Add --force to site for -le
This commit is contained in:
VirtuBox
@@ -13,6 +13,7 @@ The format is based on [Keep a Changelog](https://keepachangelog.com/en/1.0.0/),
|
|||||||
- [SECURE] Allow new ssh port with UFW when running `wo secure --sshport`
|
- [SECURE] Allow new ssh port with UFW when running `wo secure --sshport`
|
||||||
- [SECURITY] Additional Nginx directives to prevent access to log files or backup from web browser
|
- [SECURITY] Additional Nginx directives to prevent access to log files or backup from web browser
|
||||||
- [CORE] apt-mirror-updater to select the fastest debian/ubuntu mirror with automatic switching between mirrors if the current mirror is being updated
|
- [CORE] apt-mirror-updater to select the fastest debian/ubuntu mirror with automatic switching between mirrors if the current mirror is being updated
|
||||||
|
- [SITE] add `--force` to force Let's Encrypt certificate issuance even if DNS check fail
|
||||||
|
|
||||||
#### Changed
|
#### Changed
|
||||||
|
|
||||||
|
|||||||
@@ -368,6 +368,9 @@ class WOSiteCreateController(CementBaseController):
|
|||||||
action='store' or 'store_const',
|
action='store' or 'store_const',
|
||||||
choices=('on', 'subdomain', 'wildcard'),
|
choices=('on', 'subdomain', 'wildcard'),
|
||||||
const='on', nargs='?')),
|
const='on', nargs='?')),
|
||||||
|
(['--force'],
|
||||||
|
dict(help="force Let's Encrypt certificate issuance",
|
||||||
|
action='store_true')),
|
||||||
(['--dns'],
|
(['--dns'],
|
||||||
dict(help="choose dns provider api for letsencrypt",
|
dict(help="choose dns provider api for letsencrypt",
|
||||||
action='store' or 'store_const',
|
action='store' or 'store_const',
|
||||||
@@ -796,9 +799,11 @@ class WOSiteCreateController(CementBaseController):
|
|||||||
else:
|
else:
|
||||||
# check DNS records before issuing cert
|
# check DNS records before issuing cert
|
||||||
if not acmedata['dns'] is True:
|
if not acmedata['dns'] is True:
|
||||||
if not WOAcme.check_dns(self, acme_domains):
|
if not pargs.force:
|
||||||
Log.error(self,
|
if not WOAcme.check_dns(self, acme_domains):
|
||||||
"Aborting SSL certificate issuance")
|
Log.error(self,
|
||||||
|
"Aborting SSL "
|
||||||
|
"certificate issuance")
|
||||||
Log.debug(self, "Setup Cert with acme.sh for {0}"
|
Log.debug(self, "Setup Cert with acme.sh for {0}"
|
||||||
.format(wo_domain))
|
.format(wo_domain))
|
||||||
if WOAcme.setupletsencrypt(
|
if WOAcme.setupletsencrypt(
|
||||||
@@ -806,9 +811,10 @@ class WOSiteCreateController(CementBaseController):
|
|||||||
WOAcme.deploycert(self, wo_domain)
|
WOAcme.deploycert(self, wo_domain)
|
||||||
else:
|
else:
|
||||||
if not acmedata['dns'] is True:
|
if not acmedata['dns'] is True:
|
||||||
if not WOAcme.check_dns(self, acme_domains):
|
if not pargs.force:
|
||||||
Log.error(self,
|
if not WOAcme.check_dns(self, acme_domains):
|
||||||
"Aborting SSL certificate issuance")
|
Log.error(self,
|
||||||
|
"Aborting SSL certificate issuance")
|
||||||
if WOAcme.setupletsencrypt(
|
if WOAcme.setupletsencrypt(
|
||||||
self, acme_domains, acmedata):
|
self, acme_domains, acmedata):
|
||||||
WOAcme.deploycert(self, wo_domain)
|
WOAcme.deploycert(self, wo_domain)
|
||||||
@@ -885,6 +891,9 @@ class WOSiteUpdateController(CementBaseController):
|
|||||||
choices=('on', 'off', 'renew', 'subdomain',
|
choices=('on', 'off', 'renew', 'subdomain',
|
||||||
'wildcard', 'clean', 'purge'),
|
'wildcard', 'clean', 'purge'),
|
||||||
const='on', nargs='?')),
|
const='on', nargs='?')),
|
||||||
|
(['--force'],
|
||||||
|
dict(help="force LetsEncrypt certificate issuance",
|
||||||
|
action='store_true')),
|
||||||
(['--dns'],
|
(['--dns'],
|
||||||
dict(help="choose dns provider api for letsencrypt",
|
dict(help="choose dns provider api for letsencrypt",
|
||||||
action='store' or 'store_const',
|
action='store' or 'store_const',
|
||||||
@@ -1446,10 +1455,13 @@ class WOSiteUpdateController(CementBaseController):
|
|||||||
else:
|
else:
|
||||||
# check DNS records before issuing cert
|
# check DNS records before issuing cert
|
||||||
if not acmedata['dns'] is True:
|
if not acmedata['dns'] is True:
|
||||||
if not WOAcme.check_dns(self, acme_domains):
|
if not pargs.force:
|
||||||
Log.error(
|
if not WOAcme.check_dns(self,
|
||||||
self,
|
acme_domains):
|
||||||
"Aborting SSL certificate issuance")
|
Log.error(
|
||||||
|
self,
|
||||||
|
"Aborting SSL certificate "
|
||||||
|
"issuance")
|
||||||
Log.debug(self, "Setup Cert with acme.sh for {0}"
|
Log.debug(self, "Setup Cert with acme.sh for {0}"
|
||||||
.format(wo_domain))
|
.format(wo_domain))
|
||||||
if WOAcme.setupletsencrypt(
|
if WOAcme.setupletsencrypt(
|
||||||
@@ -1460,10 +1472,11 @@ class WOSiteUpdateController(CementBaseController):
|
|||||||
else:
|
else:
|
||||||
# check DNS records before issuing cert
|
# check DNS records before issuing cert
|
||||||
if not acmedata['dns'] is True:
|
if not acmedata['dns'] is True:
|
||||||
if not WOAcme.check_dns(self, acme_domains):
|
if not pargs.force:
|
||||||
Log.error(
|
if not WOAcme.check_dns(self, acme_domains):
|
||||||
self,
|
Log.error(
|
||||||
"Aborting SSL certificate issuance")
|
self,
|
||||||
|
"Aborting SSL certificate issuance")
|
||||||
if WOAcme.setupletsencrypt(
|
if WOAcme.setupletsencrypt(
|
||||||
self, acme_domains, acmedata):
|
self, acme_domains, acmedata):
|
||||||
WOAcme.deploycert(self, wo_domain)
|
WOAcme.deploycert(self, wo_domain)
|
||||||
|
|||||||
Reference in New Issue
Block a user