mirror of
https://github.com/opnsense/plugins.git
synced 2026-06-08 16:34:18 -04:00
www/caddy: Remove old custom migration scripts (#4213)
* www/caddy: Remove old custom migration scripts * www/caddy: Remove email validation since it made default migration fail due to an impossible condition at initial config creation
This commit is contained in:
Monviech
GitHub
parent
416faefa75
commit
61db9e7146
4 changed files with 15 additions and 181 deletions
|
|
@ -22,6 +22,9 @@ Plugin Changelog
|
|||
* Cleanup: Refactor "general.volt", "reverse_proxy.volt" and "diagnostics.volt" to imported ajaxGet() and ajaxCall()
|
||||
* Cleanup: Adjust style of all views
|
||||
* Cleanup: Restructure "general.xml" to include tabs, add new "Advanced Settings" Tab
|
||||
* Cleanup: Remove old custom migrations
|
||||
* Cleanup: Refactor Caddyfile template, extracting duplicate logic into macros
|
||||
* Fix: Removed email validation from Caddy.php since it made the default migration fail
|
||||
|
||||
1.6.3
|
||||
|
||||
|
|
|
|||
|
|
@ -36,7 +36,7 @@ use OPNsense\Core\Config;
|
|||
|
||||
class Caddy extends BaseModel
|
||||
{
|
||||
// 1. Check domain-port combinations
|
||||
// Check domain-port combinations
|
||||
private function checkForUniquePortCombos($items, $messages)
|
||||
{
|
||||
$combos = [];
|
||||
|
|
@ -76,7 +76,7 @@ class Caddy extends BaseModel
|
|||
}
|
||||
}
|
||||
|
||||
// 2. Check that subdomains are under a wildcard or exact domain
|
||||
// Check that subdomains are under a wildcard or exact domain
|
||||
private function checkSubdomainsAgainstDomains($subdomains, $domains, $messages)
|
||||
{
|
||||
$wildcardDomainList = [];
|
||||
|
|
@ -118,7 +118,7 @@ class Caddy extends BaseModel
|
|||
}
|
||||
}
|
||||
|
||||
// 3. Get the current OPNsense WebGUI ports and check for conflicts with Caddy
|
||||
// Get the current OPNsense WebGUI ports and check for conflicts with Caddy
|
||||
private function getWebGuiPorts()
|
||||
{
|
||||
$webgui = Config::getInstance()->object()->system->webgui ?? null;
|
||||
|
|
@ -168,21 +168,7 @@ class Caddy extends BaseModel
|
|||
}
|
||||
}
|
||||
|
||||
// 4. Check for ACME Email being required when Auto HTTPS on
|
||||
private function checkAcmeEmailAutoHttps($messages)
|
||||
{
|
||||
$tlsAutoHttpsSetting = (string)$this->general->TlsAutoHttps;
|
||||
$tlsEmail = (string)$this->general->TlsEmail;
|
||||
|
||||
if (empty($tlsEmail) && $tlsAutoHttpsSetting !== 'off') {
|
||||
$messages->appendMessage(new Message(
|
||||
gettext('To use "Auto HTTPS", an email address is required.'),
|
||||
"general.TlsEmail"
|
||||
));
|
||||
}
|
||||
}
|
||||
|
||||
// 5. Prevent the usage of conflicting options when TLS is deactivated for a Domain
|
||||
// Prevent the usage of conflicting options when TLS is deactivated for a Domain
|
||||
private function checkDisableTlsConflicts($messages)
|
||||
{
|
||||
foreach ($this->reverseproxy->reverse->iterateItems() as $item) {
|
||||
|
|
@ -212,7 +198,7 @@ class Caddy extends BaseModel
|
|||
}
|
||||
|
||||
/**
|
||||
* 6. Check that when Superuser is disabled, all ports are 1024 and above.
|
||||
* Check that when Superuser is disabled, all ports are 1024 and above.
|
||||
* In General settings where this triggers, a validation dialog will show the hidden validation of the domain ports.
|
||||
* The default HTTP and HTTPS ports are not allowed to be empty, since then they are 80 and 443.
|
||||
* Domain ports are allowed to be empty, since then they have the same value as the HTTP and HTTPS default ports.
|
||||
|
|
@ -267,7 +253,7 @@ class Caddy extends BaseModel
|
|||
}
|
||||
|
||||
/**
|
||||
* 6. Check that when certain Layer4 matchers are selected, only "*" is valid as FromDomain.
