add support for custom certificates

2025-04-26 01:03:15 -06:00
parent 52c6191803
commit 045410368d
15 changed files with 171 additions and 11 deletions
--- a/test/configuration/proxy/boot_test.rb
+++ b/test/configuration/proxy/boot_test.rb
@@ -25,5 +25,7 @@ class ConfigurationProxyBootTest < ActiveSupport::TestCase
    assert_equal "/home/kamal-proxy/.apps-config/app", @proxy_boot_config.app_container_directory
    assert_equal ".kamal/proxy/apps-config/app/error_pages", @proxy_boot_config.error_pages_directory
    assert_equal "/home/kamal-proxy/.apps-config/app/error_pages", @proxy_boot_config.error_pages_container_directory
+    assert_equal ".kamal/proxy/apps-config/app/tls", @proxy_boot_config.tls_directory
+    assert_equal "/home/kamal-proxy/.apps-config/app/tls", @proxy_boot_config.tls_container_directory
  end
 end
--- a/test/configuration/proxy_test.rb
+++ b/test/configuration/proxy_test.rb
@@ -45,6 +45,43 @@ class ConfigurationProxyTest < ActiveSupport::TestCase
    end
  end

+  test "ssl with certificate and private key from secrets" do
+    with_test_secrets("secrets" => "CERT_PEM=certificate\nKEY_PEM=private_key") do
+      @deploy[:proxy] = {
+        "ssl" => true,
+        "host" => "example.com",
+        "certificate_pem" => "CERT_PEM",
+        "private_key_pem" => "KEY_PEM"
+      }
+
+      proxy = config.proxy
+      assert_equal "/home/kamal-proxy/.apps-config/app/tls/cert.pem", proxy.certificate_pem
+      assert_equal "/home/kamal-proxy/.apps-config/app/tls/key.pem", proxy.private_key_pem
+    end
+  end
+
+  test "ssl with certificate and no private key" do
+    with_test_secrets("secrets" => "CERT_PEM=certificate") do
+      @deploy[:proxy] = {
+        "ssl" => true,
+        "host" => "example.com",
+        "certificate_pem" => "CERT_PEM"
+      }
+      assert_raises(Kamal::ConfigurationError) { config.proxy.ssl? }
+    end
+  end
+
+  test "ssl with private key and no certificate" do
+    with_test_secrets("secrets" => "KEY_PEM=private_key") do
+      @deploy[:proxy] = {
+        "ssl" => true,
+        "host" => "example.com",
+        "private_key_pem" => "KEY_PEM"
+      }
+      assert_raises(Kamal::ConfigurationError) { config.proxy.ssl? }
+    end
+  end
+
  private
    def config
      Kamal::Configuration.new(@deploy)