TLS Add-On support for Secondary Domains
-
Now that cloudron has custom secondary domains feature, some apps that require their own TLS on subdomains (like XMPP servers) are made possible.
Here is a patch that expands TLS addon to support this:
https://git.cloudron.io/synchrone/box/-/commit/575247af0610dd6cc76142fe697e5415b256427bThis will help the following prospective apps to provide a sufficient level of XMPP support, as verifying TLS on their TCP ports under subdomain names is mandatory nowadays:
https://forum.cloudron.io/topic/7755/openfire-xmpp-server
https://forum.cloudron.io/topic/2486/ejabberd-robust-scalable-and-extensible-realtime-server-using-xmpp-mqtt-and-sip/12
https://forum.cloudron.io/topic/4188/snikket-server-your-own-messaging-server-in-a-box/9
https://forum.cloudron.io/topic/1234/prosody-kaiwa/5 -
-
@syn that only restarts the app when the primary domain cert renews.
I did a whole bunch of changes over the weekend to fix some cert renewal issues (specifically, mail container was not getting updated properly when cert renews). I will try to incorporate your changes into it (probably only for 7.4 though).
-
Thanks @syn . This is implemented in 7.3.4 . The
/etc/certs
directory has the certs inDOMAIN.cert
andDOMAIN.key
form (both pem format). -
-