|
||||
* Check that when certain Layer4 matchers are selected, only "*" is valid as FromDomain.
|
||||
* This happens because they cannot be matched by host header or SNI, so they match all traffic.
|
||||
* The "*" shows the user that all traffic will be matched, and that creating multiple
|
||||
* matchers will not result in more routes for the same traffic type to work.
|
||||
|
|
@ -302,32 +288,29 @@ class Caddy extends BaseModel
|
|||
{
|
||||
$messages = parent::performValidation($validateFullModel);
|
||||
|
||||
// 1. Check domain-port combinations
|
||||
// Check domain-port combinations
|
||||
$this->checkForUniquePortCombos(
|
||||
$this->reverseproxy->reverse->iterateItems(),
|
||||
$messages
|
||||
);
|
||||
|
||||
// 2. Check that subdomains are under a wildcard or exact domain
|
||||
// Check that subdomains are under a wildcard or exact domain
|
||||
$this->checkSubdomainsAgainstDomains(
|
||||
$this->reverseproxy->subdomain->iterateItems(),
|
||||
$this->reverseproxy->reverse->iterateItems(),
|
||||
$messages
|
||||
);
|
||||
|
||||
// 3. Check WebGUI conflicts
|
||||
// Check WebGUI conflicts
|
||||
$this->checkWebGuiSettings($messages);
|
||||
|
||||
// 4. Check for ACME Email requirement
|
||||
$this->checkAcmeEmailAutoHttps($messages);
|
||||
|
||||
// 5. Check for TLS conflicts in Domain
|
||||
// Check for TLS conflicts in Domain
|
||||
$this->checkDisableTlsConflicts($messages);
|
||||
|
||||
// 6. Check DisableSuperuser Port conflicts
|
||||
// Check DisableSuperuser Port conflicts
|
||||
$this->checkSuperuserPorts($messages);
|
||||
|
||||
// 7. Check Layer4 matchers
|
||||
// Check Layer4 matchers
|
||||
$this->checkLayer4Matchers($messages);
|
||||
|
||||
return $messages;
|
||||
|
|
|
|||
|
|
@ -1,79 +0,0 @@
|
|||
<?php
|
||||
|
||||
/*
|
||||
* Copyright (C) 2024 Cedrik Pischem
|
||||
* All rights reserved.
|
||||
*
|
||||
* Redistribution and use in source and binary forms, with or without
|
||||
* modification, are permitted provided that the following conditions are met:
|
||||
*
|
||||
* 1. Redistributions of source code must retain the above copyright notice,
|
||||
* this list of conditions and the following disclaimer.
|
||||
*
|
||||
* 2. Redistributions in binary form must reproduce the above copyright
|
||||
* notice, this list of conditions and the following disclaimer in the
|
||||
* documentation and/or other materials provided with the distribution.
|
||||
*
|
||||
* THIS SOFTWARE IS PROVIDED ``AS IS'' AND ANY EXPRESS OR IMPLIED WARRANTIES,
|
||||
* INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY
|
||||
* AND FITNESS FOR A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE
|
||||
* AUTHOR BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY,
|
||||
* OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF
|
||||
* SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS
|
||||
* INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN
|
||||
* CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
|
||||
* ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE
|
||||
* POSSIBILITY OF SUCH DAMAGE.
