diff --git a/wo/cli/plugins/site.py b/wo/cli/plugins/site.py index 69fcc1b..0978aed 100644 --- a/wo/cli/plugins/site.py +++ b/wo/cli/plugins/site.py @@ -335,6 +335,8 @@ class WOSiteCreateController(CementBaseController): dict(help="create HHVM site", action='store_true')), (['-le', '--letsencrypt'], dict(help="configure letsencrypt ssl for the site", action='store_true')), + (['--subdomain'], + dict(help="specify the site is a subdomain for letsencrypt", action='store_true')), (['--user'], dict(help="provide user for wordpress site")), (['--email'], @@ -711,34 +713,16 @@ class WOSiteCreateController(CementBaseController): Log.error(self, "Check the log for details: " "`tail /var/log/wo/wordops.log` and please try again") - if self.app.pargs.letsencrypt: - if (self.app.pargs.experimental): - if stype in ['wpsubdomain']: - Log.warn( - self, "Wildcard domains are not supported in Lets Encrypt.\nWP SUBDOMAIN site will get SSL for primary site only.") - - Log.info(self, "Letsencrypt is currently in beta phase." - " \nDo you wish" - " to enable SSl now for {0}?".format(wo_domain)) - - # Check prompt - check_prompt = input("Type \"y\" to continue [n]:") - if check_prompt != "Y" and check_prompt != "y": - data['letsencrypt'] = False - letsencrypt = False - else: - data['letsencrypt'] = True - letsencrypt = True - else: - data['letsencrypt'] = True - letsencrypt = True + if self.app.pargs.letsencrypt and (not self.app.pargs.subdomain): + if stype in ['wpsubdomain']: + Log.warn( + self, "Wildcard domains are not supported in Lets Encrypt.\nWP SUBDOMAIN site will get SSL for primary site only.") + data['letsencrypt'] = True + letsencrypt = True if data['letsencrypt'] is True: setupLetsEncrypt(self, wo_domain) httpsRedirect(self, wo_domain) - Log.info(self, "Creating Cron Job for cert auto-renewal") - WOCron.setcron_weekly(self, 'wo site update --le=renew --all 2> /dev/null'.format(wo_domain), 'Renew all' - ' letsencrypt SSL cert. Set by WordOps') if not WOService.reload_service(self, 'nginx'): Log.error(self, "service nginx reload failed. " @@ -747,12 +731,30 @@ class WOSiteCreateController(CementBaseController): Log.info(self, "Congratulations! Successfully Configured SSl for Site " " https://{0}".format(wo_domain)) - if (SSL.getExpirationDays(self, wo_domain) > 0): - Log.info(self, "Your cert will expire within " + - str(SSL.getExpirationDays(self, wo_domain)) + " days.") - else: - Log.warn( - self, "Your cert already EXPIRED ! .PLEASE renew soon . ") + # Add nginx conf folder into GIT + WOGit.add(self, ["{0}/conf/nginx".format(wo_site_webroot)], + msg="Adding letsencrypts config of site: {0}" + .format(wo_domain)) + updateSiteInfo(self, wo_domain, ssl=letsencrypt) + + elif data['letsencrypt'] is False: + Log.info(self, "Not using Let\'s encrypt for Site " + " http://{0}".format(wo_domain)) + + if self.app.pargs.letsencrypt and self.app.pargs.subdomain: + data['letsencrypt'] = True + letsencrypt = True + + if data['letsencrypt'] is True: + setupLetsEncryptSubdomain(self, wo_domain) + httpsRedirect(self, wo_domain) + + if not WOService.reload_service(self, 'nginx'): + Log.error(self, "service nginx reload failed. " + "check issues with `nginx -t` command") + + Log.info(self, "Congratulations! Successfully Configured SSl for Site " + " https://{0}".format(wo_domain)) # Add nginx conf folder into GIT WOGit.add(self, ["{0}/conf/nginx".format(wo_site_webroot)], diff --git a/wo/cli/plugins/site_functions.py