Skip to content

Commit

Permalink
Merge pull request #651 from replicatedhq/divolgin/sc-107764/spike-ca…
Browse files Browse the repository at this point in the history 
…n-there-be-a-single-domain-to-cname

Use HTTP/ACME challenge for TLS validation
  • Loading branch information
@divolgin
divolgin authored Jul 30, 2024
2 parents eb9b0ae + 5c42f2e commit fe379a6
Show file tree
Hide file tree
Showing 2 changed files with 44 additions and 0 deletions.
16 changes: 16 additions & 0 deletions install_scripts/app.py
View file
Original file line number Diff line number Diff line change
Expand Up @@ -66,6 +66,22 @@ def get_metricz():
return ''


@app.route('/.well-known/acme-challenge/<challenge>')
def get_acme_challenge_response(challenge):
response = helpers.get_acme_challenge_response(challenge)
if response == '':
return Response('', status=404)
return Response(response, mimetype='text/plain')


@app.route('/.well-known/cf-custom-hostname-challenge/<challenge>')
def get_domain_challenge_response(challenge):
response = helpers.get_domain_challenge_response(challenge)
if response == '':
return Response('', status=404)
return Response(response, mimetype='text/plain')


@app.route('/docker-install.sh')
def get_docker():
docker_version = helpers.get_arg('docker_version',
Expand Down
28 changes: 28 additions & 0 deletions install_scripts/helpers.py
View file
Original file line number Diff line number Diff line change
Expand Up @@ -82,6 +82,34 @@ def get_arg(name, dflt=None):
return make_shell_safe(request.args.get(name)) if request.args.get(name) else dflt


def get_acme_challenge_response(challenge):
cursor = db.get().cursor()
query = ('SELECT tls_http_body FROM vendor_team_custom_hostname WHERE tls_acme_challenge = %s')
cursor.execute(query, (challenge, ))
row = cursor.fetchone()
cursor.close()

tls_http_body = ''
if row is not None:
(tls_http_body, ) = row

return tls_http_body


def get_domain_challenge_response(challenge):
cursor = db.get().cursor()
query = ('SELECT domain_challenge_response FROM vendor_team_custom_hostname WHERE domain_challenge = %s')
cursor.execute(query, (challenge, ))
row = cursor.fetchone()
cursor.close()

domain_challenge_response = ''
if row is not None:
(domain_challenge_response, ) = row

return domain_challenge_response


def get_pinned_docker_version(replicated_version, scheduler):
version_info = semver.parse(replicated_version, loose=False)
cursor = db.get().cursor()
Expand Down

0 comments on commit fe379a6

Please sign in to comment.