Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

SSL Certificate update doesn't reload nginx #2566 #2605

Merged
merged 1 commit into from
Jul 10, 2023
Merged

SSL Certificate update doesn't reload nginx #2566 #2605

merged 1 commit into from
Jul 10, 2023

Conversation

phillxnet
Copy link
Member

Use systemctl wrapper to reload nginx post SSL cert reconfig. From Rockstor v4.5.4-0 onwards nginx is no longer managed by supervisord.

Includes

  • Nginx reload not restart to avoid Web-UI service interruption and enable confirmation dialog display.

Fixes #2566

Testing

https://doc.opensuse.org/documentation/leap/reference/html/book-reference/cha-apache2.html

zypper in --no-recommends apache2-utils apache2
gensslcert -h
buildvm:~ # gensslcert -o "The Rockstor Project" -c PT -email support@rockstor.com
comment         mod_ssl server certificate
C               PT
ST              unknown
L               unknown
U               web server
O               The Rockstor Project
CN              buildvm.lan
email           mail
altName         DNS:buildvm.lan
srvdays         730
CAdays          2190

Then used the contents of the following generated files, by way of a test certificate set, to complete the form presented within the Web-UI under SYSTEM -> SSL Certificate:

SSLCertificateFile (Certificate)

/etc/apache2/ssl.crt/buildvm.lan-server.crt

SSLCertificateKeyFile (Private Key)

/etc/apache2/ssl.key/buildvm.lan-server.key

Resulting confirmation dialog:

Cert-update-success-dialog

After accepting the dialog we are re-presented with adding an exception option given our 'fake' self-signed testing certificate as per the following installation step:
https://rockstor.com/docs/installation/installer-howto.html#visit-rockstor-s-web-ui

And by selecting "Advance" in the above we have a "View Certificate" link which confirms our new Certificate info:

view-cert

@phillxnet
SSL Certificate update doesn't reload nginx rockstor#2566
6284eb7 
Use systemctl wrapper to reload nginx post SSL cert
reconfig. From Rockstor v4.5.4-0 onwards nginx is no
longer managed by supervisord.
# Includes
- Nginx reload not restart to avoid Web-UI service
interruption and enable confirmation dialog display.
@phillxnet phillxnet merged commit 9fdeff3 into rockstor:master Jul 10, 2023
@phillxnet phillxnet deleted the 2566_SSL_Certificate_update_doesn't_restart_nginx branch July 10, 2023 14:34
This was referenced Jul 10, 2023
Closed
Closed
Hooverdan96 added a commit to Hooverdan96/rockstor-core that referenced this pull request Oct 3, 2024
@Hooverdan96
Squashed commit of the following:
6fce533 
commit 4d60a2c
Merge: 7051ade 6e08e10
Author: Philip Guyton <phillxnet@users.noreply.github.com>
Date:   Wed Jul 12 13:06:48 2023 +0100

    Merge pull request rockstor#2617 from phillxnet/2615_Bump_versions_to_a_4.6.1_base_(Stable)_-_master_branch

    Bump versions to a 4.6.1 base (Stable) - master branch rockstor#2615

commit 6e08e10
Author: Philip Guyton <philip@yewtreeapps.com>
Date:   Wed Jul 12 13:04:14 2023 +0100

    Bump versions to a 4.6.1 base (Stable) - master branch rockstor#2615

    pyproject.toml build.sh

commit 7051ade
Merge: 9fdeff3 e3648a8
Author: Philip Guyton <phillxnet@users.noreply.github.com>
Date:   Tue Jul 11 17:18:10 2023 +0100

    Merge pull request rockstor#2614 from phillxnet/2613_Cherry-pick_-_Update_unit_tests_re_recent_SSL_Cert_update_changes

    Update unit tests re recent SSL Cert update changes rockstor#2613

commit e3648a8
Author: Philip Guyton <philip@yewtreeapps.com>
Date:   Tue Jul 11 16:45:55 2023 +0100

    Update unit tests re recent SSL Cert update changes rockstor#2611

    Move test mocking from superctl to systemctl accordingly.
    Includes
    - Commented instructions on running these tests.

commit 9fdeff3
Merge: c11c912 6284eb7
Author: Philip Guyton <phillxnet@users.noreply.github.com>
Date:   Mon Jul 10 15:34:26 2023 +0100

    Merge pull request rockstor#2605 from phillxnet/2566_SSL_Certificate_update_doesn't_restart_nginx

    SSL Certificate update doesn't reload nginx rockstor#2566

commit 6284eb7
Author: Philip Guyton <philip@yewtreeapps.com>
Date:   Mon Jul 10 15:17:34 2023 +0100

    SSL Certificate update doesn't reload nginx rockstor#2566

    Use systemctl wrapper to reload nginx post SSL cert
    reconfig. From Rockstor v4.5.4-0 onwards nginx is no
    longer managed by supervisord.
    # Includes
    - Nginx reload not restart to avoid Web-UI service
    interruption and enable confirmation dialog display.

commit c11c912
Merge: 65df1a6 ae3f342
Author: Philip Guyton <phillxnet@users.noreply.github.com>
Date:   Sun Jul 9 18:28:36 2023 +0100

    Merge pull request rockstor#2601 from phillxnet/#2599_Revise_Stable_Updates_activation_instructions_re_legacy_shop_removal

    Revise Stable Updates activation re legacy shop removal rockstor#2599

commit ae3f342
Author: Philip Guyton <philip@yewtreeapps.com>
Date:   Sun Jul 9 18:08:49 2023 +0100

    Revise Stable Updates activation instructions re legacy shop removal rockstor#2599

    Modify our "Activate Stable updates" dialog instructions
    in accordance with our removal of the now legacy/redundant
    shop that has now been replaced by Appman's initial integration
    with our newly established Open Collective.

commit 65df1a6
Merge: 1d4b9d5 b496902
Author: Philip Guyton <phillxnet@users.noreply.github.com>
Date:   Sun Jul 9 17:46:04 2023 +0100

    Merge pull request rockstor#2597 from FroggyFlox/2596_Release_process_changes_in_accompanying_repositories

    Add GitHub Action to trigger post-release updates across repositories rockstor#2596

commit b496902
Author: FroggyFlox <flox2b@gmail.com>
Date:   Mon Jul 3 11:24:18 2023 -0400

    Add GitHub Action to trigger post-release updates across repositories

    After each release, we are currently manually performing the required
    changes and udpates across our repositories.
    This commit adds a GitHub Action workflow to trigger these changes
    automatically.

commit 1d4b9d5
Merge: 0249f52 46f8cb4
Author: Philip Guyton <phillxnet@users.noreply.github.com>
Date:   Tue May 30 17:05:42 2023 +0100

    Merge pull request rockstor#2563 from phillxnet/master

    Merge testing branch into master rockstor#2529

commit 0249f52
Merge: 81a0d5f 15ae137
Author: Philip Guyton <phillxnet@users.noreply.github.com>
Date:   Wed Nov 2 17:18:34 2022 +0000

    Merge pull request rockstor#2413 from rockstor/2412_configure_Dependabot_against_testing_branch

    configure Dependabot against testing branch rockstor#2412

commit 15ae137
Author: Philip Guyton <phillxnet@users.noreply.github.com>
Date:   Mon Oct 31 15:12:36 2022 +0000

    configure Dependabot against testing branch rockstor#2412

    Begin explicit configuration of GitHub Dependabot,
    adding a target-branch directive of "testing".
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers
No reviews
Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.

SSL Certificate update doesn't reload nginx
1 participant
@phillxnet