itflow icon indicating copy to clipboard operation
itflow copied to clipboard

Published 20 hours ago verified publisher icon itflow-org

Feature Request: Domains / SSLs - Versioning

Open wrongecho opened this issue 3 years ago • 5 comments

Agree with both of you, we just need to find the best approach based on each experience. I played a bit with that code, and i was so happy that i succeeded to do such big thing in developing :d I`m sure with practice, in few months i can get better and better :D

  • my logic and of course, based on experience - certs should be pulled from domain section, and allow manual input for vpn or other domains associated with the client.
  • domain WHOIS would also be great to have with all the zone records that it`s useful for when moving ns servers or some major rollback, you would know what was there before. ITGlue has it as Revisions

image image

and ssl

image image

Originally posted by @aftechro in https://github.com/johnnyq/itflow/issues/283#issuecomment-1013765959

@aftechro, Thanks for the screenshots - I've never used ITGlue.

You did really well! I don't mean to put you off contributing or say that your PRs were bad - just that we need to accommodate all the potential use cases here with the right approach.

My approach to this would be to have domains and SSL certificates as separate items, but allow SSLs to be related to a domain.

We can certainly look into gathering that info under a domain record (with a refresh button/cron or something to get current data).

It seems all they're doing with the SSL but is just parsing the Certificate data. We have half of this functionality (you can add a public key and it'll grab the expiry and issuer) but we don't have the ability to get the certificate for you (yet).

Opened a new issue for this so we can track progress and not forget about it

Broken down...:

  • Versioning for SSLs and domains
  • Relate SSLs to a domain
  • Button to fetch/sync/refresh (allows for manual entry)
    • Domain info (registrar/expiry, DNS)
    • SSL public certificate data - Done, but has a bug

Does this sound OK? Did I miss anything? General thoughts? :)

wrongecho avatar Jan 15 '22 23:01 wrongecho

That's sound great and I know it's log of work on this part as well on all the other sections, but I'm confident that with all the help we can get, this will be a great project

aftechro avatar Jan 15 '22 23:01 aftechro

For retrieving domain info, how do we feel about using a free API like https://dns-lookup.whoisxmlapi.com/api? Users would have to sign up and provide a api key in settings but this avoids massively reinventing the wheel in PHP, or worse using shell exec.

wrongecho avatar Jan 31 '22 19:01 wrongecho

Been looking into this more and there is also php-whois (https://github.com/io-developer/php-whois) package that might be helpful.

Still think that just running whois using exec and parsing the data is going to be difficult as each whois server returns the data in a slightly different format:

whois itflow.org
Registry Expiry Date: 2022-09-19T05:55:18Z

whois yahoo.co.uk
Expiry date:  09-Mar-2023

whois wikipedia.nl
Creation Date: 2002-10-21
Updated Date: 2020-07-13
[[Cannot see expiration]]

wrongecho avatar Feb 27 '22 10:02 wrongecho

All that's left to do for this is to implement versioning for records.

wrongecho avatar May 01 '22 20:05 wrongecho

Need to review the code in cron for auto-updating certs/domains. Looks like it was removed.

wrongecho avatar Jan 01 '23 10:01 wrongecho