chore: Automate SSL with Cloudflare (#12021)

This PR adds support for automatic SSL issuance using Cloudflare when a custom domain is updated. - Introduced a cloudflare configuration. If present, the system will attempt to issue an SSL certificate via Cloudflare whenever a custom domain is added or changed. - SSL verification is handled using an HTTP challenge. - The job will store the HTTP challenge response provided by Cloudflare and serve it under the /.well-known/cf path automatically. How to test: - Create a Cloudflare zone for your domain and copy the Zone ID. - Generate a Cloudflare API token with the required SSL certificate permissions. - Set the Fallback Origin under SSL -> Custom HostName to the Chatwoot installation. - Add or update a custom domain and verify that the SSL certificate is automatically issued. --------- Co-authored-by: Sojan Jose <sojan@pepalo.com>
2025-07-24 13:09:06 +04:00
parent 9acb0d86b5
commit 420be64c45
17 changed files with 507 additions and 3 deletions
--- a/app/controllers/microsoft_controller.rb
+++ b/app/controllers/microsoft_controller.rb
@@ -2,7 +2,7 @@ class MicrosoftController < ApplicationController
  after_action :set_version_header

  def identity_association
-    microsoft_indentity
+    microsoft_identity
  end

  private
@@ -11,7 +11,7 @@ class MicrosoftController < ApplicationController
    response.headers['Content-Length'] = { associatedApplications: [{ applicationId: @identity_json }] }.to_json.length
  end

-  def microsoft_indentity
+  def microsoft_identity
    @identity_json = GlobalConfigService.load('AZURE_APP_ID', nil)
  end
 end
--- a/app/models/portal.rb
+++ b/app/models/portal.rb
@@ -12,6 +12,7 @@
 #  name                  :string           not null
 #  page_title            :string
 #  slug                  :string           not null
+#  ssl_settings          :jsonb            not null
 #  created_at            :datetime         not null
 #  updated_at            :datetime         not null
 #  account_id            :integer          not null
@@ -69,3 +70,5 @@ class Portal < ApplicationRecord
    errors.add(:cofig, "in portal on #{denied_keys.join(',')} is not supported.") if denied_keys.any?
  end
 end
+
+Portal.include_mod_with('Concerns::Portal')