|
||||
*/
|
||||
|
||||
namespace OPNsense\Caddy\Migrations;
|
||||
|
||||
use OPNsense\Base\BaseModelMigration;
|
||||
use OPNsense\Core\Config;
|
||||
|
||||
// @codingStandardsIgnoreStart
|
||||
class M1_1_3 extends BaseModelMigration
|
||||
// @codingStandardsIgnoreEnd
|
||||
{
|
||||
public function run($model)
|
||||
{
|
||||
// Load the current system configuration
|
||||
$config = Config::getInstance()->object();
|
||||
|
||||
// Ensure there are reverse proxy configurations to process
|
||||
if (!empty($config->Pischem->caddy->reverseproxy)) {
|
||||
// Loop through each reverse proxy configuration in the stored configuration config.xml
|
||||
foreach ($config->Pischem->caddy->reverseproxy->children() as $configNode) {
|
||||
// Extract the UUID attribute to identify the configuration item
|
||||
$uuid = (string)$configNode->attributes()->uuid;
|
||||
|
||||
// Check if the current configuration item has a 'Description' to migrate
|
||||
if (!empty($configNode->Description)) {
|
||||
// Store the value of 'Description' for migration
|
||||
$descriptionValue = (string)$configNode->Description;
|
||||
|
||||
// Attempt to locate the corresponding node in the model using the UUID
|
||||
$modelNode = null;
|
||||
|
||||
// Retrieve reverse proxy items from the model for matching UUID
|
||||
$reverseProxies = $model->getNodeByReference('reverseproxy')->iterateItems();
|
||||
foreach ($reverseProxies as $item) {
|
||||
foreach ($item->iterateItems() as $modelUuid => $node) {
|
||||
if ($uuid === $modelUuid) {
|
||||
$modelNode = $node;
|
||||
break 2; // Break from both loops once the node is found
|
||||
}
|
||||
}
|
||||
}
|
||||
|
||||
// If a matching node is found in the model, migrate the 'Description' value to 'description' value
|
||||
if ($modelNode !== null) {
|
||||
$modelNode->description = $descriptionValue;
|
||||
}
|
||||
}
|
||||
}
|
||||
}
|
||||
|
||||
// Model is saved by 'run_migrations.php'
|
||||
}
|
||||
}
|
||||
|
|
@ -1,73 +0,0 @@
|
|||
<?php
|
||||
|
||||
/*
|
||||
* Copyright (C) 2024 Cedrik Pischem
|
||||
* All rights reserved.
|
||||
*
|
||||
* Redistribution and use in source and binary forms, with or without
|
||||
* modification, are permitted provided that the following conditions are met:
|
||||
*
|
||||
* 1. Redistributions of source code must retain the above copyright notice,
|
||||
* this list of conditions and the following disclaimer.
|
||||
*
|
||||
* 2. Redistributions in binary form must reproduce the above copyright
|
||||
* notice, this list of conditions and the following disclaimer in the
|
||||
* documentation and/or other materials provided with the distribution.
|
||||
*
|
||||
* THIS SOFTWARE IS PROVIDED ``AS IS'' AND ANY EXPRESS OR IMPLIED WARRANTIES,
|
||||
* INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY
|
||||
* AND FITNESS FOR A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE
|
||||
* AUTHOR BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY,
|
||||
* OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF
|
||||
* SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS
|
||||
* INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN
|
||||
* CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
|
||||
* ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE
|
||||
* POSSIBILITY OF SUCH DAMAGE.
|
||||
*/
|
||||
|
||||
namespace OPNsense\Caddy\Migrations;
|
||||
|
||||
use OPNsense\Base\BaseModelMigration;
|
||||
use OPNsense\Core\Config;
|
||||
|
||||
// @codingStandardsIgnoreStart
|
||||
class M1_1_8 extends BaseModelMigration
|
||||
// @codingStandardsIgnoreEnd
|
||||
{
|
||||
public function run($model)
|
||||
{
|
||||
// Load the current system configuration
|
||||
$config = Config::getInstance()->object();
|
||||
|
||||
// Read and migrate TlsAutoHttps setting if necessary
|
||||
if (!empty($config->Pischem->caddy->general->TlsAutoHttps)) {
|
||||
$tlsAutoHttpsValue = (string)$config->Pischem->caddy->general->TlsAutoHttps;
|
||||
// Check if the current value is 'on' and needs to be migrated
|
||||
if ($tlsAutoHttpsValue === 'on') {
|
||||
// Locate the corresponding node in the model
|
||||
$modelNode = $model->getNodeByReference('general.TlsAutoHttps');
|
||||
if ($modelNode != null) {
|
||||
// Set to empty value in the model, migration from 'on' to ''
|
||||
$modelNode->setValue('');
|
||||
}
|
||||
}
|
||||
}
|
||||
|
||||
// Read and migrate TlsDnsProvider setting if necessary
|
||||
if (!empty($config->Pischem->caddy->general->TlsDnsProvider)) {
|
||||
$tlsDnsProviderValue = (string)$config->Pischem->caddy->general->TlsDnsProvider;
|
||||
// Check if the current value is 'none' and needs to be migrated
|
||||
if ($tlsDnsProviderValue === 'none') {
|
||||
// Locate the corresponding node in the model
|
||||
$modelNode = $model->getNodeByReference('general.TlsDnsProvider');
|
||||
if ($modelNode != null) {
|
||||
// Set to empty value in the model, migration from 'none' to ''
|
||||
$modelNode->setValue('');
|
||||
}
|
||||
}
|
||||
}
|
||||
|
||||
// Model is saved by 'run_migrations.php'
|
||||
}
|
||||
}
|
||||
Loading…
Reference in a new issue