Commit graph

6 commits

Author SHA1 Message Date
GitLab Bot
c59765a50a Add latest changes from gitlab-org/gitlab@master 2020-06-24 18:09:03 +00:00
GitLab Bot
784fae4b9d Add latest changes from gitlab-org/gitlab@master 2019-12-12 12:07:33 +00:00
Vladimir Shushlin
432f2bbc9c Use project depended feature flag for pages ssl
Also add ::Gitlab::LetsEncrypt.enabled? shortcut
and simplify it a lot
2019-06-25 10:30:12 +02:00
Vladimir Shushlin
39e21fb266 Generate lets_encrypt_private_key on the fly
Remove migration generating lets encrypt key
Don't generate private_key if database is readonly

For reference:
This reverts commit 988a7f70489b99383b95e9f271a2caf6bb5b3a44.
This reverts commit 21acbe531592d55caf0e5b8716a3b551dafd6233.
2019-05-31 05:22:55 +00:00
Vladimir Shushlin
4687ff7c9b Store Let's Encrypt private key in settings
Storing this key in secrets.yml was a bad idea,
it would require users using HA setups to manually
replicate secrets across nodes during update,
it also needed support from omnibus package

* Revert "Generate Let's Encrypt private key"
  This reverts commit 444959bfa0.

* Add Let's Encrypt private key to settings
  as encrypted attribute

* Generate Let's Encrypt private key
  in database migration
2019-05-28 04:47:34 +00:00
Vladimir Shushlin
3c33724e2e Add Let's Encrypt client
Part of adding Let's Encrypt certificates for pages domains

Add acme-client gem

Client is being initialized by private key stored in secrets.yml
Let's Encrypt account is being created lazily.
If it's already created, Acme::Client just gets account_kid by
calling new_account method

Make Let's Encrypt client an instance
Wrap order and challenge classes
2019-05-16 09:32:25 +00:00