self-hosted/Mailu
1
0
Fork 0
mirror of https://github.com/Mailu/Mailu.git synced 2025-01-22 03:39:05 +02:00
Code Issues Releases Activity

Maybe fix #3402

Browse Source
This commit is contained in:
Florent Daigniere 2024-09-12 19:21:18 +02:00
parent d671abde51
commit 8b34fbe881
3 changed files with 16 additions and 24 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

6
core/nginx/conf/nginx.conf
View File

@ -66,6 +66,9 @@ http {
listen [::]:80{% if PROXY_PROTOCOL_80 %} proxy_protocol{% endif %}; listen [::]:80{% if PROXY_PROTOCOL_80 %} proxy_protocol{% endif %};
{% endif %} {% endif %}
{% if TLS_FLAVOR in ['letsencrypt', 'mail-letsencrypt'] %} {% if TLS_FLAVOR in ['letsencrypt', 'mail-letsencrypt'] %}
location ^~ /.well-known/acme-challenge/testing {
return 204;
}
location ^~ /.well-known/acme-challenge/ { location ^~ /.well-known/acme-challenge/ {
proxy_pass http://127.0.0.1:8008; proxy_pass http://127.0.0.1:8008;
} }
@ -159,6 +162,9 @@ http {
} }
{% if TLS_FLAVOR in ['letsencrypt', 'mail-letsencrypt'] %} {% if TLS_FLAVOR in ['letsencrypt', 'mail-letsencrypt'] %}
location ^~ /.well-known/acme-challenge/testing {
return 204;
}
location ^~ /.well-known/acme-challenge/ { location ^~ /.well-known/acme-challenge/ {
proxy_pass http://127.0.0.1:8008; proxy_pass http://127.0.0.1:8008;
} }

33
core/nginx/letsencrypt.py
View File

@ -6,8 +6,6 @@ import requests
import sys import sys
import subprocess import subprocess
import time import time
from threading import Thread
from http.server import HTTPServer, SimpleHTTPRequestHandler
log.basicConfig(stream=sys.stderr, level="WARNING") log.basicConfig(stream=sys.stderr, level="WARNING")
hostnames = ','.join(set(host.strip() for host in os.environ['HOSTNAMES'].split(','))) hostnames = ','.join(set(host.strip() for host in os.environ['HOSTNAMES'].split(',')))
@ -45,33 +43,20 @@ command2 = [
# Wait for nginx to start # Wait for nginx to start
time.sleep(5) time.sleep(5)
class MyRequestHandler(SimpleHTTPRequestHandler):
def do_GET(self):
if self.path == '/.well-known/acme-challenge/testing':
self.send_response(204)
else:
self.send_response(404)
self.send_header('Content-Type', 'text/plain')
self.end_headers()
def serve_one_request():
with HTTPServer(("127.0.0.1", 8008), MyRequestHandler) as server:
server.handle_request()
# Run certbot every day # Run certbot every day
while True: while True:
while True: while True:
hostname = os.environ['HOSTNAMES'].split(',')[0] hostname = os.environ['HOSTNAMES'].split(',')[0]
target = f'http://{hostname}/.well-known/acme-challenge/testing' target = f'http://{hostname}/.well-known/acme-challenge/testing'
thread = Thread(target=serve_one_request) try:
thread.start() r = requests.get(target)
r = requests.get(target) if r.status_code != 204:
if r.status_code != 204: log.critical(f"Can't reach {target}!, please ensure it's fixed or change the TLS_FLAVOR.")
log.critical(f"Can't reach {target}!, please ensure it's fixed or change the TLS_FLAVOR.") time.sleep(5)
time.sleep(5) else:
else: break
break except Exception as e:
thread.join() log.error(f"Exception while fetching {target}!", exc_info = e)
subprocess.call(command) subprocess.call(command)
subprocess.call(command2) subprocess.call(command2)

1
towncrier/newsfragments/3402.bugfix Normal file
View File

@ -0,0 +1 @@
Fix a potential problem with SO_REUSEADDR that may prevent admin from starting up