Mercurial Hosting > luan
changeset 2009:f1d9679308f0 default tip
fix local https
author | Franklin Schmidt <fschmidt@gmail.com> |
---|---|
date | Mon, 01 Sep 2025 05:15:44 -0600 |
parents | bba3e529e346 |
children | |
files | host/local_https.sh src/luan/host/https.luan |
diffstat | 2 files changed, 15 insertions(+), 98 deletions(-) [+] |
line wrap: on
line diff
diff -r bba3e529e346 -r f1d9679308f0 host/local_https.sh --- /dev/null Thu Jan 01 00:00:00 1970 +0000 +++ b/host/local_https.sh Mon Sep 01 05:15:44 2025 -0600 @@ -0,0 +1,10 @@ +#!/bin/bash +set -e + +DOMAIN=$1 + +cd sites/$DOMAIN + +openssl req -x509 -newkey rsa:2048 -nodes -keyout "$DOMAIN.key" -out fullchain.cer -days 365 \ + -subj "/CN=$DOMAIN" \ + -addext "subjectAltName=DNS:$DOMAIN,IP:127.0.0.1"
diff -r bba3e529e346 -r f1d9679308f0 src/luan/host/https.luan --- a/src/luan/host/https.luan Wed Aug 27 01:14:17 2025 -0600 +++ b/src/luan/host/https.luan Mon Sep 01 05:15:44 2025 -0600 @@ -15,102 +15,6 @@ local logger = Logging.logger "https" -local local_cer = [[ ------BEGIN CERTIFICATE----- -MIIGGDCCBQCgAwIBAgISA2I3DK1t/znI/s4eJX23gWOPMA0GCSqGSIb3DQEBCwUA -MEoxCzAJBgNVBAYTAlVTMRYwFAYDVQQKEw1MZXQncyBFbmNyeXB0MSMwIQYDVQQD -ExpMZXQncyBFbmNyeXB0IEF1dGhvcml0eSBYMzAeFw0xODA2MTEwODQ1MDJaFw0x -ODA5MDkwODQ1MDJaMCIxIDAeBgNVBAMTF2h0dHBzLnRlc3QubHVhbmhvc3QuY29t -MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAvlvCVOGcE/79DJFCh45W -pmqfwljQMYWDNbyNb6zND4QzG80RPHgWNpoDyVUXG8eLn/rDazi0ldwkFH5usrO+ -m3IC5lT/Y/wIr+wT9dQv0l0IJKdkA+cnpOB0z8BU0nBnw6TKhhEcZrPsMRzjbFTJ -BLeUEf855Y+t/8TeSykBbV9ufiisLnR2/5gvOBW19LHkcxQYzKbmHPVh3sD2wyK8 -gg8B3jgqHJh+m/amOfaxZnOEtEd/TGd6QxCbVvh1jewneBoM9niVOScGUk9JuVol -tEgToV7vKYpwNRObbN7pitdwudbB3gieK1/BoxHNudjArur4Vapkx/+GSX1aHIsO -wQIDAQABo4IDHjCCAxowDgYDVR0PAQH/BAQDAgWgMB0GA1UdJQQWMBQGCCsGAQUF -BwMBBggrBgEFBQcDAjAMBgNVHRMBAf8EAjAAMB0GA1UdDgQWBBQhhVC3p8SHDpRt -GfyT/dPWQ7aSUDAfBgNVHSMEGDAWgBSoSmpjBH3duubRObemRWXv86jsoTBvBggr -BgEFBQcBAQRjMGEwLgYIKwYBBQUHMAGGImh0dHA6Ly9vY3NwLmludC14My5sZXRz -ZW5jcnlwdC5vcmcwLwYIKwYBBQUHMAKGI2h0dHA6Ly9jZXJ0LmludC14My5sZXRz -ZW5jcnlwdC5vcmcvMCIGA1UdEQQbMBmCF2h0dHBzLnRlc3QubHVhbmhvc3QuY29t -MIH+BgNVHSAEgfYwgfMwCAYGZ4EMAQIBMIHmBgsrBgEEAYLfEwEBATCB1jAmBggr -BgEFBQcCARYaaHR0cDovL2Nwcy5sZXRzZW5jcnlwdC5vcmcwgasGCCsGAQUFBwIC -MIGeDIGbVGhpcyBDZXJ0aWZpY2F0ZSBtYXkgb25seSBiZSByZWxpZWQgdXBvbiBi -eSBSZWx5aW5nIFBhcnRpZXMgYW5kIG9ubHkgaW4gYWNjb3JkYW5jZSB3aXRoIHRo -ZSBDZXJ0aWZpY2F0ZSBQb2xpY3kgZm91bmQgYXQgaHR0cHM6Ly9sZXRzZW5jcnlw -dC5vcmcvcmVwb3NpdG9yeS8wggEDBgorBgEEAdZ5AgQCBIH0BIHxAO8AdQApPFGW -VMg5ZbqqUPxYB9S3b79Yeily3KTDDPTlRUf0eAAAAWPuPA0tAAAEAwBGMEQCIFV8 -xYbsY+O1vubYs0f6KVNlCMMd/d7R5HP76vnNWuGEAiBxlEyVDR4qPf8502v4cqfs -bG6UGaSqPT4gO8Xp8qOSCQB2ANt0r+7LKeyx/so+cW0s5bmquzb3hHGDx12dTze2 -H79kAAABY+48DR0AAAQDAEcwRQIhAKdDQAa1EquTQzbZaiE88QccvGidohe/AbMB -Dd1TwQdwAiBGuXo3vKBKZpc1SONmXOz8Oq99JziXcsyLUvkBo99lejANBgkqhkiG -9w0BAQsFAAOCAQEASyfiSFAjL7nUuFrzhUPlMtWE6sF5JgIoLagHqcGiBZYW8Qzg -1Xs+zByFmIVl96T6Hgf/7ZRTD81CIinQCEeTPkx4P/S8xLSmyCmYjjxyvje4BHJW -AkW2eJtPwxQfKfLqaRFzJNE2I2PS1mQC2DyL76UghesujMx+B2uqb1geZ87XRwOu -iCwQtnLvdqAA3m2JMzahTWXElmW5YbzvbxWc1WLRn3lc3R9a9SFX++LTRxv44/i6 -XiVFekc+IG6oL5bkcLIT70rLa8/vyqUaAicHvnkFp6CbmUX+Pe6nYAfBlYuQzGLM -e1qixE3bA1Mv6cpyOFIC+beASN/Xj7jbEa7EBA== ------END CERTIFICATE----- ------BEGIN CERTIFICATE----- -MIIEkjCCA3qgAwIBAgIQCgFBQgAAAVOFc2oLheynCDANBgkqhkiG9w0BAQsFADA/ -MSQwIgYDVQQKExtEaWdpdGFsIFNpZ25hdHVyZSBUcnVzdCBDby4xFzAVBgNVBAMT -DkRTVCBSb290IENBIFgzMB4XDTE2MDMxNzE2NDA0NloXDTIxMDMxNzE2NDA0Nlow -SjELMAkGA1UEBhMCVVMxFjAUBgNVBAoTDUxldCdzIEVuY3J5cHQxIzAhBgNVBAMT -GkxldCdzIEVuY3J5cHQgQXV0aG9yaXR5IFgzMIIBIjANBgkqhkiG9w0BAQEFAAOC -AQ8AMIIBCgKCAQEAnNMM8FrlLke3cl03g7NoYzDq1zUmGSXhvb418XCSL7e4S0EF -q6meNQhY7LEqxGiHC6PjdeTm86dicbp5gWAf15Gan/PQeGdxyGkOlZHP/uaZ6WA8 -SMx+yk13EiSdRxta67nsHjcAHJyse6cF6s5K671B5TaYucv9bTyWaN8jKkKQDIZ0 -Z8h/pZq4UmEUEz9l6YKHy9v6Dlb2honzhT+Xhq+w3Brvaw2VFn3EK6BlspkENnWA -a6xK8xuQSXgvopZPKiAlKQTGdMDQMc2PMTiVFrqoM7hD8bEfwzB/onkxEz0tNvjj -/PIzark5McWvxI0NHWQWM6r6hCm21AvA2H3DkwIDAQABo4IBfTCCAXkwEgYDVR0T -AQH/BAgwBgEB/wIBADAOBgNVHQ8BAf8EBAMCAYYwfwYIKwYBBQUHAQEEczBxMDIG -CCsGAQUFBzABhiZodHRwOi8vaXNyZy50cnVzdGlkLm9jc3AuaWRlbnRydXN0LmNv -bTA7BggrBgEFBQcwAoYvaHR0cDovL2FwcHMuaWRlbnRydXN0LmNvbS9yb290cy9k -c3Ryb290Y2F4My5wN2MwHwYDVR0jBBgwFoAUxKexpHsscfrb4UuQdf/EFWCFiRAw -VAYDVR0gBE0wSzAIBgZngQwBAgEwPwYLKwYBBAGC3xMBAQEwMDAuBggrBgEFBQcC -ARYiaHR0cDovL2Nwcy5yb290LXgxLmxldHNlbmNyeXB0Lm9yZzA8BgNVHR8ENTAz -MDGgL6AthitodHRwOi8vY3JsLmlkZW50cnVzdC5jb20vRFNUUk9PVENBWDNDUkwu -Y3JsMB0GA1UdDgQWBBSoSmpjBH3duubRObemRWXv86jsoTANBgkqhkiG9w0BAQsF -AAOCAQEA3TPXEfNjWDjdGBX7CVW+dla5cEilaUcne8IkCJLxWh9KEik3JHRRHGJo -uM2VcGfl96S8TihRzZvoroed6ti6WqEBmtzw3Wodatg+VyOeph4EYpr/1wXKtx8/ -wApIvJSwtmVi4MFU5aMqrSDE6ea73Mj2tcMyo5jMd6jmeWUHK8so/joWUoHOUgwu -X4Po1QYz+3dszkDqMp4fklxBwXRsW10KXzPMTZ+sOPAveyxindmjkW8lGy+QsRlG -PfZ+G6Z6h7mjem0Y+iWlkYcV4PIWL1iwBi8saCbGS5jN2p8M+X+Q7UNKEkROb3N6 -KOqkqm57TH2H3eDJAkSnh6/DNFu0Qg== ------END CERTIFICATE----- -]] - -local local_key = [[ ------BEGIN RSA PRIVATE KEY----- -MIIEpAIBAAKCAQEAvlvCVOGcE/79DJFCh45WpmqfwljQMYWDNbyNb6zND4QzG80R -PHgWNpoDyVUXG8eLn/rDazi0ldwkFH5usrO+m3IC5lT/Y/wIr+wT9dQv0l0IJKdk -A+cnpOB0z8BU0nBnw6TKhhEcZrPsMRzjbFTJBLeUEf855Y+t/8TeSykBbV9ufiis -LnR2/5gvOBW19LHkcxQYzKbmHPVh3sD2wyK8gg8B3jgqHJh+m/amOfaxZnOEtEd/ -TGd6QxCbVvh1jewneBoM9niVOScGUk9JuVoltEgToV7vKYpwNRObbN7pitdwudbB -3gieK1/BoxHNudjArur4Vapkx/+GSX1aHIsOwQIDAQABAoIBAFRgJcYr7luqpY2B -gYTGYcAH+OJTLY0Vye/ysJp0dLxQ87p57g7oh6gSImWGUuTcURZLN316OAlI97Eh -zX1mULFkGsbvm/g8ibk4oixPrhbHZ8mfbKSSPC9H0l8XuEFC06uTirVcNkOLssCe -NmwZNLTjjj1f7NDFG/IH2CRme5x3cRdfVDQ1tYiK8lHxoHRj2uN3P1gsJIlDYR1a -A3TqbLDFYGsvoMPtgkcK/wRpBQCX0FL2IDrigGF33Eb5BiqFHx7KXO9Qjsyb6Y6z -B/OusjQ6LA//Oq2aizdoDD/op5GRAG7R5wB/8SrjlkME4q8psLRYalcgPwBStQjL -9tWVHGUCgYEA7xK3xB29TwYoTRY9RwtTILnYXdKM5tY0npC9jDeL96KZeibd0l/S -2jDqn32O8WUGYHticWYFuUS8evcGtsaBmZPUFT5ndp4DmfahttyS+CoF/NDPlZGq -cpl92ZDDCQrY68zSY9UhHY/JaslOVv963UfrL30Wok1Bg0A0sqDVgY8CgYEAy9YS -KjnspIWgC8Fq2kkMAIdBXQVnaRP5l7gyRmVuVwDXS+iG/0DGZfmv1g9S17lUz3R0 -rpKp4iorboJ2A4Wiv0dgar7CmzLMcMSUREX4L7DoRsEXUuxsCOf0F2Vt3baVdo3N -PtfV8QzpcRAlN4Fap7s0ErNP21OE/ZXocwQ1oq8CgYEA5+1GrVEUiAc3LaF3jOZl -nIfuaQaLfp0rqvBLki2I8ZGiRqhR5XbkfJub4WHTPEd/ajYIiG4q+1K9bqUatFHb -BHwu8PT7Nk2QvNpQg690PJ+38003NKh9rHNPbbNMIgeN7SNkr0jhuWX2RkxIXYm3 -TdgpRoaZYJaGCahN90SkG+0CgYBWM1J9Pv+/V68mKYaJh2im9IwEzZs8ybC8o63H -LW/rJTTnKg+k9HyydVQR/2r2Ra8DCGmrxeRH+7NgSZWkyafYolO48LEVtvbUHZ3h -/YEGkha4jUHS1J6faZBFMKS0pVkxyKfqkpYsGVzDbqN+hJqU4ksUOXZk9z3/i5zA -vx/7iwKBgQCELMiakqU/tw3U+VwTRKoWYgCxg9SyG3UWpyuZSguK5k+4C+BvCaXN -PT7RjA5Gb8oQKUd9kcn1x/ljyTw3mqn5AT7TqfJkG/sMh+Fkl+JMpWFVfmexWihG -eW2FbldbFg8IUzTPHAOFmO7+9h5oN0pBWwcml2D1YUqfGOyezisuAA== ------END RSA PRIVATE KEY----- -]] - - function Hosted.set_https(is_https) if Http.did_init() then logger.error(new_error("set_https called outside of init.luan")) @@ -129,8 +33,11 @@ local is_local = ip(domain) == "127.0.0.1" logger.info("is_local "..is_local) if is_local then - key_file.write(local_key) - local_cer_file.write(local_cer) + local cmd = [[ +./local_https.sh "]]..domain..[[" +]] + local s = uri("bash:"..cmd).read_text() + logger.info("issue local certificate") else local cmd = [[ ./acme.sh --debug --issue -d "]]..domain..[[" --stateless --cert-home "]]..top_dir..[[/sites" --config-home "]]..top_dir..[[/local/letsencrypt/config";