diff --git a/wo/cli/plugins/site.py b/wo/cli/plugins/site.py index 11c9d1b..8e29f6c 100644 --- a/wo/cli/plugins/site.py +++ b/wo/cli/plugins/site.py @@ -337,7 +337,8 @@ class WOSiteCreateController(CementBaseController): choices=('on', 'subdomain', 'wildcard'), const='on', nargs='?')), (['--hsts'], - dict(help="enable HSTS for site secured with letsencrypt")), + dict(help="enable HSTS for site secured with letsencrypt", + action='store_true')), (['--user'], dict(help="provide user for WordPress site")), (['--email'], @@ -675,9 +676,10 @@ class WOSiteCreateController(CementBaseController): data['letsencrypt'] = True letsencrypt = True - if self.app.pargs.hsts == 'on': - data['hsts'] = True - hsts = True + if self.app.pargs.hsts: + if self.app.pargs.hsts == "on": + data['hsts'] = True + hsts = True if data['letsencrypt'] is True: setupLetsEncrypt(self, wo_domain) @@ -781,7 +783,7 @@ class WOSiteUpdateController(CementBaseController): choices=('on', 'off', 'renew', 'subdomain', 'wildcard'), const='on', nargs='?')), (['--hsts'], - dict(help="configure hsts on site secured with letsencrypt", + dict(help="configure HSTS on site secured with letsencrypt", action='store' or 'store_const', choices=('on', 'off'), const='on', nargs='?')), @@ -1111,14 +1113,6 @@ class WOSiteUpdateController(CementBaseController): data['hsts'] = False hsts = False - if pargs.hsts: - if pargs.hsts == 'on': - data['hsts'] = True - hsts = True - elif pargs.hsts == 'off': - data['hsts'] = False - hsts = False - if letsencrypt is check_ssl: if letsencrypt is False: Log.error(self, "SSl is not configured for given " @@ -1128,6 +1122,14 @@ class WOSiteUpdateController(CementBaseController): "site") pargs.letsencrypt = False + if pargs.hsts: + if pargs.hsts == 'on': + data['hsts'] = True + hsts = True + elif pargs.hsts == 'off': + data['hsts'] = False + hsts = False + if data and (not pargs.php73): if old_php73 is True: data['php73'] = True @@ -1344,6 +1346,38 @@ class WOSiteUpdateController(CementBaseController): updateSiteInfo(self, wo_domain, ssl=letsencrypt) return 0 + if pargs.htsts == "on": + if check_ssl: + if not os.path.isfile(("{0}/conf/nginx/hsts.conf.disabled") + .format(wo_site_webroot)): + setupHsts(self, wo_domain) + else: + WOFileUtils.mvfile(self, "{0}/conf/nginx/" + "hsts.conf.disabled" + .format(wo_site_webroot), + '{0}/conf/nginx/hsts.conf' + .format(wo_site_webroot)) + else: + Log.error(self, "HTTPS is not configured for given " + "site") + return 0 + + if pargs.htsts == "off": + if os.path.isfile(("{0}/conf/nginx/hsts.conf") + .format(wo_site_webroot)): + WOFileUtils.mvfile(self, "{0}/conf/nginx/" + "hsts.conf" + .format(wo_site_webroot), + '{0}/conf/nginx/hsts.conf.disabled' + .format(wo_site_webroot)) + + if not WOService.reload_service(self, 'nginx'): + Log.error(self, "service nginx reload failed. " + "check issues with `nginx -t` command") + else: + Log.error(self, "HSTS is not configured for given " + "site") + if stype == oldsitetype and cache == oldcachetype: # Service Nginx Reload