From 00c45c2507e2aebb0dc5961149835e9073707cf2 Mon Sep 17 00:00:00 2001 From: Damodar Lohani Date: Sun, 31 Mar 2024 03:32:55 +0000 Subject: [PATCH 1/4] new environment for certificates and security emails --- .env | 3 ++- app/config/variables.php | 20 ++++++++++++++++++- app/console | 2 +- app/controllers/api/avatars.php | 2 +- app/init.php | 2 +- app/views/install/compose.phtml | 8 ++++---- docker-compose.yml | 8 ++++---- .../Platform/Workers/Certificates.php | 6 +++--- src/Appwrite/Platform/Workers/Webhooks.php | 2 +- 9 files changed, 36 insertions(+), 17 deletions(-) diff --git a/.env b/.env index 09abb07be26..8d86049694a 100644 --- a/.env +++ b/.env @@ -8,7 +8,8 @@ _APP_CONSOLE_COUNTRIES_DENYLIST=AQ _APP_CONSOLE_HOSTNAMES=localhost,appwrite.io,*.appwrite.io _APP_SYSTEM_EMAIL_NAME=Appwrite _APP_SYSTEM_EMAIL_ADDRESS=team@appwrite.io -_APP_SYSTEM_SECURITY_EMAIL_ADDRESS=security@appwrite.io +_APP_EMAIL_SECURITY=security@appwrite.io +_APP_EMAIL_CERTIFICATES=certificates@appwrite.io _APP_SYSTEM_RESPONSE_FORMAT= _APP_OPTIONS_ABUSE=disabled _APP_OPTIONS_ROUTER_PROTECTION=disabled diff --git a/app/config/variables.php b/app/config/variables.php index 185ab29d0c1..cd6c492f9e4 100644 --- a/app/config/variables.php +++ b/app/config/variables.php @@ -162,13 +162,31 @@ ], [ 'name' => '_APP_SYSTEM_SECURITY_EMAIL_ADDRESS', - 'description' => 'This is the email address used to issue SSL certificates for custom domains or the user agent in your webhooks payload.', + 'description' => 'Deprecated since 1.5.1 use _APP_EMAIL_SECURITY and _APP_EMAIL_CERTIFICATES instead', 'introduction' => '0.7.0', 'default' => 'certs@appwrite.io', 'required' => false, 'question' => '', 'filter' => '' ], + [ + 'name' => '_APP_EMAIL_SECURITY', + 'description' => 'This is the email address used as the user agent in your webhooks payload.', + 'introduction' => '1.5.1', + 'default' => '', + 'required' => false, + 'question' => '', + 'filter' => '' + ], + [ + 'name' => '_APP_EMAIL_CERTIFICATES', + 'description' => 'This is the email address used to issue SSL certificates for custom domains', + 'introduction' => '1.5.1', + 'default' => '', + 'required' => false, + 'question' => '', + 'filter' => '' + ], [ 'name' => '_APP_USAGE_STATS', 'description' => 'This variable allows you to disable the collection and displaying of usage stats. This value is set to \'enabled\' by default, to disable the usage stats set the value to \'disabled\'. When disabled, it\'s recommended to turn off the Worker Usage container to reduce resource usage.', diff --git a/app/console b/app/console index d75ef00fb08..0a007a3b1b6 160000 --- a/app/console +++ b/app/console @@ -1 +1 @@ -Subproject commit d75ef00fb088c909bf8fdc5b12c2fe25ed270b43 +Subproject commit 0a007a3b1b6eafc39dc19b7129f41643102f9676 diff --git a/app/controllers/api/avatars.php b/app/controllers/api/avatars.php index 6304482b14f..771f7cebbcf 100644 --- a/app/controllers/api/avatars.php +++ b/app/controllers/api/avatars.php @@ -349,7 +349,7 @@ CURLOPT_USERAGENT => \sprintf( APP_USERAGENT, App::getEnv('_APP_VERSION', 'UNKNOWN'), - App::getEnv('_APP_SYSTEM_SECURITY_EMAIL_ADDRESS', APP_EMAIL_SECURITY) + App::getEnv('_APP_EMAIL_SECURITY', APP_EMAIL_SECURITY) ), ]); diff --git a/app/init.php b/app/init.php index 4b70b2601b0..20d427f66cf 100644 --- a/app/init.php +++ b/app/init.php @@ -1004,7 +1004,7 @@ function (mixed $value) { 'user_agent' => \sprintf( APP_USERAGENT, App::getEnv('_APP_VERSION', 'UNKNOWN'), - App::getEnv('_APP_SYSTEM_SECURITY_EMAIL_ADDRESS', APP_EMAIL_SECURITY) + App::getEnv('_APP_EMAIL_SECURITY', APP_EMAIL_SECURITY) ), 'timeout' => 2, ], diff --git a/app/views/install/compose.phtml b/app/views/install/compose.phtml index 354ef4ea496..1f5ee606e78 100644 --- a/app/views/install/compose.phtml +++ b/app/views/install/compose.phtml @@ -81,7 +81,7 @@ services: - _APP_CONSOLE_HOSTNAMES - _APP_SYSTEM_EMAIL_NAME - _APP_SYSTEM_EMAIL_ADDRESS - - _APP_SYSTEM_SECURITY_EMAIL_ADDRESS + - _APP_EMAIL_SECURITY - _APP_SYSTEM_RESPONSE_FORMAT - _APP_OPTIONS_ABUSE - _APP_OPTIONS_ROUTER_PROTECTION @@ -251,7 +251,7 @@ services: - _APP_ENV - _APP_WORKER_PER_CORE - _APP_OPENSSL_KEY_V1 - - _APP_SYSTEM_SECURITY_EMAIL_ADDRESS + - _APP_EMAIL_SECURITY - _APP_REDIS_HOST - _APP_REDIS_PORT - _APP_REDIS_USER @@ -427,7 +427,7 @@ services: - _APP_DOMAIN - _APP_DOMAIN_TARGET - _APP_DOMAIN_FUNCTIONS - - _APP_SYSTEM_SECURITY_EMAIL_ADDRESS + - _APP_EMAIL_CERTIFICATES - _APP_REDIS_HOST - _APP_REDIS_PORT - _APP_REDIS_USER @@ -549,7 +549,7 @@ services: - _APP_OPENSSL_KEY_V1 - _APP_DOMAIN - _APP_DOMAIN_TARGET - - _APP_SYSTEM_SECURITY_EMAIL_ADDRESS + - _APP_EMAIL_SECURITY - _APP_REDIS_HOST - _APP_REDIS_PORT - _APP_REDIS_USER diff --git a/docker-compose.yml b/docker-compose.yml index 58dff569017..097de3c9b7f 100644 --- a/docker-compose.yml +++ b/docker-compose.yml @@ -102,7 +102,7 @@ services: - _APP_CONSOLE_HOSTNAMES - _APP_SYSTEM_EMAIL_NAME - _APP_SYSTEM_EMAIL_ADDRESS - - _APP_SYSTEM_SECURITY_EMAIL_ADDRESS + - _APP_EMAIL_SECURITY - _APP_SYSTEM_RESPONSE_FORMAT - _APP_OPTIONS_ABUSE - _APP_OPTIONS_ROUTER_PROTECTION @@ -285,7 +285,7 @@ services: - _APP_ENV - _APP_WORKER_PER_CORE - _APP_OPENSSL_KEY_V1 - - _APP_SYSTEM_SECURITY_EMAIL_ADDRESS + - _APP_EMAIL_SECURITY - _APP_DB_HOST - _APP_DB_PORT - _APP_DB_SCHEMA @@ -474,7 +474,7 @@ services: - _APP_DOMAIN - _APP_DOMAIN_TARGET - _APP_DOMAIN_FUNCTIONS - - _APP_SYSTEM_SECURITY_EMAIL_ADDRESS + - _APP_EMAIL_CERTIFICATES - _APP_REDIS_HOST - _APP_REDIS_PORT - _APP_REDIS_USER @@ -612,7 +612,7 @@ services: - _APP_OPENSSL_KEY_V1 - _APP_DOMAIN - _APP_DOMAIN_TARGET - - _APP_SYSTEM_SECURITY_EMAIL_ADDRESS + - _APP_EMAIL_SECURITY - _APP_REDIS_HOST - _APP_REDIS_PORT - _APP_REDIS_USER diff --git a/src/Appwrite/Platform/Workers/Certificates.php b/src/Appwrite/Platform/Workers/Certificates.php index 7cc32ca1c9a..2c1707b1c80 100644 --- a/src/Appwrite/Platform/Workers/Certificates.php +++ b/src/Appwrite/Platform/Workers/Certificates.php @@ -134,9 +134,9 @@ private function execute(Domain $domain, Database $dbForConsole, Mail $queueForM try { // Email for alerts is required by LetsEncrypt - $email = App::getEnv('_APP_SYSTEM_SECURITY_EMAIL_ADDRESS'); + $email = App::getEnv('_APP_EMAIL_CERTIFICATES'); if (empty($email)) { - throw new Exception('You must set a valid security email address (_APP_SYSTEM_SECURITY_EMAIL_ADDRESS) to issue an SSL certificate.'); + throw new Exception('You must set a valid security email address (_APP_EMAIL_CERTIFICATES) to issue an SSL certificate.'); } // Validate domain and DNS records. Skip if job is forced @@ -473,7 +473,7 @@ private function notifyError(string $domain, string $errorMessage, int $attempt, ->setBody($body) ->setName('Appwrite Administrator') ->setVariables($emailVariables) - ->setRecipient(App::getEnv('_APP_SYSTEM_SECURITY_EMAIL_ADDRESS')) + ->setRecipient(App::getEnv('_APP_EMAIL_CERTIFICATES')) ->trigger(); } diff --git a/src/Appwrite/Platform/Workers/Webhooks.php b/src/Appwrite/Platform/Workers/Webhooks.php index da5a82999f6..857f552eda7 100644 --- a/src/Appwrite/Platform/Workers/Webhooks.php +++ b/src/Appwrite/Platform/Workers/Webhooks.php @@ -104,7 +104,7 @@ private function execute(array $events, string $payload, Document $webhook, Docu \curl_setopt($ch, CURLOPT_USERAGENT, \sprintf( APP_USERAGENT, App::getEnv('_APP_VERSION', 'UNKNOWN'), - App::getEnv('_APP_SYSTEM_SECURITY_EMAIL_ADDRESS', APP_EMAIL_SECURITY) + App::getEnv('_APP_EMAIL_SECURITY', APP_EMAIL_SECURITY) )); \curl_setopt( $ch, From b61e0f08f67fddec1b438984ad0409fa02b006ff Mon Sep 17 00:00:00 2001 From: Damodar Lohani Date: Mon, 6 May 2024 00:58:23 +0000 Subject: [PATCH 2/4] make required --- app/config/variables.php | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/app/config/variables.php b/app/config/variables.php index cd6c492f9e4..f18dac5d730 100644 --- a/app/config/variables.php +++ b/app/config/variables.php @@ -183,7 +183,7 @@ 'description' => 'This is the email address used to issue SSL certificates for custom domains', 'introduction' => '1.5.1', 'default' => '', - 'required' => false, + 'required' => true, 'question' => '', 'filter' => '' ], From be1c147658f49b7e39de9abb851a1ecc6078812b Mon Sep 17 00:00:00 2001 From: Damodar Lohani Date: Mon, 6 May 2024 01:00:20 +0000 Subject: [PATCH 3/4] update console --- app/console | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/app/console b/app/console index 0a007a3b1b6..f483d9631d6 160000 --- a/app/console +++ b/app/console @@ -1 +1 @@ -Subproject commit 0a007a3b1b6eafc39dc19b7129f41643102f9676 +Subproject commit f483d9631d6f21e94aedb20b5c37c56fea06c23e From f762d66c5e87c233beeb490d7f2fab96aca3e663 Mon Sep 17 00:00:00 2001 From: Damodar Lohani Date: Tue, 4 Jun 2024 01:31:05 +0000 Subject: [PATCH 4/4] fix typo --- src/Appwrite/Platform/Workers/Webhooks.php | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/src/Appwrite/Platform/Workers/Webhooks.php b/src/Appwrite/Platform/Workers/Webhooks.php index a83183ec3e6..88ca7871f29 100644 --- a/src/Appwrite/Platform/Workers/Webhooks.php +++ b/src/Appwrite/Platform/Workers/Webhooks.php @@ -103,7 +103,7 @@ private function execute(array $events, string $payload, Document $webhook, Docu \curl_setopt($ch, CURLOPT_MAXFILESIZE, self::MAX_FILE_SIZE); \curl_setopt($ch, CURLOPT_USERAGENT, \sprintf( APP_USERAGENT, - App::getEnv('_APP_VERSION', 'UNKNOWN'), + System::getEnv('_APP_VERSION', 'UNKNOWN'), System::getEnv('_APP_EMAIL_SECURITY', System::getEnv('_APP_SYSTEM_SECURITY_EMAIL_ADDRESS', APP_EMAIL_SECURITY)) )); \curl_setopt(