b/wo/cli/plugins/site_functions.py index 4eea310..1c24911 100644 --- a/wo/cli/plugins/site_functions.py +++ b/wo/cli/plugins/site_functions.py @@ -24,6 +24,7 @@ import platform class SiteError(Exception): """Custom Exception Occured when setting up site""" + def __init__(self, message): self.message = message @@ -74,10 +75,10 @@ def setupdomain(self, data): mode='w') if not data['php73']: self.app.render((data), 'virtualconf.mustache', - out=wo_site_nginx_conf) + out=wo_site_nginx_conf) else: self.app.render((data), 'virtualconf-php7.mustache', - out=wo_site_nginx_conf) + out=wo_site_nginx_conf) wo_site_nginx_conf.close() except IOError as e: Log.debug(self, "{0}".format(e)) @@ -133,7 +134,7 @@ def setupdomain(self, data): finally: # TODO Check if directories are setup if (os.path.exists('{0}/htdocs'.format(wo_site_webroot)) and - os.path.exists('{0}/logs'.format(wo_site_webroot))): + os.path.exists('{0}/logs'.format(wo_site_webroot))): Log.info(self, "[" + Log.ENDC + "Done" + Log.OKBLUE + "]") else: Log.info(self, "[" + Log.ENDC + "Fail" + Log.OKBLUE + "]") @@ -143,7 +144,7 @@ def setupdomain(self, data): def setupdatabase(self, data): wo_domain_name = data['site_name'] wo_random = (''.join(random.sample(string.ascii_uppercase + - string.ascii_lowercase + string.digits, 15))) + string.ascii_lowercase + string.digits, 15))) wo_replace_dot = wo_domain_name.replace('.', '_') prompt_dbname = self.app.config.get('mysql', 'db-name') prompt_dbuser = self.app.config.get('mysql', 'db-user') @@ -244,7 +245,7 @@ def setupwordpress(self, data): wo_wp_email = self.app.config.get('wordpress', 'email') # Random characters wo_random = (''.join(random.sample(string.ascii_uppercase + - string.ascii_lowercase + string.digits, 15))) + string.ascii_lowercase + string.digits, 15))) wo_wp_prefix = '' # wo_wp_user = '' # wo_wp_pass = '' @@ -260,10 +261,11 @@ def setupwordpress(self, data): WOFileUtils.chdir(self, '{0}/htdocs/'.format(wo_site_webroot)) try: if WOShellExec.cmd_exec(self, "wp --allow-root core" - " download"): + " download"): pass else: - Log.info(self, "[" + Log.ENDC + Log.FAIL + "Fail" + Log.OKBLUE + "]") + Log.info(self, "[" + Log.ENDC + Log.FAIL + + "Fail" + Log.OKBLUE + "]") raise SiteError("download WordPress core failed") except CommandExecutionError as e: Log.info(self, "[" + Log.ENDC + Log.FAIL + "Fail" + Log.OKBLUE + "]") @@ -312,8 +314,8 @@ def setupwordpress(self, data): + "--dbname=\'{0}\' --dbprefix=\'{1}\' " "--dbuser=\'{2}\' --dbhost=\'{3}\' " .format(data['wo_db_name'], wo_wp_prefix, - data['wo_db_user'], data['wo_db_host'] - ) + data['wo_db_user'], data['wo_db_host'] + ) + "--dbpass=\'{0}\' " "--extra-php< 1 or len(cachelist) > 1: if len(cachelist) > 1: - raise RuntimeError("Could not determine cache type.Multiple cache parameter entered") - elif False not in [x in ('php','mysql','html') for x in typelist]: + raise RuntimeError( + "Could not determine cache type.Multiple cache parameter entered") + elif False not in [x in ('php', 'mysql', 'html') for x in typelist]: sitetype = 'mysql' if not cachelist: cachetype = 'basic' else: cachetype = cachelist[0] - elif False not in [x in ('php73','mysql','html') for x in typelist]: + elif False not in [x in ('php73', 'mysql', 'html') for x in typelist]: sitetype = 'mysql' if not cachelist: cachetype = 'basic' else: cachetype = cachelist[0] - elif False not in [x in ('php','mysql') for x in typelist]: + elif False not in [x in ('php', 'mysql') for