Reverted to symlink based .well-known (required by certbot configurat…

…ion)
tollwerk · Dec 11, 2017 · e79cc59 · e79cc59
1 parent e453c59
commit e79cc59
Show file tree

Hide file tree

Showing 4 changed files with 4 additions and 14 deletions.
diff --git a/src/Admin/Infrastructure/Persistence/Apache.php b/src/Admin/Infrastructure/Persistence/Apache.php
@@ -99,7 +99,6 @@ public function __construct(AccountInterface $account, array $config)
     public function __invoke(VhostInterface $vhost)
     {
         $files = [];
-        $httpsPorts = $vhost->getPorts(Vhost::PROTOCOL_HTTPS);
 
         $variables = $this->config;
         $variables['primary_domain'] = strval($vhost->getPrimaryDomain());
@@ -110,8 +109,6 @@ public function __invoke(VhostInterface $vhost)
             rtrim($this->config['dataroot'].DIRECTORY_SEPARATOR.$vhost->getDocroot(), DIRECTORY_SEPARATOR);
         $variables['configroot'] = $this->config['vhostroot'].DIRECTORY_SEPARATOR.$variables['primary_domain'];
         $variables['php_version'] = $vhost->getPhp();
-        $variables['challenge'] = rtrim(App::getConfig('certbot.challenge'), '/').'/';
-        $variables['ssl'] = !empty($httpsPorts);
 
         // If the virtual host should redirect
         if ($vhost->getRedirectUrl() !== null) {
@@ -130,6 +127,7 @@ public function __invoke(VhostInterface $vhost)
             TemplateService::render('apache_vhost.include', $variables));
 
         // If the HTTPS protocol is supported
+        $httpsPorts = $vhost->getPorts(Vhost::PROTOCOL_HTTPS);
         if (!empty($httpsPorts)) {
             $certbotConfig = $this->helper->vhostDirectory($vhost).DIRECTORY_SEPARATOR.'certbot.ini';
             $certbotService = CertbotServiceFactory::create($certbotConfig);
@@ -157,8 +155,7 @@ public function __invoke(VhostInterface $vhost)
                 TemplateService::render('certbot.ini', $variables));
 
             // Create the well-known symlink
-            // 2017-12-11: Disabled again, see deprecation notice
-            // $certbotService->prepare($vhost, $this->helper);
+             $certbotService->prepare($vhost, $this->helper);
 
             // Output a hint if the primary domain isn't certified
             if (!$primaryDomainIsCertified) {

diff --git a/src/Admin/Infrastructure/Service/CertbotService.php b/src/Admin/Infrastructure/Service/CertbotService.php
@@ -92,7 +92,6 @@ public function isCertified($domain)
      * @throws \RuntimeException If the Certbot challenge directory is invalid
      * @throws \RuntimeException If the well-known symlink cannot be created
      * @throws \RuntimeException If the well-known link exists but is invalid
-     * @deprecated There should be no need for a real symlink here, the Apache Alias should cater for this
      */
     public function prepare(VhostInterface $vhost, AccountHelper $accountHelper)
     {

diff --git a/src/Admin/Infrastructure/Templates/apache_vhost.include b/src/Admin/Infrastructure/Templates/apache_vhost.include
@@ -12,12 +12,6 @@ DocumentRoot "{{docroot}}"
 	Options -Indexes +FollowSymLinks
 	AllowOverride All
 	Require all granted
-</Directory>{{#ssl}}
-
-<Directory {{challenge}}>
-    AllowOverride None
-    Require all granted
-</Directory>
-Alias /.well-known/ {{challenge}}/{{/ssl}}{{#php_version}}
+</Directory>{{#php_version}}
 
 Include {{configroot}}/apache_fmp.include{{/php_version}}
diff --git a/src/Admin/Infrastructure/Templates/certbot.ini b/src/Admin/Infrastructure/Templates/certbot.ini
@@ -1,5 +1,5 @@
 domains = {{primary_domain}}{{#secondary_domains_without_wildcards}},{{secondary_domains_without_wildcards}}{{/secondary_domains_without_wildcards}}
-webroot-path = {{challenge}}
+webroot-path = {{docroot}}
 
 rsa-key-size = 4096
 email = {{certemail}}