Merge pull request #560 from WordOps/updating-configuration

Deploy ssl.conf from mustache template

wo/cli/templates/ssl.mustache

@@ -0,0 +1,6 @@
+listen 443 ssl http2;
+listen [::]:443 ssl http2;
+ssl_certificate     {{ssl_live_path}}/{{domain}}/fullchain.pem;
+ssl_certificate_key     {{ssl_live_path}}/{{domain}}/key.pem;
+ssl_trusted_certificate {{ssl_live_path}}/{{domain}}/ca.pem;
+ssl_stapling_verify on;

wo/core/acme.py

@@ -8,6 +8,7 @@ from wo.core.git import WOGit
 from wo.core.logging import Log
 from wo.core.shellexec import WOShellExec, CommandExecutionError
 from wo.core.variables import WOVar
+from wo.core.template import WOTemplate
 
 
 class WOAcme:
@@ -140,30 +141,21 @@ class WOAcme:
             if os.path.isdir('/var/www/{0}/conf/nginx'
                              .format(wo_domain_name)):
 
-                sslconf = open("/var/www/{0}/conf/nginx/ssl.conf"
+                data = dict(ssl_live_path=WOVar.wo_ssl_live,
+                            domain=wo_domain_name)
+                WOTemplate.deploy(self,
+                                  '/var/www/{0}/conf/nginx/ssl.conf'
                                   .format(wo_domain_name),
-                               encoding='utf-8', mode='w')
-                sslconf.write(
-                    "listen 443 ssl http2;\n"
-                    "listen [::]:443 ssl http2;\n"
-                    "ssl_certificate     {0}/{1}/fullchain.pem;\n"
-                    "ssl_certificate_key     {0}/{1}/key.pem;\n"
-                    "ssl_trusted_certificate {0}/{1}/ca.pem;\n"
-                    "ssl_stapling_verify on;\n"
-                    .format(WOVar.wo_ssl_live, wo_domain_name))
-                sslconf.close()
+                                  'ssl.mustache', data, overwrite=False)
 
             if not WOFileUtils.grep(self, '/var/www/22222/conf/nginx/ssl.conf',
                                     '/etc/letsencrypt'):
                 Log.info(self, "Securing WordOps backend with current cert")
-                sslconf = open("/var/www/22222/conf/nginx/ssl.conf",
-                               encoding='utf-8', mode='w')
-                sslconf.write("ssl_certificate     {0}/{1}/fullchain.pem;\n"
-                              "ssl_certificate_key     {0}/{1}/key.pem;\n"
-                              "ssl_trusted_certificate {0}/{1}/ca.pem;\n"
-                              "ssl_stapling_verify on;\n"
-                              .format(WOVar.wo_ssl_live, wo_domain_name))
-                sslconf.close()
+                data = dict(ssl_live_path=WOVar.wo_ssl_live,
+                            domain=wo_domain_name)
+                WOTemplate.deploy(self,
+                                  '/var/www/22222/conf/nginx/ssl.conf',
+                                  'ssl.mustache', data, overwrite=False)
 
             WOGit.add(self, ["/etc/letsencrypt"],
                       msg="Adding letsencrypt folder")