From 5a546115bfae8519fa63e44bb04c77e390903042 Mon Sep 17 00:00:00 2001
From: Arjan H <github@hakwerk.com>
Date: Fri, 12 Jul 2019 17:42:22 +0200
Subject: [PATCH] Optional extension of timeout values

---
 gui/apply-boulder               | 16 ++++++++++++++++
 gui/main.go                     | 14 ++++++++++++++
 gui/templates/views/manage.tmpl |  6 ++++++
 3 files changed, 36 insertions(+)

diff --git a/gui/apply-boulder b/gui/apply-boulder
index a46643b..8e2bcba 100755
--- a/gui/apply-boulder
+++ b/gui/apply-boulder
@@ -20,6 +20,22 @@ if [ "$PKI_DOMAIN_MODE" == "whitelist" ]; then
     echo "  - \"$PKI_LOCKDOWN_DOMAINS\"" >> hostname-policy.yaml
 fi
 
+if [ "$PKI_EXTENDED_TIMEOUT" == "1" ]; then
+    sed -i -e "s/\"timeout\": \"15s\"/\"timeout\": \"30s\"/" config/ca-a.json
+    sed -i -e "s/\"timeout\": \"15s\"/\"timeout\": \"30s\"/" config/ca-b.json
+    sed -i -e "s/\"timeout\": \"15s\"/\"timeout\": \"30s\"/" config/admin-revoker.json
+    sed -i -e "s/\"timeout\": \"15s\"/\"timeout\": \"30s\"/" config/wfe.json
+    sed -i -e "s/\"timeout\": \"20s\"/\"timeout\": \"40s\"/" config/wfe.json
+    sed -i -e "s/\"timeout\": \"15s\"/\"timeout\": \"30s\"/" config/wfe2.json
+    sed -i -e "s/\"timeout\": \"20s\"/\"timeout\": \"40s\"/" config/wfe2.json
+    sed -i -e "s/\"timeout\": \"15s\"/\"timeout\": \"30s\"/" config/ca.json
+    sed -i -e "s/\"timeout\": \"15s\"/\"timeout\": \"30s\"/" config/expiration-mailer.json
+    sed -i -e "s/\"timeout\": \"15s\"/\"timeout\": \"30s\"/" config/ra.json
+    sed -i -e "s/\"timeout\": \"20s\"/\"timeout\": \"40s\"/" config/ra.json
+    sed -i -e "s/\"timeout\": \"15s\"/\"timeout\": \"30s\"/" config/ocsp-updater.json
+    sed -i -e "s/\"timeout\": \"15s\"/\"timeout\": \"30s\"/" config/orphan-finder.json
+fi
+
 sed -i -e "s/\"server\": \".*\"/\"server\": \"$PKI_EMAIL_SERVER\"/" config/expiration-mailer.json
 sed -i -e "s/\"port\": \".*\"/\"port\": \"$PKI_EMAIL_PORT\"/" config/expiration-mailer.json
 sed -i -e "s/\"username\": \".*\"/\"username\": \"$PKI_EMAIL_USER\"/" config/expiration-mailer.json
diff --git a/gui/main.go b/gui/main.go
index 59fae3f..c5be64f 100644
--- a/gui/main.go
+++ b/gui/main.go
@@ -150,6 +150,7 @@ type SetupConfig struct {
 	DomainMode       string
 	LockdownDomains  string
 	WhitelistDomains string
+	ExtendedTimeout  bool
 	RequestBase      string
 	Errors           map[string]string
 }
@@ -428,6 +429,7 @@ func _configUpdateHandler(w http.ResponseWriter, r *http.Request) {
 		DomainMode:       r.Form.Get("domain_mode"),
 		LockdownDomains:  r.Form.Get("lockdown_domains"),
 		WhitelistDomains: r.Form.Get("whitelist_domains"),
+		ExtendedTimeout:  (r.Form.Get("extended_timeout") == "true"),
 	}
 
 	res := struct {
@@ -477,6 +479,12 @@ func _configUpdateHandler(w http.ResponseWriter, r *http.Request) {
 			}
 		}
 
+		extendedTimeout := cfg.ExtendedTimeout
+		if extendedTimeout != viper.GetBool("labca.extended_timeout") {
+			delta = true
+			viper.Set("labca.extended_timeout", cfg.ExtendedTimeout)
+		}
+
 		if delta {
 			viper.WriteConfig()
 
@@ -994,6 +1002,7 @@ func _manageGet(w http.ResponseWriter, r *http.Request) {
 	if domainMode == "whitelist" {
 		manageData["WhitelistDomains"] = viper.GetString("labca.whitelist")
 	}
+	manageData["ExtendedTimeout"] = viper.GetBool("labca.extended_timeout")
 
 	manageData["DoEmail"] = viper.GetBool("labca.email.enable")
 	manageData["Server"] = viper.GetString("labca.email.server")
@@ -1437,6 +1446,11 @@ func _applyConfig() error {
 	os.Setenv("PKI_DOMAIN_MODE", viper.GetString("labca.domain_mode"))
 	os.Setenv("PKI_LOCKDOWN_DOMAINS", viper.GetString("labca.lockdown"))
 	os.Setenv("PKI_WHITELIST_DOMAINS", viper.GetString("labca.whitelist"))
+	if viper.GetBool("labca.extended_timeout") {
+		os.Setenv("PKI_EXTENDED_TIMEOUT", "1")
+	} else {
+		os.Setenv("PKI_EXTENDED_TIMEOUT", "0")
+	}
 	if viper.GetBool("labca.email.enable") {
 		os.Setenv("PKI_EMAIL_SERVER", viper.GetString("labca.email.server"))
 		os.Setenv("PKI_EMAIL_PORT", viper.GetString("labca.email.port"))
diff --git a/gui/templates/views/manage.tmpl b/gui/templates/views/manage.tmpl
index 6cc9187..afb8478 100644
--- a/gui/templates/views/manage.tmpl
+++ b/gui/templates/views/manage.tmpl
@@ -163,6 +163,11 @@
 
         <input type="radio" id="standard" name="domain_mode" value="standard" {{ if eq .DomainMode "standard"}}checked{{ end }}/> Standard - any official domains<br/>
       </div>
+      <div class="form-group">
+        <label>Extended timeout:</label><br/>
+        <input type="checkbox" class="extended_timeout" id="extended_timeout" value="extend" {{ if .ExtendedTimeout }}checked{{ end }}></input>
+        &nbsp;If you see timeout related errors on the Dashboard / Audit Log, try checking this box.
+      </div>
       <div class="form-group">
         <span class="hidden" id="update-config-result"></span>
         <button class="btn btn-default" type="button" id="update-config" title="Update the system configuration">Update</button>
@@ -489,6 +494,7 @@
                             domain_mode: ($("#standard").prop('checked') ? 'standard' : ($("#whitelist").prop('checked') ? 'whitelist' : 'lockdown')),
                             lockdown_domains: $("#lockdown_domains").val(),
                             whitelist_domains: $("#whitelist_domains").val(),
+                            extended_timeout: $("#extended_timeout").prop("checked"),
                         },
                     })
                     .done(function(data) {