Skip to content

Commit 64892c3

Browse files
author
Kristan Kenney
committed
Update backend scripts for proper HSTS support
1 parent 60ff07f commit 64892c3

File tree

3 files changed

+17
-4
lines changed

3 files changed

+17
-4
lines changed

bin/v-add-web-domain-ssl-hsts

Lines changed: 7 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -58,6 +58,13 @@ echo "HTTP Strict Transport Security (HSTS) turned on for $domain."
5858
# Hestia #
5959
#----------------------------------------------------------#
6060

61+
if [ -z "$SSL_HSTS" ]; then
62+
add_object_key "web" 'DOMAIN' "$domain" 'SSL_HSTS' 'SSL_FORCE'
63+
fi
64+
65+
# Set forcessl flag to enabled
66+
update_object_value 'web' 'DOMAIN' "$domain" '$SSL_HSTS' 'yes'
67+
6168
# Logging
6269
log_history "Turned HTTP Strict Transport Security $status for $domain."
6370
log_event "$OK" "$ARGUMENTS"

bin/v-delete-web-domain-ssl-hsts

Lines changed: 3 additions & 1 deletion
Original file line numberDiff line numberDiff line change
@@ -47,11 +47,13 @@ fi
4747
rm -f $hstsconf
4848
echo "HTTP Strict Transport Security (HSTS) turned off for $domain."
4949

50-
5150
#----------------------------------------------------------#
5251
# Hestia #
5352
#----------------------------------------------------------#
5453

54+
# Set forcessl flag to enabled
55+
update_object_value 'web' 'DOMAIN' "$domain" '$SSL_HSTS' 'no'
56+
5557
# Restart services if requested
5658
if [ ! -z "$restart" ]; then
5759
$BIN/v-restart-web

bin/v-list-web-domain

Lines changed: 7 additions & 3 deletions
Original file line numberDiff line numberDiff line change
@@ -31,6 +31,7 @@ json_list() {
3131
"STATS_USER": "'$STATS_USER'",
3232
"SSL": "'$SSL'",
3333
"SSL_FORCE": "'$SSL_FORCE'",
34+
"SSL_HSTS": "'$SSL_HSTS'",
3435
"SSL_HOME": "'$SSL_HOME'",
3536
"LETSENCRYPT": "'$LETSENCRYPT'",
3637
"FTP_USER": "'$FTP_USER'",
@@ -64,6 +65,9 @@ shell_list() {
6465
if [ ! -z "$SSL_FORCE" ]; then
6566
echo "SSL_FORCE: $SSL_FORCE"
6667
fi
68+
if [ ! -z "$SSL_HSTS" ]; then
69+
echo "SSL_HSTS: $SSL_HSTS"
70+
fi
6771
fi
6872
echo "TEMPLATE: $TPL"
6973
if [ ! -z "$WEB_BACKEND" ]; then
@@ -92,18 +96,18 @@ shell_list() {
9296
# PLAIN list function
9397
plain_list() {
9498
echo -ne "$DOMAIN\t$IP\t$IP6\t$U_DISK\t$U_BANDWIDTH\t$TPL\t"
95-
echo -ne "$ALIAS\t$STATS\t$STATS_USER\t$SSL\t$SSL_FORCE\t$SSL_HOME\t,$LETSENCRYPT"
99+
echo -ne "$ALIAS\t$STATS\t$STATS_USER\t$SSL\t$SSL_FORCE\t$SSL_HSTS\t$SSL_HOME\t,$LETSENCRYPT"
96100
echo -ne "$FTP_USER\t$FTP_PATH\t$AUTH_USER\t$BACKEND\t$PROXY\t"
97101
echo -e "$PROXY_EXT\t$SUSPENDED\t$TIME\t$DATE"
98102
}
99103

100104
# CSV list function
101105
csv_list() {
102106
echo -n "DOMAIN,IP,IP6,U_DISK,U_BANDWIDTH,TPL,ALIAS,STATS,STATS_USER,SSL,"
103-
echo -n "SSL_FORCE,SSL_HOME,LETSENCRYPT,FTP_USER,FTP_PATH,AUTH_USER,BACKEND,PROXY,PROXY_EXT,"
107+
echo -n "SSL_FORCE,SSL_HSTS,SSL_HOME,LETSENCRYPT,FTP_USER,FTP_PATH,AUTH_USER,BACKEND,PROXY,PROXY_EXT,"
104108
echo "SUSPENDED,TIME,DATE"
105109
echo -n "$DOMAIN,$IP,$IP6,$U_DISK,$U_BANDWIDTH,$TPL,\"$ALIAS\",$STATS"
106-
echo -n "\"$STATS_USER\",$SSL,$SSL_FORCE,$SSL_HOME,$LETSENCRYPT,\"$FTP_USER\",\"$FTP_PATH\","
110+
echo -n "\"$STATS_USER\",$SSL,$SSL_FORCE,$SSL_HSTS,$SSL_HOME,$LETSENCRYPT,\"$FTP_USER\",\"$FTP_PATH\","
107111
echo -n "\"$AUTH_USER\",$BACKEND,$PROXY,\"$PROXY_EXT\",$SUSPENDED,$TIME,"
108112
echo "$DATE"
109113
}

0 commit comments

Comments
 (0)