x in typelist]: sitetype = 'mysql' if not cachelist: cachetype = 'basic' else: cachetype = cachelist[0] - elif False not in [x in ('php73','mysql') for x in typelist]: + elif False not in [x in ('php73', 'mysql') for x in typelist]: sitetype = 'mysql' if not cachelist: cachetype = 'basic' else: cachetype = cachelist[0] - elif False not in [x in ('html','mysql') for x in typelist]: + elif False not in [x in ('html', 'mysql') for x in typelist]: sitetype = 'mysql' if not cachelist: cachetype = 'basic' else: cachetype = cachelist[0] - elif False not in [x in ('php','html') for x in typelist]: + elif False not in [x in ('php', 'html') for x in typelist]: sitetype = 'php' if not cachelist: cachetype = 'basic' else: cachetype = cachelist[0] - elif False not in [x in ('php73','html') for x in typelist]: + elif False not in [x in ('php73', 'html') for x in typelist]: sitetype = 'php73' if not cachelist: cachetype = 'basic' else: cachetype = cachelist[0] - elif False not in [x in ('wp','wpsubdir') for x in typelist]: + elif False not in [x in ('wp', 'wpsubdir') for x in typelist]: sitetype = 'wpsubdir' if not cachelist: cachetype = 'basic' else: cachetype = cachelist[0] - elif False not in [x in ('wp','wpsubdomain') for x in typelist]: + elif False not in [x in ('wp', 'wpsubdomain') for x in typelist]: sitetype = 'wpsubdomain' if not cachelist: cachetype = 'basic' else: cachetype = cachelist[0] - elif False not in [x in ('wp','php73') for x in typelist]: + elif False not in [x in ('wp', 'php73') for x in typelist]: sitetype = 'wp' if not cachelist: cachetype = 'basic' else: cachetype = cachelist[0] - elif False not in [x in ('wpsubdir','php73') for x in typelist]: + elif False not in [x in ('wpsubdir', 'php73') for x in typelist]: sitetype = 'wpsubdir' if not cachelist: cachetype = 'basic' else: cachetype = cachelist[0] - elif False not in [x in ('wpsubdomain','php73') for x in typelist]: + elif False not in [x in ('wpsubdomain', 'php73') for x in typelist]: sitetype = 'wpsubdomain' if not cachelist: cachetype = 'basic' @@ -1136,7 +1149,7 @@ def detSitePar(opts): def generate_random(): wo_random10 = (''.join(random.sample(string.ascii_uppercase + - string.ascii_lowercase + string.digits, 10))) + string.ascii_lowercase + string.digits, 10))) return wo_random10 @@ -1180,7 +1193,7 @@ def deleteWebRoot(self, webroot): # do some preprocessing before proceeding webroot = webroot.strip() if (webroot == "/var/www/" or webroot == "/var/www" - or webroot == "/var/www/.." or webroot == "/var/www/."): + or webroot == "/var/www/.." or webroot == "/var/www/."): Log.debug(self, "Tried to remove {0}, but didn't remove it" .format(webroot)) return False @@ -1197,15 +1210,15 @@ def deleteWebRoot(self, webroot): def removeNginxConf(self, domain): if os.path.isfile('/etc/nginx/sites-available/{0}' .format(domain)): - Log.debug(self, "Removing Nginx configuration") - WOFileUtils.rm(self, '/etc/nginx/sites-enabled/{0}' - .format(domain)) - WOFileUtils.rm(self, '/etc/nginx/sites-available/{0}' - .format(domain)) - WOService.reload_service(self, 'nginx') - WOGit.add(self, ["/etc/nginx"], - msg="Deleted {0} " - .format(domain)) + Log.debug(self, "Removing Nginx configuration") + WOFileUtils.rm(self, '/etc/nginx/sites-enabled/{0}' + .format(domain)) + WOFileUtils.rm(self, '/etc/nginx/sites-available/{0}' + .format(domain)) + WOService.reload_service(self, 'nginx') + WOGit.add(self, ["/etc/nginx"], + msg="Deleted {0} " + .format(domain)) def