mirror of
https://github.com/dyzulk/trustlab-api.git
synced 2026-01-26 05:15:35 +07:00
feat: unify ca_certificates migrations (clean slate)
This commit is contained in:
dyzulk
@@ -27,6 +27,7 @@ class PublicCaController extends Controller
|
||||
'serial' => $cert->serial_number,
|
||||
'expires_at' => $cert->valid_to->toIso8601String(),
|
||||
'cdn_url' => $cert->cert_path ? Storage::disk('r2-public')->url($cert->cert_path) : null,
|
||||
'der_cdn_url' => $cert->der_path ? Storage::disk('r2-public')->url($cert->der_path) : null,
|
||||
];
|
||||
});
|
||||
|
||||
@@ -52,6 +53,11 @@ class PublicCaController extends Controller
|
||||
}
|
||||
|
||||
if ($format === 'der') {
|
||||
// Redirect to CDN if path exists and format is DER
|
||||
if ($cert->der_path) {
|
||||
return redirect()->away(Storage::disk('r2-public')->url($cert->der_path));
|
||||
}
|
||||
|
||||
// Convert PEM to DER (Base64 decode the body)
|
||||
$pem = $cert->cert_content;
|
||||
$lines = explode("\n", trim($pem));
|
||||
|
||||
@@ -24,6 +24,7 @@ class CaCertificate extends Model
|
||||
'valid_from',
|
||||
'valid_to',
|
||||
'cert_path',
|
||||
'der_path',
|
||||
'last_synced_at',
|
||||
'download_count',
|
||||
'last_downloaded_at'
|
||||
|
||||
@@ -412,20 +412,39 @@ class OpenSslService
|
||||
}
|
||||
}
|
||||
/**
|
||||
* Upload CA certificate (public) to R2 CDN.
|
||||
* Upload CA certificate (public) to R2 CDN in both PEM and DER formats.
|
||||
*/
|
||||
public function uploadToCdn(CaCertificate $cert)
|
||||
{
|
||||
try {
|
||||
$filename = 'ca/' . Str::slug($cert->common_name) . '-' . $cert->uuid . '.crt';
|
||||
$baseFilename = 'ca/' . Str::slug($cert->common_name) . '-' . $cert->uuid;
|
||||
$pemFilename = $baseFilename . '.crt';
|
||||
$derFilename = $baseFilename . '.der';
|
||||
|
||||
Storage::disk('r2-public')->put($filename, $cert->cert_content, [
|
||||
// 1. Upload PEM (.crt)
|
||||
Storage::disk('r2-public')->put($pemFilename, $cert->cert_content, [
|
||||
'visibility' => 'public',
|
||||
'ContentType' => 'application/x-x509-ca-cert'
|
||||
]);
|
||||
|
||||
// 2. Convert to DER and Upload (.der)
|
||||
$lines = explode("\n", trim($cert->cert_content));
|
||||
$payload = '';
|
||||
foreach ($lines as $line) {
|
||||
if (!str_starts_with($line, '-----')) {
|
||||
$payload .= trim($line);
|
||||
}
|
||||
}
|
||||
$derContent = base64_decode($payload);
|
||||
|
||||
Storage::disk('r2-public')->put($derFilename, $derContent, [
|
||||
'visibility' => 'public',
|
||||
'ContentType' => 'application/x-x509-ca-cert'
|
||||
]);
|
||||
|
||||
$cert->update([
|
||||
'cert_path' => $filename,
|
||||
'cert_path' => $pemFilename,
|
||||
'der_path' => $derFilename,
|
||||
'last_synced_at' => now()
|
||||
]);
|
||||
|
||||
|
||||
@@ -11,23 +11,42 @@ return new class extends Migration
|
||||
*/
|
||||
public function up(): void
|
||||
{
|
||||
// 1. Create table if not exists (Clean Slate for fresh install)
|
||||
if (!Schema::connection('mysql_ca')->hasTable('ca_certificates')) {
|
||||
Schema::connection('mysql_ca')->create('ca_certificates', function (Blueprint $table) {
|
||||
$table->string('uuid', 32)->primary();
|
||||
$table->string('ca_type'); // root, intermediate_4096, intermediate_2048
|
||||
$table->string('ca_type');
|
||||
$table->longText('cert_content')->nullable();
|
||||
$table->longText('key_content')->nullable();
|
||||
$table->string('serial_number')->nullable();
|
||||
|
||||
// CDN Integration Columns
|
||||
$table->string('cert_path')->nullable();
|
||||
$table->string('der_path')->nullable();
|
||||
$table->timestamp('last_synced_at')->nullable();
|
||||
|
||||
$table->string('common_name')->nullable();
|
||||
$table->string('organization')->nullable();
|
||||
$table->dateTime('valid_from')->nullable();
|
||||
$table->dateTime('valid_to')->nullable();
|
||||
|
||||
// Tracking
|
||||
$table->unsignedBigInteger('download_count')->default(0);
|
||||
$table->timestamp('last_downloaded_at')->nullable();
|
||||
$table->timestamps();
|
||||
});
|
||||
} else {
|
||||
// 2. Self-Healing: Add missing columns if table already exists (Production Sync)
|
||||
Schema::connection('mysql_ca')->table('ca_certificates', function (Blueprint $table) {
|
||||
if (!Schema::connection('mysql_ca')->hasColumn('ca_certificates', 'cert_path')) {
|
||||
$table->string('cert_path')->nullable()->after('serial_number');
|
||||
}
|
||||
if (!Schema::connection('mysql_ca')->hasColumn('ca_certificates', 'der_path')) {
|
||||
$table->string('der_path')->nullable()->after('cert_path');
|
||||
}
|
||||
if (!Schema::connection('mysql_ca')->hasColumn('ca_certificates', 'last_synced_at')) {
|
||||
$table->timestamp('last_synced_at')->nullable()->after('der_path');
|
||||
}
|
||||
});
|
||||
}
|
||||
}
|
||||
|
||||
|
||||
@@ -1,29 +0,0 @@
|
||||
<?php
|
||||
|
||||
use Illuminate\Database\Migrations\Migration;
|
||||
use Illuminate\Database\Schema\Blueprint;
|
||||
use Illuminate\Support\Facades\Schema;
|
||||
|
||||
return new class extends Migration
|
||||
{
|
||||
/**
|
||||
* Run the migrations.
|
||||
*/
|
||||
public function up(): void
|
||||
{
|
||||
Schema::connection('mysql_ca')->table('ca_certificates', function (Blueprint $table) {
|
||||
$table->string('cert_path')->nullable()->after('serial_number');
|
||||
$table->timestamp('last_synced_at')->nullable()->after('cert_path');
|
||||
});
|
||||
}
|
||||
|
||||
/**
|
||||
* Reverse the migrations.
|
||||
*/
|
||||
public function down(): void
|
||||
{
|
||||
Schema::connection('mysql_ca')->table('ca_certificates', function (Blueprint $table) {
|
||||
$table->dropColumn(['cert_path', 'last_synced_at']);
|
||||
});
|
||||
}
|
||||
};
|
||||
Reference in New Issue
Block a user