diff options
-rw-r--r-- | cmd/commandfuncs.go | 3 | ||||
-rw-r--r-- | cmd/main.go | 68 | ||||
-rw-r--r-- | go.mod | 2 | ||||
-rw-r--r-- | modules/caddytls/tls.go | 130 |
4 files changed, 1 insertions, 202 deletions
diff --git a/cmd/commandfuncs.go b/cmd/commandfuncs.go index 2b437c3..77d95b9 100644 --- a/cmd/commandfuncs.go +++ b/cmd/commandfuncs.go @@ -174,9 +174,6 @@ func cmdRun(fl Flags) (int, error) { printEnvironment() } - // TODO: This is TEMPORARY, until the RCs - moveStorage() - // load the config, depending on flags var config []byte var err error diff --git a/cmd/main.go b/cmd/main.go index 5643431..c4d262a 100644 --- a/cmd/main.go +++ b/cmd/main.go @@ -450,71 +450,3 @@ func caddyVersion() string { } return ver } - -// moveStorage moves the old default dataDir to the new default dataDir. -// TODO: This is TEMPORARY until the release candidates. -func moveStorage() { - // get the home directory (the old way) - oldHome := os.Getenv("HOME") - if oldHome == "" && runtime.GOOS == "windows" { - drive := os.Getenv("HOMEDRIVE") - path := os.Getenv("HOMEPATH") - oldHome = drive + path - if drive == "" || path == "" { - oldHome = os.Getenv("USERPROFILE") - } - } - if oldHome == "" { - oldHome = "." - } - oldDataDir := filepath.Join(oldHome, ".local", "share", "caddy") - - // nothing to do if old data dir doesn't exist - _, err := os.Stat(oldDataDir) - if os.IsNotExist(err) { - return - } - - // nothing to do if the new data dir is the same as the old one - newDataDir := caddy.AppDataDir() - if oldDataDir == newDataDir { - return - } - - logger := caddy.Log().Named("automigrate").With( - zap.String("old_dir", oldDataDir), - zap.String("new_dir", newDataDir)) - - logger.Info("beginning one-time data directory migration", - zap.String("details", "https://github.com/caddyserver/caddy/issues/2955")) - - // if new data directory exists, avoid auto-migration as a conservative safety measure - _, err = os.Stat(newDataDir) - if !os.IsNotExist(err) { - logger.Error("new data directory already exists; skipping auto-migration as conservative safety measure", - zap.Error(err), - zap.String("instructions", "https://github.com/caddyserver/caddy/issues/2955#issuecomment-570000333")) - return - } - - // construct the new data directory's parent folder - err = os.MkdirAll(filepath.Dir(newDataDir), 0700) - if err != nil { - logger.Error("unable to make new datadirectory - follow link for instructions", - zap.String("instructions", "https://github.com/caddyserver/caddy/issues/2955#issuecomment-570000333"), - zap.Error(err)) - return - } - - // folder structure is same, so just try to rename (move) it; - // this fails if the new path is on a separate device - err = os.Rename(oldDataDir, newDataDir) - if err != nil { - logger.Error("new data directory already exists; skipping auto-migration as conservative safety measure - follow link for instructions", - zap.String("instructions", "https://github.com/caddyserver/caddy/issues/2955#issuecomment-570000333"), - zap.Error(err)) - } - - logger.Info("successfully completed one-time migration of data directory", - zap.String("details", "https://github.com/caddyserver/caddy/issues/2955")) -} @@ -6,7 +6,7 @@ require ( github.com/Masterminds/sprig/v3 v3.1.0 github.com/alecthomas/chroma v0.8.2 github.com/aryann/difflib v0.0.0-20170710044230-e206f873d14a - github.com/caddyserver/certmagic v0.12.1-0.20210211020017-ebb8d8b435b4 + github.com/caddyserver/certmagic v0.12.1-0.20210222221710-6131a445f6bf github.com/dustin/go-humanize v1.0.1-0.20200219035652-afde56e7acac github.com/go-chi/chi v4.1.2+incompatible github.com/google/cel-go v0.6.0 diff --git a/modules/caddytls/tls.go b/modules/caddytls/tls.go index fdff447..51c4cab 100644 --- a/modules/caddytls/tls.go +++ b/modules/caddytls/tls.go @@ -18,13 +18,9 @@ import ( "crypto/tls" "encoding/json" "fmt" - "io/ioutil" "log" "net/http" - "os" - "path/filepath" "runtime/debug" - "strings" "sync" "time" @@ -191,14 +187,6 @@ func (t *TLS) Provision(ctx caddy.Context) error { } } - // TODO: TEMPORARY UNTIL RELEASE CANDIDATES: - // MIGRATE MANAGED CERTIFICATE ASSETS TO NEW PATH - err = t.moveCertificates() - if err != nil { - t.logger.Error("migrating certificates", zap.Error(err)) - } - // END TODO: TEMPORARY. - return nil } @@ -529,121 +517,3 @@ var ( _ caddy.Validator = (*TLS)(nil) _ caddy.CleanerUpper = (*TLS)(nil) ) - -// TODO: This is temporary until the release candidates -// (beta 16 changed the storage path for certificates), -// after which this function can be deleted -func (t *TLS) moveCertificates() error { - logger := t.logger.Named("automigrate") - - baseDir := caddy.AppDataDir() - - // if custom storage path was defined, use that instead - if fs, ok := t.ctx.Storage().(*certmagic.FileStorage); ok && fs.Path != "" { - baseDir = fs.Path - } - - oldAcmeDir := filepath.Join(baseDir, "acme") - oldAcmeCas, err := ioutil.ReadDir(oldAcmeDir) - if err != nil { - if os.IsNotExist(err) { - return nil - } - return fmt.Errorf("listing used ACME CAs: %v", err) - } - - // get list of used CAs - oldCANames := make([]string, 0, len(oldAcmeCas)) - for _, fi := range oldAcmeCas { - if !fi.IsDir() { - continue - } - oldCANames = append(oldCANames, fi.Name()) - } - - for _, oldCA := range oldCANames { - // make new destination path - newCAName := oldCA - if strings.Contains(oldCA, "api.letsencrypt.org") && - !strings.HasSuffix(oldCA, "-directory") { - newCAName += "-directory" - } - newBaseDir := filepath.Join(baseDir, "certificates", newCAName) - err := os.MkdirAll(newBaseDir, 0700) - if err != nil { - return fmt.Errorf("making new certs directory: %v", err) - } - - // list sites in old path - oldAcmeSitesDir := filepath.Join(oldAcmeDir, oldCA, "sites") - oldAcmeSites, err := ioutil.ReadDir(oldAcmeSitesDir) - if err != nil { - if os.IsNotExist(err) { - continue - } - return fmt.Errorf("listing sites: %v", err) - } - - if len(oldAcmeSites) > 0 { - logger.Warn("certificate storage path has changed; attempting one-time auto-migration", - zap.String("old_folder", oldAcmeSitesDir), - zap.String("new_folder", newBaseDir), - zap.String("details", "https://github.com/caddyserver/caddy/issues/2955")) - } - - // for each site, move its folder and re-encode its metadata - for _, siteInfo := range oldAcmeSites { - if !siteInfo.IsDir() { - continue - } - - // move the folder - oldPath := filepath.Join(oldAcmeSitesDir, siteInfo.Name()) - newPath := filepath.Join(newBaseDir, siteInfo.Name()) - logger.Info("moving certificate assets", - zap.String("ca", oldCA), - zap.String("site", siteInfo.Name()), - zap.String("destination", newPath)) - err = os.Rename(oldPath, newPath) - if err != nil { - logger.Error("failed moving site to new path; skipping", - zap.String("old_path", oldPath), - zap.String("new_path", newPath), - zap.Error(err)) - continue - } - - // re-encode metadata file - metaFilePath := filepath.Join(newPath, siteInfo.Name()+".json") - metaContents, err := ioutil.ReadFile(metaFilePath) - if err != nil { - logger.Error("could not read metadata file", - zap.String("filename", metaFilePath), - zap.Error(err)) - continue - } - if len(metaContents) == 0 { - continue - } - cr := certmagic.CertificateResource{ - SANs: []string{siteInfo.Name()}, - IssuerData: json.RawMessage(metaContents), - } - newMeta, err := json.MarshalIndent(cr, "", "\t") - if err != nil { - logger.Error("encoding new metadata file", zap.Error(err)) - continue - } - err = ioutil.WriteFile(metaFilePath, newMeta, 0600) - if err != nil { - logger.Error("writing new metadata file", zap.Error(err)) - continue - } - } - - // delete now-empty old sites dir (OK if fails) - os.Remove(oldAcmeSitesDir) - } - - return nil -} |