doCleanupAction(self, domain='', webroot='', dbname='', dbuser='', @@ -1229,50 +1242,100 @@ def doCleanupAction(self, domain='', webroot='', dbname='', dbuser='', raise SiteError("dbhost not provided") deleteDB(self, dbname, dbuser, dbhost) + def setupLetsEncrypt(self, wo_domain_name): wo_wp_email = WOVariables.wo_email - if os.path.isfile("/etc/letsencrypt/renewal/{0}.conf".format(wo_domain_name)): + if os.path.isfile("/root/.acme.sh/{0}_ecc/{0}.conf".format(wo_domain_name)): Log.debug(self, "Let's Encrypt certificate found for the domain: {0}" - .format(wo_domain_name)) - ssl= archivedCertificateHandle(self,wo_domain_name,wo_wp_email) + .format(wo_domain_name)) + ssl = archivedCertificateHandle(self, wo_domain_name, wo_wp_email) else: - Log.warn(self,"Please wait while we fetch the new HTTPS certificate for your site.\nIt may take a few minutes depending on the network.") - ssl = WOShellExec.cmd_exec(self, "/usr/local/bin/wo-acme -s {0} --standalone " - .format(wo_domain_name)) + Log.warn(self, "Please wait while we fetch the new HTTPS certificate for your site.\nIt may take a few minutes depending on the network.") + ssl = WOShellExec.cmd_exec(self, "/usr/local/bin/wo-acme -d {0} -d www.{0} --standalone" + .format(wo_domain_name)) if ssl: Log.info(self, "The HTTPS setup for your website is successfully completed!") Log.info(self, "Your certificate and chain have been saved in " - "/etc/letsencrypt/live/{0}/fullchain.pem".format(wo_domain_name)) + "/etc/letsencrypt/live/{0}/fullchain.pem".format(wo_domain_name)) Log.info(self, "Configuring nginx HTTPS configuration") try: - Log.info(self, "Adding /var/www/{0}/conf/nginx/ssl.conf".format(wo_domain_name)) + Log.info( + self, "Adding /var/www/{0}/conf/nginx/ssl.conf".format(wo_domain_name)) sslconf = open("/var/www/{0}/conf/nginx/ssl.conf" - .format(wo_domain_name), - encoding='utf-8', mode='w') + .format(wo_domain_name), + encoding='utf-8', mode='w') sslconf.write("listen 443 ssl http2;\n" - "ssl on;\n" - "ssl_certificate /etc/letsencrypt/live/{0}/fullchain.pem;\n" - "ssl_certificate_key /etc/letsencrypt/live/{0}/key.pem;\n" - .format(wo_domain_name)) + "listen [::]:443 ssl http2;\n" + "ssl on;\n" + "ssl_certificate /etc/letsencrypt/live/{0}/fullchain.pem;\n" + "ssl_certificate_key /etc/letsencrypt/live/{0}/key.pem;\n" + .format(wo_domain_name)) sslconf.close() # updateSiteInfo(self, wo_domain_name, ssl=True) WOGit.add(self, ["/etc/letsencrypt"], - msg="Adding letsencrypt folder") + msg="Adding letsencrypt folder") except IOError as e: Log.debug(self, str(e)) Log.debug(self, "Error occured while generating " - "ssl.conf") + "ssl.conf") else: Log.error(self, "Unable to setup, Let\'s Encrypt", False) Log.error(self, "Please make sure that your site is pointed to \n" "same server on which you are running Let\'s Encrypt Client " "\n to allow it to verify the site automatically.") + +def setupLetsEncryptSubdomain(self, wo_domain_name): + wo_wp_email = WOVariables.wo_email + + if os.path.isfile("/root/.acme.sh/{0}_ecc/{0}.conf".format(wo_domain_name)): + Log.debug(self, "Let's Encrypt certificate found for the domain: {0}" + .format(wo_domain_name)) + else: + Log.warn(self, "Please wait while we fetch the new HTTPS certificate for your site.