For some DSM installs, it appears that setting the "default" flag to the
string "false" actually sets it to true. This causes Synology to set
the last updated certificate to be the default certificate. Using an
empty string appears to still be accepted as a false-y value for DSMs
where this isn't happening and corrects the behavior in the cases that
it was.
Credit to @Run-King for identifying the fix and @buxm for reporting.
On systems that /bin/sh is served by shells other than bash, or
shells that don't implement the same syntax as the bash printf builtin,
printf -- fails to produce the output necessary for standalone operation.
The test case for this was SmartOS, which uses ksh93 as its /bin/sh.
This change uses the more generic method of passing a format parameter
of a single string, and then the argument to replace it with.
Updated dns_servercow.sh to support txt records with multiple entries. This supports wildcard certificates that require txt records with the same name and different contents.
Updated dns_servercow.sh to support txt records with multiple entries. This supports wildcard certificates that require txt records with the same name and different contents.
The API now supports a POST route for adding records. Therefore
checking for already existing records and including them in a PATCH
request is no longer necessary.
Add and use _readaccountconf_mutable_default and
_saveaccountconf_mutable_default helpers to capture
common default value handling.
New approach also eliminates need for separate
underscore-prefixed version of each conf var.
* fix: unifi deploy hook also update Cloud Key nginx certs
When running on a Unifi Cloud Key device, also deploy to
/etc/ssl/private/cloudkey.{crt,key} and reload nginx. This
makes the new cert available for the Cloud Key management
app running via nginx on port 443 (as well as the port 8443
Unifi Controller app the deploy hook already supported).
Fixes#3326
* Improve settings documentation comments
* Improve Cloud Key pre-flight error messaging
* Fix typo
* Add support for UnifiOS (Cloud Key Gen2)
Since UnifiOS does not use the Java keystore (like a Unifi
Controller or Cloud Key Gen1 deploy), this also reworks
the settings validation and error messaging somewhat.
* PR review fixes
* Detect unsupported Cloud Key java keystore location
* Don't try to restart inactive services
(and remove extra spaces from reload command)
* Clean up error messages and internal variables
* Change to _getdeployconf/_savedeployconf
* Switch from cp to cat to preserve file permissions
