fix(ssl): default domains missing in acme domains

getmeli · Dec 15, 2020 · 719fef8 · 719fef8
1 parent ef2ef9c
commit 719fef8
Show file tree

Hide file tree

Showing 5 changed files with 37 additions and 8 deletions.
diff --git a/src/caddy/config/ssl.ts b/src/caddy/config/ssl.ts
@@ -1,4 +1,6 @@
 import { URL } from 'url';
+import { getBranchDomain } from '../../entities/sites/get-branch-domain';
+import { getSiteDomain } from '../../entities/sites/get-site-domain';
 import { ManualSslConfiguration, Site } from '../../entities/sites/site';
 import { env } from '../../env/env';
 import { unique } from '../../utils/arrays-utils';
@@ -25,24 +27,30 @@ export function generateManualCertificatesConfig(sites: Site[]) {
 }
 
 export function generateServerTlsConfig(sites: Site[]) {
-  const sitesDomains = sites.flatMap(site => site.domains);
-  const acmeDomains = [
+  const sitesCustomDomains = sites.flatMap(site => site.domains);
+  const sitesMainDomainNames = sites
+    .map(site => getSiteDomain(site));
+  const sitesBranchesDomainNames = sites
+    .flatMap(site => site.branches
+      .map(branch => getBranchDomain(site, branch)));
+  const acmeDomainNames = [
     meliUrl.hostname,
     meliUiUrl.hostname,
-    ...sitesDomains
+    ...sitesCustomDomains
       .filter(domain => domain.sslConfiguration?.type === 'acme')
       .map(domain => domain.name),
+    ...sitesMainDomainNames,
+    ...sitesBranchesDomainNames,
   ].filter(unique);
-  const manualCertificatesDomains = sitesDomains
+  const manualCertificatesDomains = sitesCustomDomains
     .filter(domain => domain.sslConfiguration?.type !== 'acme');
 
   return {
     tls_connection_policies: [
       {
         match: {
-          sni: acmeDomains,
+          sni: acmeDomainNames,
         },
-        // TODO if manual certificate was given for meli, use it (leave as is for acme)
       },
       ...manualCertificatesDomains.map(domain => ({
         match: {

diff --git a/src/entities/sites/get-branch-domain.ts b/src/entities/sites/get-branch-domain.ts
@@ -0,0 +1,10 @@
+import { URL } from 'url';
+import { env } from '../../env/env';
+import { Branch } from './branch';
+import { Site } from './site';
+
+const sitesUrl = new URL(env.MELI_SITES_URL);
+
+export function getBranchDomain(site: Site, branch: Branch) {
+  return `${branch.name}.${site.name}.${sitesUrl.host}`;
+}
diff --git a/src/entities/sites/get-branch-url.ts b/src/entities/sites/get-branch-url.ts
@@ -1,10 +1,11 @@
 import { Branch } from './branch';
 import { env } from '../../env/env';
+import { getBranchDomain } from './get-branch-domain';
 import { Site } from './site';
 import { URL } from 'url';
 
 const sitesUrl = new URL(env.MELI_SITES_URL);
 
 export function getBranchUrl(site: Site, branch: Branch) {
-  return `${sitesUrl.protocol}//${branch.name}.${site.name}.${sitesUrl.host}`;
+  return `${sitesUrl.protocol}//${getBranchDomain(site, branch)}`;
 }
diff --git a/src/entities/sites/get-site-domain.ts b/src/entities/sites/get-site-domain.ts
@@ -0,0 +1,9 @@
+import { URL } from 'url';
+import { env } from '../../env/env';
+import { Site } from './site';
+
+const sitesUrl = new URL(env.MELI_SITES_URL);
+
+export function getSiteDomain(site: Site) {
+  return `${site.name}.${sitesUrl.host}`;
+}
diff --git a/src/entities/sites/get-site-url.ts b/src/entities/sites/get-site-url.ts
@@ -1,9 +1,10 @@
+import { getSiteDomain } from './get-site-domain';
 import { Site } from './site';
 import { env } from '../../env/env';
 import { URL } from 'url';
 
 const sitesUrl = new URL(env.MELI_SITES_URL);
 
 export function getSiteUrl(site: Site) {
-  return `${sitesUrl.protocol}//${site.name}.${sitesUrl.host}`;
+  return `${sitesUrl.protocol}//${getSiteDomain(site)}`;
 }