\nIt may take a few minutes depending on the network.") + ssl = WOShellExec.cmd_exec(self, "/usr/local/bin/wo-acme -s {0} --standalone" + .format(wo_domain_name)) + if ssl: + Log.info(self, "The HTTPS setup for your website is successfully completed!") + Log.info(self, "Your certificate and chain have been saved in " + "/etc/letsencrypt/live/{0}/fullchain.pem".format(wo_domain_name)) + Log.info(self, "Configuring nginx HTTPS configuration") + + try: + Log.info( + self, "Adding /var/www/{0}/conf/nginx/ssl.conf".format(wo_domain_name)) + + sslconf = open("/var/www/{0}/conf/nginx/ssl.conf" + .format(wo_domain_name), + encoding='utf-8', mode='w') + sslconf.write("listen 443 ssl http2;\n" + "listen [::]:443 ssl http2;\n" + "ssl on;\n" + "ssl_certificate /etc/letsencrypt/live/{0}/fullchain.pem;\n" + "ssl_certificate_key /etc/letsencrypt/live/{0}/key.pem;\n" + .format(wo_domain_name)) + sslconf.close() + # updateSiteInfo(self, wo_domain_name, ssl=True) + + WOGit.add(self, ["/etc/letsencrypt"], + msg="Adding letsencrypt folder") + + except IOError as e: + Log.debug(self, str(e)) + Log.debug(self, "Error occured while generating " + "ssl.conf") + else: + Log.error(self, "Unable to setup, Let\'s Encrypt", False) + Log.error(self, "Please make sure that your site is pointed to \n" + "same server on which you are running Let\'s Encrypt Client " + "\n to allow it to verify the site automatically.") + + def renewLetsEncrypt(self, wo_domain_name): wo_wp_email = WOVariables.wo_email @@ -1285,108 +1348,117 @@ def renewLetsEncrypt(self, wo_domain_name): Log.info(self, "Renewing SSl cert for https://{0}".format(wo_domain_name)) - ssl = WOShellExec.cmd_exec(self, "/usr/local/bin/wo-acme -s {0} --standalone".format(wo_domain_name)) + ssl = WOShellExec.cmd_exec( + self, "/usr/local/bin/wo-acme -s {0} --standalone".format(wo_domain_name)) mail_list = '' if not ssl: - Log.error(self,"ERROR : Let's Encrypt certificate renewal FAILED!",False) - if (SSL.getExpirationDays(self,wo_domain_name)>0): - Log.error(self, "Your current certificate will expire within " + str(SSL.getExpirationDays(self,wo_domain_name)) + " days.",False) + Log.error(self, "ERROR : Let's Encrypt certificate renewal FAILED!", False) + if (SSL.getExpirationDays(self, wo_domain_name) > 0): + Log.error(self, "Your current certificate will expire within " + + str(SSL.getExpirationDays(self, wo_domain_name)) + " days.", False) else: - Log.error(self, "Your current certificate already expired!",False) + Log.error(self, "Your current certificate already expired!", False) WOSendMail("wordops@{0}".format(wo_domain_name), wo_wp_email, "[FAIL] HTTPS cert renewal {0}".format(wo_domain_name), - "Hi,\n\nHTTPS certificate renewal for https://{0} was unsuccessful.".format(wo_domain_name) + - "\nPlease check the WordOps log for reason. The current expiry date is : " + - str(SSL.getExpirationDate(self,wo_domain_name)) + - "\n\nFor support visit https://wordops.org/support .\n\nBest regards,\nYour WordOps Worker",files=mail_list, - port=25, isTls=False) + "Hi,\n\nHTTPS certificate renewal for https://{0} was unsuccessful.".format(wo_domain_name) + + "\nPlease check the WordOps log for reason. The current expiry date is : " + + str(SSL.getExpirationDate(self, wo_domain_name)) + + "\n\nFor support visit https://wordops.org/support .