Malin/WPIQ
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

refactor letsencrypt

Browse Source
This commit is contained in:
VirtuBox
2019-03-17 17:38:57 +01:00
parent fc796bee40
commit 2f28047b1a
1 changed files with 75 additions and 70 deletions
Download Patch File Download Diff File Expand all files Collapse all files

145
wo/cli/plugins/site_functions.py
View File

@@ -1211,39 +1211,32 @@ def setupLetsEncrypt(self, wo_domain_name):
Log.warn(self, "Please wait while we fetch the new HTTPS certificate" Log.warn(self, "Please wait while we fetch the new HTTPS certificate"
" for your site.\nIt may take a few minutes" " for your site.\nIt may take a few minutes"
" depending on the network.") " depending on the network.")
ssl = WOShellExec.cmd_exec(self, "/etc/letsencrypt/acme.sh " sslissue = WOShellExec.cmd_exec(self, "/etc/letsencrypt/acme.sh "
"--config-home " "--config-home "
"'/etc/letsencrypt/config' " "'/etc/letsencrypt/config' "
"--issue " "--issue "
"-d {0} -d www.{0} -w /var/www/html " "-d {0} -d www.{0} -w /var/www/html "
"-k ec-384" "-k ec-384"
.format(wo_domain_name)) .format(wo_domain_name))
if ssl: if sslissue:
Log.info(self, "The HTTPS setup for your website is "
"successfully completed!") Log.debug(self, "Cert deployment for domain: {0}"
Log.info(self, "Your certificate and chain have been saved in " .format(wo_domain_name))
"{0}/{1}/fullchain.pem" ssl = WOShellExec.cmd_exec(self, "mkdir -p {0}/{1} && "
.format(WOVariables.wo_ssl_live, wo_domain_name)) "/etc/letsencrypt/acme.sh "
Log.info(self, "Configuring nginx HTTPS configuration") "--config-home "
"'/etc/letsencrypt/config'"
"--install-cert -d {1} --ecc "
"--cert-file {0}/{1}/cert.pem "
"--key-file {0}/{1}/key.pem "
"--fullchain-file "
"{0}/{1}/fullchain.pem "
"--reloadcmd "
"\"service nginx restart\" "
.format(WOVariables.wo_ssl_live,
wo_domain_name))
if ssl:
if os.path.isfile("{0}/{1}_ecc/fullchain.cer"
.format(WOVariables.wo_ssl_archive, wo_domain_name)):
Log.debug(self, "Cert deployment for domain: {0}"
.format(wo_domain_name))
ssl_deploy = WOShellExec.cmd_exec(self,
"mkdir -p {0}/{1} && "
"/etc/letsencrypt/acme.sh "
"--config-home "
"'/etc/letsencrypt/config'"
"--install-cert -d {1} --ecc "
"--cert-file {0}/{1}/cert.pem "
"--key-file {0}/{1}/key.pem "
"--fullchain-file "
"{0}/{1}/fullchain.pem "
"--reloadcmd "
"\"service nginx restart\" "
.format(WOVariables.wo_ssl_live,
wo_domain_name))
try: try:
Log.info( Log.info(
self, "Adding /var/www/{0}/conf/nginx/ssl.conf" self, "Adding /var/www/{0}/conf/nginx/ssl.conf"
@@ -1264,16 +1257,16 @@ def setupLetsEncrypt(self, wo_domain_name):
WOGit.add(self, ["/etc/letsencrypt"], WOGit.add(self, ["/etc/letsencrypt"],
msg="Adding letsencrypt folder") msg="Adding letsencrypt folder")
except IOError as e: except IOError as e:
Log.debug(self, str(e)) Log.debug(self, str(e))
Log.debug(self, "Error occured while generating " Log.debug(self, "Error occured while generating "
"ssl.conf") "ssl.conf")
else: else:
Log.error(self, "Unable to setup, Let\'s Encrypt", False) Log.error(self, "Unable to install certificate", False)
Log.error(self, "Please make sure that your site is pointed to \n" Log.error(self, "Please make sure that your site is pointed to \n"
"same server on which " "same server on which "
"you are running Let\'s Encrypt Client " "you are running Let\'s Encrypt Client "
"\n to allow it to verify the site automatically.") "\n to allow it to verify the site automatically.")
# setup letsencrypt for a subdomain # setup letsencrypt for a subdomain
@@ -1285,29 +1278,41 @@ def setupLetsEncryptSubdomain(self, wo_domain_name):
