Some changes for LetsEncrypt

2018-12-03 22:36:27 +01:00
parent 8a93a933a7
commit 1cad3e21ee
2 changed files with 12 additions and 34 deletions
--- a/12
+++ b/12
@@ -66,7 +66,7 @@ fi
 wo_branch=$1
 migration=0
 readonly wo_version_old="2.2.3"
-readonly wo_version_new="3.8.9"
+readonly wo_version_new="3.9."
 readonly wo_log_dir=/var/log/wo/
 readonly wo_install_log=/var/log/wo/install.log
 readonly wo_linux_distro=$(lsb_release -i | awk '{print $3}')
@@ -261,6 +261,9 @@ function wo_sync_db()
        sed -i "s/9170/9172/" /etc/nginx/conf.d/upstream.conf &>> /dev/null
    fi

+    echo "UPDATE sites SET php_version = REPLACE(php_version, '5.6', '7.2');" | sqlite3 /var/lib/wo/dbase.db
+    echo "UPDATE sites SET php_version = REPLACE(php_version, '7.0', '7.2');" | sqlite3 /var/lib/wo/dbase.db
+
    ###
    # ee-acme-sh by VirtuBox, https://virtubox.net/
    ###
@@ -280,11 +283,8 @@ function wo_sync_db()
            chmod +x $HOME/.ee-acme/ee-acme.sh
        elif [ ! -d  $HOME/.ee-acme ]; then
            mkdir -p $HOME/.ee-acme
-            wget -qO $HOME/.ee-acme/ee-acme.sh https://raw.githubusercontent.com/WordOps/wo-acme-sh/master/script/ee-acme.sh
-            chmod +x $HOME/.ee-acme/ee-acme.sh
-            if [ -z "$BASHRC_EE_ACME_FIRST_RELEASE" ] && [ -z "$BASHRC_EE_ACME_LAST_RELEASE" ]; then
-                    echo 'alias ee-acme="/root/.ee-acme/ee-acme.sh"' >> $HOME/.bashrc
-            fi
+            wget -qO /usr/local/bin/wo-acme https://raw.githubusercontent.com/WordOps/wo-acme-sh/master/script/ee-acme.sh
+            chmod +x /usr/local/bin/wo-acme
        fi
    fi
 }
--- a/wo/cli/plugins/site_functions.py
+++ b/wo/cli/plugins/site_functions.py
@@ -1226,22 +1226,6 @@ def doCleanupAction(self, domain='', webroot='', dbname='', dbuser='',
                raise SiteError("dbhost not provided")
        deleteDB(self, dbname, dbuser, dbhost)

-def cloneLetsEncrypt(self):
-    letsencrypt_repo = "https://github.com/letsencrypt/letsencrypt"
-    if not os.path.isdir("/opt"):
-        WOFileUtils.mkdir(self,"/opt")
-    try:
-        Log.info(self, "Downloading {0:20}".format("LetsEncrypt"), end=' ')
-        WOFileUtils.chdir(self, '/opt/')
-        WOShellExec.cmd_exec(self, "git clone {0}".format(letsencrypt_repo))
-        Log.info(self, "{0}".format("[" + Log.ENDC + "Done"
-                                            + Log.OKBLUE + "]"))
-        return True
-    except Exception as e:
-        Log.debug(self, "[{err}]".format(err=str(e.reason)))
-        Log.error(self, "Unable to download file, LetsEncrypt")
-        return False
-
 def setupLetsEncrypt(self, wo_domain_name):
    wo_wp_email = WOVariables.wo_email

@@ -1251,7 +1235,7 @@ def setupLetsEncrypt(self, wo_domain_name):
        ssl= archivedCertificateHandle(self,wo_domain_name,wo_wp_email)
    else:
        Log.warn(self,"Please wait while we fetch the new HTTPS certificate for your site.\nIt may take a few minutes depending on the network.")
-        ssl = WOShellExec.cmd_exec(self, "/usr/local/bin/wo-acme -d {0} --standalone "
+        ssl = WOShellExec.cmd_exec(self, "/usr/local/bin/wo-acme -s {0} --standalone "
                                .format(wo_domain_name))
    if ssl:
        Log.info(self, "The HTTPS setup for your website is successfully completed!")
@@ -1268,7 +1252,7 @@ def setupLetsEncrypt(self, wo_domain_name):
            sslconf.write("listen 443 ssl http2;\n"
                                     "ssl on;\n"
                                     "ssl_certificate     /etc/letsencrypt/live/{0}/fullchain.pem;\n"
-                                     "ssl_certificate_key     /etc/letsencrypt/live/{0}/privkey.pem;\n"
+                                     "ssl_certificate_key     /etc/letsencrypt/live/{0}/key.pem;\n"
                                     .format(wo_domain_name))
            sslconf.close()
            # updateSiteInfo(self, wo_domain_name, ssl=True)
@@ -1296,16 +1280,10 @@ def renewLetsEncrypt(self, wo_domain_name):
            Log.debug(self, "{0}".format(e))
            raise SiteError("Input WordPress email failed")

-    if not os.path.isdir("/opt/letsencrypt"):
-        cloneLetsEncrypt(self)
-    WOFileUtils.chdir(self, '/opt/letsencrypt')
-    WOShellExec.cmd_exec(self, "git pull")
-
    Log.info(self, "Renewing SSl cert for https://{0}".format(wo_domain_name))

-    ssl = WOShellExec.cmd_exec(self, "./letsencrypt-auto --renew-by-default --rsa-key-size 4096 certonly --webroot -w /var/www/{0}/htdocs/ -d {0} -d www.{0} "
-                                .format(wo_domain_name)
-                                + "--email {0} --text --agree-tos".format(wo_wp_email))
+    ssl = WOShellExec.cmd_exec(self, "/usr/local/bin/wo-acme -s {0} --standalone".format(wo_domain_name))
+
    mail_list = ''
    if not ssl:
        Log.error(self,"ERROR : Let's Encrypt certificate renewal FAILED!",False)
@@ -1386,10 +1364,10 @@ def archivedCertificateHandle(self,domain,wo_wp_email):
    elif check_prompt == "2" :
        Log.info(self,"Using Existing Certificate files")
        if not (os.path.isfile("/etc/letsencrypt/live/{0}/fullchain.pem".format(domain)) or
-                    os.path.isfile("/etc/letsencrypt/live/{0}/privkey.pem".format(domain))):
+                    os.path.isfile("/etc/letsencrypt/live/{0}/key.pem".format(domain))):
            Log.error(self,"Certificate files not found. Skipping.\n"
                           "Please check if following file exist\n\t/etc/letsencrypt/live/{0}/fullchain.pem\n\t"
-                           "/etc/letsencrypt/live/{0}/privkey.pem".format(domain))
+                           "/etc/letsencrypt/live/{0}/key.pem".format(domain))
        ssl = True

    elif check_prompt == "3":