\n\nBest regards,\nYour WordOps Worker", files=mail_list, + port=25, isTls=False) Log.error(self, "Check the WO log for more details " - "`tail /var/log/wo/wordops.log`") + "`tail /var/log/wo/wordops.log`") WOGit.add(self, ["/etc/letsencrypt"], msg="Adding letsencrypt folder") WOSendMail("wordops@{0}".format(wo_domain_name), wo_wp_email, "[SUCCESS] Let's Encrypt certificate renewal {0}".format(wo_domain_name), - "Hi,\n\nYour Let's Encrypt certificate has been renewed for https://{0} .".format(wo_domain_name) + - "\nYour new certificate will expire on : " + - str(SSL.getExpirationDate(self,wo_domain_name)) + - "\n\nBest regards,\nYour WordOps Worker",files=mail_list, - port=25, isTls=False) + "Hi,\n\nYour Let's Encrypt certificate has been renewed for https://{0} .".format(wo_domain_name) + + "\nYour new certificate will expire on : " + + str(SSL.getExpirationDate(self, wo_domain_name)) + + "\n\nBest regards,\nYour WordOps Worker", files=mail_list, + port=25, isTls=False) -#redirect= False to disable https redirection -def httpsRedirect(self,wo_domain_name,redirect=True): +# redirect= False to disable https redirection + + +def httpsRedirect(self, wo_domain_name, redirect=True): if redirect: if os.path.isfile("/etc/nginx/conf.d/force-ssl-{0}.conf.disabled".format(wo_domain_name)): - WOFileUtils.mvfile(self, "/etc/nginx/conf.d/force-ssl-{0}.conf.disabled".format(wo_domain_name), - "/etc/nginx/conf.d/force-ssl-{0}.conf".format(wo_domain_name)) + WOFileUtils.mvfile(self, "/etc/nginx/conf.d/force-ssl-{0}.conf.disabled".format(wo_domain_name), + "/etc/nginx/conf.d/force-ssl-{0}.conf".format(wo_domain_name)) else: try: - Log.info(self, "Adding /etc/nginx/conf.d/force-ssl-{0}.conf".format(wo_domain_name)) + Log.info( + self, "Adding /etc/nginx/conf.d/force-ssl-{0}.conf".format(wo_domain_name)) sslconf = open("/etc/nginx/conf.d/force-ssl-{0}.conf" - .format(wo_domain_name), - encoding='utf-8', mode='w') + .format(wo_domain_name), + encoding='utf-8', mode='w') sslconf.write("server {\n" - "\tlisten 80;\n" + - "\tserver_name www.{0} {0};\n".format(wo_domain_name) + - "\treturn 301 https://{0}".format(wo_domain_name)+"$request_uri;\n}" ) + "\tlisten 80;\n" + + "\tlisten [::]:80;\n" + + "\tserver_name www.{0} {0};\n".format(wo_domain_name) + + "\treturn 301 https://{0}".format(wo_domain_name)+"$request_uri;\n}") sslconf.close() # Nginx Configation into GIT except IOError as e: Log.debug(self, str(e)) Log.debug(self, "Error occured while generating " - "/etc/nginx/conf.d/force-ssl-{0}.conf".format(wo_domain_name)) + "/etc/nginx/conf.d/force-ssl-{0}.conf".format(wo_domain_name)) Log.info(self, "Added HTTPS Force Redirection for Site " - " http://{0}".format(wo_domain_name)) + " http://{0}".format(wo_domain_name)) WOGit.add(self, ["/etc/nginx"], msg="Adding /etc/nginx/conf.d/force-ssl-{0}.conf".format(wo_domain_name)) else: if os.path.isfile("/etc/nginx/conf.d/force-ssl-{0}.conf".format(wo_domain_name)): - WOFileUtils.mvfile(self, "/etc/nginx/conf.d/force-ssl-{0}.conf".format(wo_domain_name), - "/etc/nginx/conf.d/force-ssl-{0}.conf.disabled".format(wo_domain_name)) - Log.info(self, "Disabled HTTPS Force Redirection for Site " - " http://{0}".format(wo_domain_name)) + WOFileUtils.mvfile(self, "/etc/nginx/conf.d/force-ssl-{0}.conf".format(wo_domain_name), + "/etc/nginx/conf.d/force-ssl-{0}.conf.disabled".format(wo_domain_name)) + Log.info(self, "Disabled HTTPS Force Redirection for Site " + " http://{0}".format(wo_domain_name)) -def archivedCertificateHandle(self,domain,wo_wp_email): - Log.warn(self,"You already have an existing certificate for the domain requested.