.format(WOVariables.wo_ssl_archive, wo_domain_name)): .format(WOVariables.wo_ssl_archive, wo_domain_name)):
Log.debug(self, "Let's Encrypt certificate found for the domain: {0}" Log.debug(self, "Let's Encrypt certificate found for the domain: {0}"
.format(wo_domain_name)) .format(wo_domain_name))
ssl = archivedCertificateHandle(self, wo_domain_name)
else: else:
Log.warn(self, "Please wait while we fetch the new HTTPS certificate " Log.warn(self, "Please wait while we fetch the new HTTPS certificate"
"for your site.\nIt may take a " " for your site.\nIt may take a few minutes"
"few minutes depending on the network.") " depending on the network.")
ssl = WOShellExec.cmd_exec(self, "/etc/letsencrypt/acme.sh " sslissue = WOShellExec.cmd_exec(self, "/etc/letsencrypt/acme.sh "
"--config-home " "--config-home "
"'/etc/letsencrypt/config' " "'/etc/letsencrypt/config' "
"--issue " "--issue "
"-d {0} -w /var/www/html " "-d {0} -w /var/www/html "
"-k ec-384" "-k ec-384"
.format(wo_domain_name)) .format(wo_domain_name))
if sslissue:
Log.debug(self, "Cert deployment for domain: {0}"
.format(wo_domain_name))
ssl = WOShellExec.cmd_exec(self, "mkdir -p {0}/{1} && "
"/etc/letsencrypt/acme.sh "
"--config-home "
"'/etc/letsencrypt/config'"
"--install-cert -d {1} --ecc "
"--cert-file {0}/{1}/cert.pem "
"--key-file {0}/{1}/key.pem "
"--fullchain-file "
"{0}/{1}/fullchain.pem "
"--reloadcmd "
"\"service nginx restart\" "
.format(WOVariables.wo_ssl_live,
wo_domain_name))
if ssl: if ssl:
Log.info(self, "The HTTPS setup for your website "
"is successfully completed!")
Log.info(self, "Your certificate and chain have been saved in "
"{0}/{1}/fullchain.pem"
.format(WOVariables.wo_ssl_live, wo_domain_name))
Log.info(self, "Configuring nginx HTTPS configuration")
try: try:
Log.info( Log.info(
self, "Adding /var/www/{0}/conf/nginx/ssl.conf" self, "Adding /var/www/{0}/conf/nginx/ssl.conf"
.format(wo_domain_name)) .format(wo_domain_name))
sslconf = open("/var/www/{0}/conf/nginx/ssl.conf" sslconf = open("/var/www/{0}/conf/nginx/ssl.conf"
.format(wo_domain_name), .format(wo_domain_name),
@@ -1317,23 +1322,23 @@ def setupLetsEncryptSubdomain(self, wo_domain_name):
"ssl on;\n" "ssl on;\n"
"ssl_certificate {0}/{1}/fullchain.pem;\n" "ssl_certificate {0}/{1}/fullchain.pem;\n"
"ssl_certificate_key {0}/{1}/key.pem;\n" "ssl_certificate_key {0}/{1}/key.pem;\n"
.format(WOVariables.wo_ssl_live, wo_domain_name)) .format(wo_ssl_live, wo_domain_name))
sslconf.close() sslconf.close()
# updateSiteInfo(self, wo_domain_name, ssl=True) # updateSiteInfo(self, wo_domain_name, ssl=True)
WOGit.add(self, ["/etc/letsencrypt"], WOGit.add(self, ["/etc/letsencrypt"],
msg="Adding letsencrypt folder") msg="Adding letsencrypt folder")
except IOError as e: except IOError as e:
Log.debug(self, str(e)) Log.debug(self, str(e))
Log.debug(self, "Error occured while generating " Log.debug(self, "Error occured while generating "
"ssl.conf") "ssl.conf")
else: else:
Log.error(self, "Unable to setup, Let\'s Encrypt", False) Log.error(self, "Unable to install certificate", False)
Log.error(self, "Please make sure that your site is pointed to \n" Log.error(self, "Please make sure that your site is pointed to \n"
"same server on which " "same server on which "
"you are running Let\'s Encrypt Client " "you are running Let\'s Encrypt Client "
"\n to allow it to verify the site automatically.") "\n to allow it to verify the site automatically.")
# letsencrypt cert renewal # letsencrypt cert renewal