Skip to content

Commit 19100f1

Browse files
mrrobot47mrrobot47
committed
fix(site): improve SSL error handling and warnings
1 parent 275e435 commit 19100f1

File tree

1 file changed

+25
-18
lines changed

1 file changed

+25
-18
lines changed

src/helper/class-ee-site.php

Lines changed: 25 additions & 18 deletions
Original file line numberDiff line numberDiff line change
@@ -1543,6 +1543,7 @@ protected function init_le( $site_url, $site_fs_path, $wildcard = false, $www_or
15431543
\EE::get_runner()->ensure_present_in_config( 'le-mail', $this->le_mail );
15441544
if ( ! $client->register( $this->le_mail ) ) {
15451545
$this->site_data['site_ssl'] = null;
1546+
\EE::warning( 'SSL registration failed.' );
15461547

15471548
return;
15481549
}
@@ -1553,6 +1554,9 @@ protected function init_le( $site_url, $site_fs_path, $wildcard = false, $www_or
15531554
$client->revokeAuthorizationChallenges( $domains );
15541555

15551556
if ( ! $client->authorize( $domains, $wildcard, $preferred_challenge ) ) {
1557+
$this->site_data['site_ssl'] = null;
1558+
\EE::warning( 'SSL authorization failed. Site will be created without SSL. You can fix the issue and re-run: ee site ssl-verify ' . $site_url );
1559+
15561560
return;
15571561
}
15581562
$api_key_absent = empty( get_config_value( 'cloudflare-api-key' ) );
@@ -1563,7 +1567,12 @@ protected function init_le( $site_url, $site_fs_path, $wildcard = false, $www_or
15631567
EE::log( 'Waiting for DNS entry propagation.' );
15641568
sleep( 10 );
15651569
}
1566-
$this->ssl_verify( [], [ 'force' => $force ], $www_or_non_www );
1570+
if ( ! $this->ssl_verify( [], [ 'force' => $force ], $www_or_non_www ) ) {
1571+
$this->site_data['site_ssl'] = null;
1572+
\EE::warning( 'SSL verification failed. You can fix the issue and re-run: ee site ssl-verify ' . $site_url );
1573+
1574+
return;
1575+
}
15671576
}
15681577
}
15691578

@@ -1603,6 +1612,7 @@ private function get_cert_domains( string $site_url, $wildcard, $www_or_non_www
16031612
* @param string Absolute path of site.
16041613
* @param string $site_container_path
16051614
*
1615+
*
16061616
* @return bool
16071617
*/
16081618
protected function check_www_or_non_www_domain( $site_url, $site_path, $site_container_path ): bool {
@@ -1679,29 +1689,24 @@ public function ssl_verify( $args = [], $assoc_args = [], $www_or_non_www = fals
16791689

16801690
$preferred_challenge = get_preferred_ssl_challenge( $domains );
16811691

1682-
try {
1683-
$client->check( $domains, $this->site_data['site_ssl_wildcard'], $preferred_challenge );
1684-
} catch ( \Exception $e ) {
1685-
if ( $called_by_ee && $api_key_absent ) {
1686-
throw $e;
1687-
}
1692+
if ( ! $client->check( $domains, $this->site_data['site_ssl_wildcard'], $preferred_challenge ) ) {
16881693
$is_solver_dns = ( $this->site_data['site_ssl_wildcard'] || 'dns' === $preferred_challenge ) ? true : false;
16891694
$api_key_present = ! empty( get_config_value( 'cloudflare-api-key' ) );
16901695

1691-
if ( $called_by_ee && ! $is_solver_dns && $api_key_present ) {
1692-
throw $e;
1693-
}
1694-
1695-
$warning = ( $is_solver_dns && $api_key_present ) ? "The dns entries have not yet propogated. Manually check: \nhost -t TXT _acme-challenge." . $this->site_data['site_url'] . "\nBefore retrying `ee site ssl " . $this->site_data['site_url'] . "`" : 'Failed to verify SSL: ' . $e->getMessage();
1696+
$warning = ( $is_solver_dns && $api_key_present )
1697+
? "The dns entries have not yet propogated. Manually check: \nhost -t TXT _acme-challenge." . $this->site_data['site_url'] . "\nBefore retrying `ee site ssl " . $this->site_data['site_url'] . "`"
1698+
: 'Failed to verify SSL.';
16961699

16971700
EE::warning( $warning );
16981701
EE::warning( sprintf( 'Check logs and retry `ee site ssl-verify %s` once the issue is resolved.', $this->site_data['site_url'] ) );
16991702

1700-
return;
1703+
return false;
17011704
}
17021705

17031706
$san = array_values( array_diff( $domains, [ $this->site_data['site_url'] ] ) );
1704-
$client->request( $this->site_data['site_url'], $san, $this->le_mail, $force );
1707+
if ( ! $client->request( $this->site_data['site_url'], $san, $this->le_mail, $force ) ) {
1708+
return false;
1709+
}
17051710

17061711
if ( ! $this->site_data['site_ssl_wildcard'] ) {
17071712
$client->cleanup();
@@ -1710,6 +1715,8 @@ public function ssl_verify( $args = [], $assoc_args = [], $www_or_non_www = fals
17101715
reload_global_nginx_proxy();
17111716

17121717
EE::success( 'SSL verification completed.' );
1718+
1719+
return true;
17131720
}
17141721

17151722
/**
@@ -2284,7 +2291,7 @@ public function sync( $args, $assoc_args ) {
22842291
*
22852292
* [--list]
22862293
* : List all available backups on remote.
2287-
*
2294+
*
22882295
* ## EXAMPLES
22892296
*
22902297
* # Backup a site
@@ -2296,7 +2303,7 @@ public function sync( $args, $assoc_args ) {
22962303
public function backup( $args, $assoc_args ) {
22972304
$args = auto_site_name( $args, 'site', __FUNCTION__ );
22982305
$this->site_data = get_site_info( $args, true, true, true );
2299-
$backup_restore = new Site_Backup_Restore();
2306+
$backup_restore = new Site_Backup_Restore();
23002307
$backup_restore->backup( $args, $assoc_args );
23012308
}
23022309

@@ -2315,15 +2322,15 @@ public function backup( $args, $assoc_args ) {
23152322
*
23162323
* # Restore latest backup of site.
23172324
* $ ee site restore example.com
2318-
*
2325+
*
23192326
* # Restore specific backup of site.
23202327
* $ ee site restore example.com --id=1737560626_2025-01-22-15-43-46
23212328
*
23222329
*/
23232330
public function restore( $args, $assoc_args ) {
23242331
$args = auto_site_name( $args, 'site', __FUNCTION__ );
23252332
$this->site_data = get_site_info( $args, true, true, true );
2326-
$backup_restore = new Site_Backup_Restore();
2333+
$backup_restore = new Site_Backup_Restore();
23272334
$backup_restore->restore( $args, $assoc_args );
23282335
}
23292336

0 commit comments

Comments
 (0)