diff options
| author | Vladimir Shushlin <vshushlin@gitlab.com> | 2019-06-24 20:35:12 +0000 |
|---|---|---|
| committer | Nick Thomas <nick@gitlab.com> | 2019-06-24 20:35:12 +0000 |
| commit | a7764d0e845db524f2913b6c11c88dfd121ec522 (patch) | |
| tree | 8e84742f692e05e56102b7cfd7d20462ba1c8305 /app/models/pages_domain.rb | |
| parent | bf8f5b8f446c504ca13ef2a8cf28cc3faeaf3253 (diff) | |
| download | gitlab-ce-a7764d0e845db524f2913b6c11c88dfd121ec522.tar.gz | |
Renew Let's Encrypt certificates
Add index for pages domain ssl auto renewal
Add PagesDomain.needs_ssl_renewal scope
Add cron worker for ssl renewal
Add worker for ssl renewal
Add pages ssl renewal worker queues settings
Diffstat (limited to 'app/models/pages_domain.rb')
| -rw-r--r-- | app/models/pages_domain.rb | 10 |
1 files changed, 10 insertions, 0 deletions
diff --git a/app/models/pages_domain.rb b/app/models/pages_domain.rb index 07195c0bfd3..d6d879c6d89 100644 --- a/app/models/pages_domain.rb +++ b/app/models/pages_domain.rb @@ -3,6 +3,7 @@ class PagesDomain < ApplicationRecord VERIFICATION_KEY = 'gitlab-pages-verification-code'.freeze VERIFICATION_THRESHOLD = 3.days.freeze + SSL_RENEWAL_THRESHOLD = 30.days.freeze enum certificate_source: { user_provided: 0, gitlab_provided: 1 }, _prefix: :certificate @@ -41,6 +42,15 @@ class PagesDomain < ApplicationRecord where(verified_at.eq(nil).or(enabled_until.eq(nil).or(enabled_until.lt(threshold)))) end + scope :need_auto_ssl_renewal, -> do + expiring = where(certificate_valid_not_after: nil).or( + where(arel_table[:certificate_valid_not_after].lt(SSL_RENEWAL_THRESHOLD.from_now))) + + user_provided_or_expiring = certificate_user_provided.or(expiring) + + where(auto_ssl_enabled: true).merge(user_provided_or_expiring) + end + scope :for_removal, -> { where("remove_at < ?", Time.now) } def verified? |