phpmon/laravel-valet
1
0
Fork 0
mirror of https://github.com/laravel/valet.git synced 2026-02-05 16:40:05 +01:00
Code Activity

added the ability to renew certs and view their expiration dates

Browse Source
This commit is contained in:
Austin Drummond
2023-12-19 23:23:02 -05:00
parent c4fb099eea
commit eec8d5f0fc
2 changed files with 57 additions and 8 deletions
Download Patch File Download Diff File Expand all files Collapse all files

17
cli/Valet/Site.php
View File

@@ -2,6 +2,7 @@
namespace Valet; namespace Valet;
use DateTime;
use DomainException; use DomainException;
use Illuminate\Support\Collection; use Illuminate\Support\Collection;
use PhpFpm; use PhpFpm;
@@ -423,15 +424,25 @@ public function replaceOldLoopbackWithNew(string $siteConf, string $old, string
} }
/** /**
* Get all of the URLs that are currently secured. * Get all of the URLs with expiration dates that are currently secured.
*/ */
public function secured(): array public function secured(): array
{ {
return collect($this->files->scandir($this->certificatesPath())) return collect($this->files->scandir($this->certificatesPath()))
->filter(function ($file) { ->filter(function ($file) {
return ends_with($file, ['.key', '.csr', '.crt', '.conf']); return ends_with($file, ['.crt']);
})->map(function ($file) { })->map(function ($file) {
return str_replace(['.key', '.csr', '.crt', '.conf'], '', $file);
$host = str_replace(['.crt'], '', $file);
$filePath = $this->certificatesPath() . '/' . $file;
$expiration = $this->cli->run("openssl x509 -enddate -noout -in $filePath");
return [
'host' => $host,
'exp' => new DateTime(str_replace('notAfter=', '', $expiration)),
];
})->unique()->values()->all(); })->unique()->values()->all();
} }

48
cli/app.php
View File

@@ -278,13 +278,51 @@ function (ConsoleCommandEvent $event) {
/** /**
* Display all of the currently secured sites. * Display all of the currently secured sites.
*/ */
$app->command('secured', function (OutputInterface $output) { $app->command('secured [--expiring] [--days=]', function (OutputInterface $output, $expiring = null, $days = 60) {
$sites = collect(Site::secured())->map(function ($url) { $now = (new Datetime())->add(new DateInterval('P' . $days . 'D'));
return ['Site' => $url]; $sites = collect(Site::secured())
->when($expiring, fn ($collection) => $collection->filter(fn ($row) => $row['exp'] < $now))
->map(function ($row) {
return [
'Site' => $row['host'],
'Valid Until' => $row['exp']->format('Y-m-d H:i:s T'),
];
})
->when($expiring, fn ($collection) => $collection->sortBy('Valid Until'));
return table(['Site', 'Valid Until'], $sites->all());
})->descriptions('Display all of the currently secured sites', [
'--expiring' => 'Limits the results to only sites expiring within the next 60 days.',
'--days' => 'To be used with --expiring. Limits the results to only sites expiring within the next X days. Default is set to 60.',
]);
/**
* Renews expired or expiring (within 60 days) domains with a trusted TLS certificate.
*/
$app->command('renew [--expireIn=] [--days=]', function (OutputInterface $output, $expireIn = 368, $days = 60) {
$now = (new DateTime())->add(new DateInterval('P' . $days . 'D'));
// Update anything expiring in the next 60 days
$sites = collect(Site::secured())
->filter(fn ($row) => $row['exp'] < $now)
->values();
if ($sites->isEmpty()) {
info('No sites need renewing.');
exit;
}
$sites->each(function ($row) use ($expireIn) {
$url = Site::domain($row['host']);
Site::unsecure($url);
Site::secure($url, null, $expireIn);
info('The [' . $url . '] site has been secured with a fresh TLS certificate.');
}); });
table(['Site'], $sites->all()); Nginx::restart();
})->descriptions('Display all of the currently secured sites'); })->descriptions('Renews expired or expiring (within 60 days) domains with a trusted TLS certificate.', [
'--expireIn' => 'The amount of days the self signed certificate is valid for. Default is set to "368"',
'--days' => 'Renews sites expiring within the next X days. Default is set to 60.',
]);
/** /**
* Create an Nginx proxy config for the specified domain. * Create an Nginx proxy config for the specified domain.