serve.zone/cloudly
2
0
Fork 0
Code Issues 3 Pull Requests Actions Packages Projects Releases Wiki Activity

fix(connector.letsencrypt): Improve Lets Encrypt integration and certificate handling; fix coreflow certificate response; add local assistant permissions config

Browse Source
This commit is contained in:
Jürgen Kunz
2025-08-18 21:24:46 +00:00
parent 1580bb1585
commit 4b3b91312b
5 changed files with 34 additions and 14 deletions
Download Patch File Download Diff File Expand all files Collapse all files

19
changelog.md
View File

@@ -1,5 +1,24 @@
# Changelog # Changelog
## 2025-08-18 - 5.0.6 - fix(connector.letsencrypt)
Improve Let's Encrypt integration and certificate handling; fix coreflow certificate response; add local assistant permissions config
- Replace ad-hoc setChallenge/removeChallenge hooks with a DNS-01 handler (smartacme.handlers.Dns01Handler) using Cloudflare to manage ACME DNS challenges.
- Add MongoDB-backed certificate manager (smartacme.certmanagers.MongoCertManager) and pass it to SmartAcme as certManager.
- Initialize SmartAcme with certManager and challengeHandlers instead of setChallenge/removeChallenge/mongoDescriptor options.
- Return certificate object directly from coreflow certificate request handler (avoid createSavableObject) to fix the getCertificateForDomain response payload.
- Add .claude/settings.local.json with local assistant/permissions entries to allow specific debugging/automation commands.
- Bump commitinfo versions to 5.0.6 and update changelog.
## 2025-08-18 - 5.0.6 - fix(connector.letsencrypt)
Improve Let's Encrypt integration and certificate handling; add local assistant permissions config
- Replace ad-hoc setChallenge/removeChallenge hooks with a DNS-01 handler using Cloudflare (smartacme.handlers.Dns01Handler) to manage ACME DNS challenges.
- Add MongoDB-backed certificate manager (smartacme.certmanagers.MongoCertManager) and pass it to SmartAcme as certManager.
- Update SmartAcme initialization to use certManager and challengeHandlers instead of setChallenge/removeChallenge/mongoDescriptor options.
- Return certificate object directly from coreflow certificate request handler (avoid createSavableObject), fixing the response payload for getCertificateForDomain.
- Add .claude/settings.local.json with local assistant/permissions entries to allow specific debugging/automation commands.
## 2025-08-18 - 5.0.5 - fix(coreflow) ## 2025-08-18 - 5.0.5 - fix(coreflow)
Fix Coreflow identity lookup and response shape; improve API client tests and bump dependencies Fix Coreflow identity lookup and response shape; improve API client tests and bump dependencies

2
ts/00_commitinfo_data.ts
View File

@@ -3,6 +3,6 @@
*/ */
export const commitinfo = { export const commitinfo = {
name: '@serve.zone/cloudly', name: '@serve.zone/cloudly',
version: '5.0.5', version: '5.0.6',
description: 'A comprehensive tool for managing containerized applications across multiple cloud providers using Docker Swarmkit, featuring web, CLI, and API interfaces.' description: 'A comprehensive tool for managing containerized applications across multiple cloud providers using Docker Swarmkit, featuring web, CLI, and API interfaces.'
} }

23
ts/connector.letsencrypt/connector.ts
View File

@@ -18,21 +18,22 @@ export class LetsencryptConnector {
* inits letsencrypt * inits letsencrypt
*/ */
public async init() { public async init() {
// Create DNS-01 challenge handler using Cloudflare
const dnsHandler = new plugins.smartacme.handlers.Dns01Handler(
this.cloudlyRef.cloudflareConnector.cloudflare
);
// Create MongoDB certificate manager
const certManager = new plugins.smartacme.certmanagers.MongoCertManager(
this.cloudlyRef.config.data.mongoDescriptor
);
this.smartacme = new plugins.smartacme.SmartAcme({ this.smartacme = new plugins.smartacme.SmartAcme({
accountEmail: this.cloudlyRef.config.data.letsEncryptEmail, accountEmail: this.cloudlyRef.config.data.letsEncryptEmail,
accountPrivateKey: this.cloudlyRef.config.data.letsEncryptPrivateKey, accountPrivateKey: this.cloudlyRef.config.data.letsEncryptPrivateKey,
environment: this.cloudlyRef.config.data.environment, environment: this.cloudlyRef.config.data.environment,
setChallenge: async (dnsChallenge) => { certManager: certManager,
await this.cloudlyRef.cloudflareConnector.cloudflare.convenience.acmeSetDnsChallenge( challengeHandlers: [dnsHandler],
dnsChallenge,
);
},
removeChallenge: async (dnsChallenge) => {
await this.cloudlyRef.cloudflareConnector.cloudflare.convenience.acmeRemoveDnsChallenge(
dnsChallenge,
);
},
mongoDescriptor: this.cloudlyRef.config.data.mongoDescriptor,
}); });
await this.smartacme.start().catch((err) => { await this.smartacme.start().catch((err) => {
console.error('error in init', err); console.error('error in init', err);

2
ts/manager.coreflow/coreflowmanager.ts
View File

@@ -92,7 +92,7 @@ export class CloudlyCoreflowManager {
); );
console.log(`got certificate ready for reponse ${dataArg.domainName}`); console.log(`got certificate ready for reponse ${dataArg.domainName}`);
return { return {
certificate: await cert.createSavableObject(), certificate: cert,
}; };
} }
) )

2
ts_web/00_commitinfo_data.ts
View File

@@ -3,6 +3,6 @@
*/ */
export const commitinfo = { export const commitinfo = {
name: '@serve.zone/cloudly', name: '@serve.zone/cloudly',
version: '5.0.5', version: '5.0.6',
description: 'A comprehensive tool for managing containerized applications across multiple cloud providers using Docker Swarmkit, featuring web, CLI, and API interfaces.' description: 'A comprehensive tool for managing containerized applications across multiple cloud providers using Docker Swarmkit, featuring web, CLI, and API interfaces.'
} }