application_controller.rb
1.18 KB
class ApplicationController < ActionController::Base
# Prevent CSRF attacks by raising an exception.
# For APIs, you may want to use :null_session instead.
protect_from_forgery with: :exception
def check_cert
@cert = Certificate.find_by active: true
unless @cert
@cert = Certificate.create
@cert.save
end
# update cert on all hosts if close to end.
# This will never fail as lxd is very lax with its certificates.
# It accepts certificates even behind the not_after date.
# As a result a password is only required when a new host is added
# or we remove the current cert completely.
if (@cert.cert.not_after - 1.day + 300) < Time.now
@new_cert = @cert.update
Host.all.each { |host|
host.cert = @cert
# add new certificate
cert = Lxd::Certificate.new(
api: host.api,
certificate: @new_cert.cert.to_pem.split("\n")[1...-1].join)
cert.add
# delete old certificate / we don't want this to be used
# any more.
Lxd::Certificate.new(
api: host.api, fingerprint: @cert.cert_fpr).delete
}
@cert = @new_cert
end
end
end
# vim: set et ts=2 sw=2: