domains starting with 'xmpp-upload.'. This kind of name is reserved for the XMPP upload feature integrated into YunoHost.", "domain_cannot_add_xmpp_upload": "You cannot add domains starting with 'xmpp-upload.'. This kind of name is reserved for the XMPP upload feature integrated into YunoHost.",
"domain_cannot_add_muc_upload": "You cannot add domains starting with 'muc.'. This kind of name is reserved for the XMPP multi-users chat feature integrated into YunoHost.",
"domain_cannot_remove_main": "You cannot remove '{domain}' since it's the main domain, you first need to set another domain as the main domain using 'yunohost domain main-domain -n <another-domain>'; here is the list of candidate domains: {other_domains}", "domain_cannot_remove_main": "You cannot remove '{domain}' since it's the main domain, you first need to set another domain as the main domain using 'yunohost domain main-domain -n <another-domain>'; here is the list of candidate domains: {other_domains}",
"domain_cannot_remove_main_add_new_one": "You cannot remove '{domain}' since it's the main domain and your only domain, you need to first add another domain using 'yunohost domain add <another-domain.com>', then set is as the main domain using 'yunohost domain main-domain -n <another-domain.com>' and then you can remove the domain '{domain}' using 'yunohost domain remove {domain}'.'", "domain_cannot_remove_main_add_new_one": "You cannot remove '{domain}' since it's the main domain and your only domain, you need to first add another domain using 'yunohost domain add <another-domain.com>', then set is as the main domain using 'yunohost domain main-domain -n <another-domain.com>' and then you can remove the domain '{domain}' using 'yunohost domain remove {domain}'.'",
"domain_cert_gen_failed": "Could not generate certificate", "domain_cert_gen_failed": "Could not generate certificate",

31
src/certificate.py
View file

@ -568,9 +568,10 @@ def _prepare_certificate_signing_request(domain, key_file, output_folder):
# Set the domain # Set the domain
csr.get_subject().CN = domain csr.get_subject().CN = domain
from yunohost.domain import domain_list, domain_config_get from yunohost.domain import domain_config_get
# If XMPP is enabled for this domain, add xmpp-upload domain # If XMPP is enabled for this domain, add xmpp-upload and muc subdomains
# in subject alternate names
if domain_config_get(domain, key="feature.xmpp.xmpp") == 1: if domain_config_get(domain, key="feature.xmpp.xmpp") == 1:
subdomain = "xmpp-upload." + domain subdomain = "xmpp-upload." + domain
xmpp_records = ( xmpp_records = (
@ -579,24 +580,30 @@ def _prepare_certificate_signing_request(domain, key_file, output_folder):
).get("data") ).get("data")
or {} or {}
) )
if xmpp_records.get("CNAME:xmpp-upload") == "OK": sanlist = []
for sub in ('xmpp-upload', 'muc'):
subdomain = sub + "." + domain
if xmpp_records.get("CNAME:" + sub) == "OK":
sanlist.append(("DNS:" + subdomain))
else:
logger.warning(
m18n.n(
"certmanager_warning_subdomain_dns_record",
subdomain=subdomain,
domain=domain,
)
)
if sanlist:
csr.add_extensions( csr.add_extensions(
[ [
crypto.X509Extension( crypto.X509Extension(
b"subjectAltName", b"subjectAltName",
False, False,
("DNS:" + subdomain).encode("utf8"), (", ".join(sanlist)).encode("utf-8"),
) )
] ]
) )
else:
logger.warning(
m18n.n(
"certmanager_warning_subdomain_dns_record",
subdomain=subdomain,
domain=domain,
)
)
# Set the key # Set the key
with open(key_file, "rt") as f: with open(key_file, "rt") as f:

3
src/domain.py
View file

@ -229,6 +229,9 @@ def domain_add(operation_logger, domain, dyndns=False):
if domain.startswith("xmpp-upload."): if domain.startswith("xmpp-upload."):
raise YunohostValidationError("domain_cannot_add_xmpp_upload") raise YunohostValidationError("domain_cannot_add_xmpp_upload")
if domain.startswith("muc."):
raise YunohostError("domain_cannot_add_muc_upload")
ldap = _get_ldap_interface() ldap = _get_ldap_interface()
try: try: