Class: PagesDomain
Constant Summary
collapse
- VERIFICATION_KEY =
'gitlab-pages-verification-code'
- VERIFICATION_THRESHOLD =
3.days.freeze
- SSL_RENEWAL_THRESHOLD =
30.days.freeze
- MAX_CERTIFICATE_KEY_LENGTH =
8192
- X509_V_ERR_SELF_SIGNED_CERT_IN_CHAIN =
19
ApplicationRecord::MAX_PLUCK
HasCheckConstraints::NOT_NULL_CHECK_PATTERN
ResetOnColumnErrors::MAX_RESET_PERIOD
Class Method Summary
collapse
Instance Method Summary
collapse
#run_after_commit, #run_after_commit_or_now
#present
===, cached_column_list, #create_or_load_association, declarative_enum, default_select_columns, id_in, id_not_in, iid_in, nullable_column?, pluck_primary_key, primary_key_in, #readable_by?, safe_ensure_unique, safe_find_or_create_by, safe_find_or_create_by!, #to_ability_name, underscore, where_exists, where_not_exists, with_fast_read_statement_timeout, without_order
#reset_on_union_error, #reset_on_unknown_attribute_error
#serializable_hash
Class Method Details
.find_by_domain_case_insensitive(domain) ⇒ Object
83
84
85
|
# File 'app/models/pages_domain.rb', line 83
def self.find_by_domain_case_insensitive(domain)
find_by("LOWER(domain) = LOWER(?)", domain)
end
|
.ids_for_project(project_id) ⇒ Object
87
88
89
|
# File 'app/models/pages_domain.rb', line 87
def self.ids_for_project(project_id)
where(project_id: project_id).ids
end
|
Instance Method Details
#certificate=(certificate) ⇒ Object
194
195
196
197
198
199
200
|
# File 'app/models/pages_domain.rb', line 194
def certificate=(certificate)
super(certificate)
self.certificate_valid_not_before = x509&.not_before
self.certificate_valid_not_after = x509&.not_after
end
|
#certificate_text ⇒ Object
172
173
174
|
# File 'app/models/pages_domain.rb', line 172
def certificate_text
@certificate_text ||= x509.try(:to_text)
end
|
#clear_auto_ssl_failure ⇒ Object
230
231
232
|
# File 'app/models/pages_domain.rb', line 230
def clear_auto_ssl_failure
self.auto_ssl_failed = false
end
|
#enabled? ⇒ Boolean
99
100
101
|
# File 'app/models/pages_domain.rb', line 99
def enabled?
!Gitlab::CurrentSettings.pages_domain_verification_enabled? || enabled_until.present?
end
|
#expiration ⇒ Object
162
163
164
|
# File 'app/models/pages_domain.rb', line 162
def expiration
x509&.not_after
end
|
#expired? ⇒ Boolean
155
156
157
158
159
160
|
# File 'app/models/pages_domain.rb', line 155
def expired?
return false unless x509
current = Time.current
current < x509.not_before || x509.not_after < current
end
|
#gitlab_provided_certificate=(certificate) ⇒ Object
220
221
222
223
|
# File 'app/models/pages_domain.rb', line 220
def gitlab_provided_certificate=(certificate)
self.certificate = certificate
self.certificate_source = 'gitlab_provided' if certificate_changed?
end
|
#gitlab_provided_key=(key) ⇒ Object
225
226
227
228
|
# File 'app/models/pages_domain.rb', line 225
def gitlab_provided_key=(key)
self.key = key
self.certificate_source = 'gitlab_provided' if attribute_changed?(:key)
end
|
#has_matching_key? ⇒ Boolean
121
122
123
124
125
126
127
|
# File 'app/models/pages_domain.rb', line 121
def has_matching_key?
return false unless x509
return false unless pkey
x509.check_private_key(pkey)
end
|
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
|
# File 'app/models/pages_domain.rb', line 129
def has_valid_intermediates?
return false unless x509
return true if x509.verify(x509.public_key)
store = OpenSSL::X509::Store.new
store.set_default_paths
store.verify_callback = ->(is_valid, store_ctx) {
return true if store_ctx.error == X509_V_ERR_SELF_SIGNED_CERT_IN_CHAIN
self.errors.add(:certificate, store_ctx.error_string) unless is_valid
is_valid
}
store.verify(x509, untrusted_ca_certs_bundle)
rescue OpenSSL::X509::StoreError
false
end
|
#https? ⇒ Boolean
103
104
105
|
# File 'app/models/pages_domain.rb', line 103
def https?
certificate.present?
end
|
#keyed_verification_code ⇒ Object
184
185
186
187
188
|
# File 'app/models/pages_domain.rb', line 184
def keyed_verification_code
return unless verification_code.present?
"#{VERIFICATION_KEY}=#{verification_code}"
end
|
#pages_deployed? ⇒ Boolean
244
245
246
|
# File 'app/models/pages_domain.rb', line 244
def pages_deployed?
project&.pages_deployed?
end
|
#subject ⇒ Object
166
167
168
169
170
|
# File 'app/models/pages_domain.rb', line 166
def subject
return unless x509
x509.subject.to_s
end
|
#to_param ⇒ Object
107
108
109
|
# File 'app/models/pages_domain.rb', line 107
def to_param
domain
end
|
#untrusted_ca_certs_bundle ⇒ Object
#unverified? ⇒ Boolean
95
96
97
|
# File 'app/models/pages_domain.rb', line 95
def unverified?
!verified?
end
|
#url ⇒ Object
111
112
113
114
115
116
117
118
119
|
# File 'app/models/pages_domain.rb', line 111
def url
return unless domain
if certificate.present?
"https://#{domain}"
else
"http://#{domain}"
end
end
|
#user_provided_certificate ⇒ Object
211
212
213
|
# File 'app/models/pages_domain.rb', line 211
def user_provided_certificate
certificate if certificate_user_provided?
end
|
#user_provided_certificate=(certificate) ⇒ Object
215
216
217
218
|
# File 'app/models/pages_domain.rb', line 215
def user_provided_certificate=(certificate)
self.certificate = certificate
self.certificate_source = 'user_provided' if certificate_changed?
end
|
#user_provided_key ⇒ Object
202
203
204
|
# File 'app/models/pages_domain.rb', line 202
def user_provided_key
key if certificate_user_provided?
end
|
#user_provided_key=(key) ⇒ Object
206
207
208
209
|
# File 'app/models/pages_domain.rb', line 206
def user_provided_key=(key)
self.key = key
self.certificate_source = 'user_provided' if attribute_changed?(:key)
end
|
#validate_custom_domain_count_per_project ⇒ Object
234
235
236
237
238
239
240
241
242
|
# File 'app/models/pages_domain.rb', line 234
def validate_custom_domain_count_per_project
return unless project
unless project.can_create_custom_domains?
self.errors.add(
:base,
_("This project reached the limit of custom domains. (Max %d)") % Gitlab::CurrentSettings.max_pages_custom_domains_per_project)
end
end
|
#verification_domain ⇒ Object
Verification codes may be TXT records for domain or verification_domain, to support the use of CNAME records on domain.
178
179
180
181
182
|
# File 'app/models/pages_domain.rb', line 178
def verification_domain
return unless domain.present?
"_#{VERIFICATION_KEY}.#{domain}"
end
|
#verification_record ⇒ Object
190
191
192
|
# File 'app/models/pages_domain.rb', line 190
def verification_record
"#{verification_domain} TXT #{keyed_verification_code}"
end
|
#verified? ⇒ Boolean
91
92
93
|
# File 'app/models/pages_domain.rb', line 91
def verified?
!!verified_at
end
|