From 4c663dfa9febe881636ffe42222e800e57d03406 Mon Sep 17 00:00:00 2001 From: VirtuBox Date: Fri, 19 Jul 2019 01:02:00 +0200 Subject: [PATCH] Fix issues, simplify code --- config/wo.conf | 4 ++ wo/cli/plugins/site.py | 6 +-- wo/cli/plugins/site_functions.py | 79 ++++++++++++++------------------ wo/cli/plugins/stack_upgrade.py | 2 +- 4 files changed, 42 insertions(+), 49 deletions(-) diff --git a/config/wo.conf b/config/wo.conf index 4390e4d..b1e6b3c 100644 --- a/config/wo.conf +++ b/config/wo.conf @@ -68,6 +68,10 @@ password = ### EMail for WordPress sites email = +[letsencrypt] + +key-length = "ec-384" + [update] ### If enabled, load a plugin named `update` either from the Python module diff --git a/wo/cli/plugins/site.py b/wo/cli/plugins/site.py index 6be0fcb..08343db 100644 --- a/wo/cli/plugins/site.py +++ b/wo/cli/plugins/site.py @@ -1348,11 +1348,11 @@ class WOSiteUpdateController(CementBaseController): if self.app.pargs.letsencrypt == "clean": if os.path.isfile("{0}/conf/nginx/ssl.conf" .format(wo_site_webroot)): - WOFileUtils.remove("{0}/conf/nginx/ssl.conf" + WOFileUtils.remove(self, "{0}/conf/nginx/ssl.conf" .format(wo_site_webroot)) - WOFileUtils.remove("/etc/letsencrypt/live" + WOFileUtils.remove(self, "/etc/letsencrypt/live" "/{0}".format(wo_domain)) - WOFileUtils.remove("/etc/nginx/conf.d/" + WOFileUtils.remove(self, "/etc/nginx/conf.d/" "force-ssl-{0}.conf" .format(wo_domain_name)) if not WOService.reload_service(self, 'nginx'): diff --git a/wo/cli/plugins/site_functions.py b/wo/cli/plugins/site_functions.py index 1cf9a70..94ca80f 100644 --- a/wo/cli/plugins/site_functions.py +++ b/wo/cli/plugins/site_functions.py @@ -1266,8 +1266,9 @@ def doCleanupAction(self, domain='', webroot='', dbname='', dbuser='', raise SiteError("dbhost not provided") deleteDB(self, dbname, dbuser, dbhost) - # setup letsencrypt for domain + www.domain + + def setupLetsEncrypt(self, wo_domain_name, subdomain=False, wildcard=False, wo_dns=False, wo_acme_dns='dns_cf'): @@ -1279,54 +1280,42 @@ def setupLetsEncrypt(self, wo_domain_name, subdomain=False, wildcard=False, .format(wo_domain_name)) ssl = archivedCertificateHandle(self, wo_domain_name) else: + keylenght = "{0}".format(self.app.config.get('letsencrypt', + 'keylength')) + if wo_dns: + acme_mode = "--dns {0}".format(wo_acme_dns) + else: + acme_mode = "-w /var/www/html" Log.info(self, "Issuing SSL cert with acme.sh") if subdomain: - if wo_dns: - ssl = WOShellExec.cmd_exec(self, "/etc/letsencrypt/acme.sh " - "--config-home " - "'/etc/letsencrypt/config' " - "--issue " - "-d {0} --dns {1} " - "-k ec-384 -f" - .format(wo_domain_name, - wo_acme_dns)) - else: - ssl = WOShellExec.cmd_exec(self, "/etc/letsencrypt/acme.sh " - "--config-home " - "'/etc/letsencrypt/config' " - "--issue " - "-d {0} -w /var/www/html " - "-k ec-384 -f" - .format(wo_domain_name)) + ssl = WOShellExec.cmd_exec(self, "/etc/letsencrypt/acme.sh " + "--config-home " + "'/etc/letsencrypt/config' " + "--issue " + "-d {0} {1}" + "-k {3} -f" + .format(wo_domain_name, + acme_mode, + keylenght)) elif wildcard: - if wo_dns: - ssl = WOShellExec.cmd_exec(self, "/etc/letsencrypt/acme.sh " - "--config-home " - "'/etc/letsencrypt/config' " - "--issue " - "-d {0} -d *.{0} --dns {1} " - "-k ec-384 -f" - .format(wo_domain_name, - wo_acme_dns)) + ssl = WOShellExec.cmd_exec(self, "/etc/letsencrypt/acme.sh " + "--config-home " + "'/etc/letsencrypt/config' " + "--issue " + "-d {0} -d *.{0} --dns {1} " + "-k {2} -f" + .format(wo_domain_name, + wo_acme_dns, + keylenght)) else: - if wo_dns: - ssl = WOShellExec.cmd_exec(self, "/etc/letsencrypt/acme.sh " - "--config-home " - "'/etc/letsencrypt/config' " - "--issue " - "-d {0} -d www.{0} --dns {1} " - "-k ec-384 -f" - .format(wo_domain_name, - wo_acme_dns)) - else: - ssl = WOShellExec.cmd_exec(self, "/etc/letsencrypt/acme.sh " - "--config-home " - "'/etc/letsencrypt/config' " - "--issue " - "-d {0} -d www.{0} " - "-w /var/www/html " - "-k ec-384 -f" - .format(wo_domain_name)) + ssl = WOShellExec.cmd_exec(self, "/etc/letsencrypt/acme.sh " + "--config-home " + "'/etc/letsencrypt/config' " + "--issue " + "-d {0} -d www.{0} {1} " + "-k {2} -f" + .format(wo_domain_name, + acme_mode, keylenght)) if ssl: try: Log.info(self, "Deploying SSL cert with acme.sh") diff --git a/wo/cli/plugins/stack_upgrade.py b/wo/cli/plugins/stack_upgrade.py index 70876c0..ab20c5e 100644 --- a/wo/cli/plugins/stack_upgrade.py +++ b/wo/cli/plugins/stack_upgrade.py @@ -237,7 +237,7 @@ class WOStackUpgradeController(CementBaseController): '-all-languages/config.inc.php' .format(WOVariables.wo_phpmyadmin) ) - WOFileUtils.remove('{0}22222/htdocs/db/pma' + WOFileUtils.remove(self, '{0}22222/htdocs/db/pma' .format(WOVariables.wo_webroot)) shutil.move('/var/lib/wo/tmp/phpMyAdmin-{0}' '-all-languages/'