\n" - "(ref: /etc/letsencrypt/renewal/{0}.conf)".format(domain) + - "\nPlease select an option from below?" - "\n\t1: Reinstall existing certificate" - "\n\t2: Keep the existing certificate for now" - "\n\t3: Renew & replace the certificate (limit ~5 per 7 days)" - "") - check_prompt = input("\nType the appropriate number [1-3] or any other key to cancel: ") + +def archivedCertificateHandle(self, domain, wo_wp_email): + Log.warn(self, "You already have an existing certificate for the domain requested.\n" + "(ref: /etc/letsencrypt/renewal/{0}.conf)".format(domain) + + "\nPlease select an option from below?" + "\n\t1: Reinstall existing certificate" + "\n\t2: Keep the existing certificate for now" + "\n\t3: Renew & replace the certificate (limit ~5 per 7 days)" + "") + check_prompt = input( + "\nType the appropriate number [1-3] or any other key to cancel: ") if not os.path.isfile("/etc/letsencrypt/live/{0}/cert.pem".format(domain)): - Log.error(self,"/etc/letsencrypt/live/{0}/cert.pem file is missing.".format(domain)) + Log.error( + self, "/etc/letsencrypt/live/{0}/cert.pem file is missing.".format(domain)) if check_prompt == "1": - Log.info(self,"Please wait while we reinstall the Let's Encrypt certificate for your site.\nIt may take a few minutes depending on your network.") + Log.info(self, "Please wait while we reinstall the Let's Encrypt certificate for your site.\nIt may take a few minutes depending on your network.") ssl = WOShellExec.cmd_exec(self, "./letsencrypt-auto certonly --rsa-key-size 4096 --reinstall --webroot -w /var/www/{0}/htdocs/ -d {0} -d www.{0} " - .format(domain) - + "--email {0} --text --agree-tos".format(wo_wp_email)) - elif check_prompt == "2" : - Log.info(self,"Using Existing Certificate files") + .format(domain) + + "--email {0} --text --agree-tos".format(wo_wp_email)) + elif check_prompt == "2": + Log.info(self, "Using Existing Certificate files") if not (os.path.isfile("/etc/letsencrypt/live/{0}/fullchain.pem".format(domain)) or - os.path.isfile("/etc/letsencrypt/live/{0}/key.pem".format(domain))): - Log.error(self,"Certificate files not found. Skipping.\n" - "Please check if following file exist\n\t/etc/letsencrypt/live/{0}/fullchain.pem\n\t" - "/etc/letsencrypt/live/{0}/key.pem".format(domain)) + os.path.isfile("/etc/letsencrypt/live/{0}/key.pem".format(domain))): + Log.error(self, "Certificate files not found. Skipping.\n" + "Please check if following file exist\n\t/etc/letsencrypt/live/{0}/fullchain.pem\n\t" + "/etc/letsencrypt/live/{0}/key.pem".format(domain)) ssl = True elif check_prompt == "3": - Log.info(self,"Please wait while we renew the Let's Encrypt certificate for your site.\nIt may take a few minutes depending on your network.") + Log.info(self, "Please wait while we renew the Let's Encrypt certificate for your site.\nIt may take a few minutes depending on your network.") ssl = WOShellExec.cmd_exec(self, "./letsencrypt-auto --renew-by-default --rsa-key-size 4096 certonly --webroot -w /var/www/{0}/htdocs/ -d {0} -d www.{0} " - .format(domain) - + "--email {0} --text --agree-tos".format(wo_wp_email)) + .format(domain) + + "--email {0} --text --agree-tos".format(wo_wp_email)) else: - Log.error(self,"Operation cancelled by user.") + Log.error(self, "Operation cancelled by user.") if os.path.isfile("{0}/conf/nginx/ssl.conf" - .format(domain)): + .format(domain)): Log.info(self, "Existing ssl.conf . Backing it up ..") WOFileUtils.mvfile(self, "/var/www/{0}/conf/nginx/ssl.conf" - .format(domain), - '/var/www/{0}/conf/nginx/ssl.conf.bak' - .format(domain)) + .format(domain), + '/var/www/{0}/conf/nginx/ssl.conf.bak' + .format(domain)) return ssl