From 80df8b7e2fe1ee29a20dc44b74f35f0d3ae74660 Mon Sep 17 00:00:00 2001 From: VirtuBox Date: Fri, 6 Sep 2019 16:13:46 +0200 Subject: [PATCH] Simplify proftpd setup --- wo/cli/plugins/stack_pref.py | 26 ++------------------------ wo/core/sslutils.py | 19 +++++++------------ 2 files changed, 9 insertions(+), 36 deletions(-) diff --git a/wo/cli/plugins/stack_pref.py b/wo/cli/plugins/stack_pref.py index fd9f4af..7488f70 100644 --- a/wo/cli/plugins/stack_pref.py +++ b/wo/cli/plugins/stack_pref.py @@ -433,8 +433,7 @@ def post_pref(self, apt_packages, packages, upgrade=False): ) if (not os.path.isfile('{0}22222/cert/22222.key' .format(ngxroot))): - SSL.selfsignedcert(self, 'localhost', - '', backend=True) + SSL.selfsignedcert(self, proftpd=False, backend=True) if not os.path.isfile('{0}22222/conf/nginx/ssl.conf' .format(ngxroot)): @@ -936,28 +935,7 @@ def post_pref(self, apt_packages, packages, upgrade=False): # proftpd TLS configuration if not os.path.isdir("/etc/proftpd/ssl"): WOFileUtils.mkdir(self, "/etc/proftpd/ssl") - - try: - WOShellExec.cmd_exec(self, "openssl genrsa -out " - "/etc/proftpd/ssl/proftpd.key 2048") - WOShellExec.cmd_exec(self, "openssl req -new -batch " - "-subj /commonName=localhost/ " - "-key /etc/proftpd/ssl/proftpd.key " - "-out /etc/proftpd/ssl/proftpd.csr") - WOFileUtils.mvfile(self, "/etc/proftpd/ssl/proftpd.key", - "/etc/proftpd/ssl/proftpd.key.org") - WOShellExec.cmd_exec(self, "openssl rsa -in " - "/etc/proftpd/ssl/proftpd.key.org " - "-out /etc/proftpd/ssl/proftpd.key") - WOShellExec.cmd_exec(self, "openssl x509 -req -days " - "3652 -in /etc/proftpd/ssl/proftpd.csr " - "-signkey /etc/proftpd/ssl/proftpd.key " - " -out /etc/proftpd/ssl/proftpd.crt") - except CommandExecutionError as e: - Log.debug(self, "{0}".format(e)) - Log.error( - self, "Failed to generate SSL " - "certificate for Proftpd") + SSL.selfsignedcert(self, proftpd=True, backend=False) WOFileUtils.chmod(self, "/etc/proftpd/ssl/proftpd.key", 0o700) WOFileUtils.chmod(self, "/etc/proftpd/ssl/proftpd.crt", 0o700) data = dict() diff --git a/wo/core/sslutils.py b/wo/core/sslutils.py index 3e6dbf9..b04745f 100644 --- a/wo/core/sslutils.py +++ b/wo/core/sslutils.py @@ -135,16 +135,13 @@ class SSL: hstsconf.close() return 0 - def selfsignedcert(self, wo_domain_name, - cert_path, backend=False): + def selfsignedcert(self, proftpd=False, backend=False): """issue a self-signed certificate""" selfs_tmp = '/var/lib/wo/tmp/selfssl' # create self-signed tmp directory if not os.path.isdir(selfs_tmp): WOFileUtils.mkdir(self, selfs_tmp) - if wo_domain_name == '': - wo_domain_name = 'localhost' try: WOShellExec.cmd_exec( self, "openssl genrsa -out " @@ -152,9 +149,9 @@ class SSL: .format(selfs_tmp)) WOShellExec.cmd_exec( self, "openssl req -new -batch " - "-subj /commonName={0}/ " - "-key {1}/ssl.key -out {1}/ssl.csr" - .format(wo_domain_name, selfs_tmp)) + "-subj /commonName=localhost/ " + "-key {0}/ssl.key -out {0}/ssl.csr" + .format(selfs_tmp)) WOFileUtils.mvfile( self, "{0}/ssl.key" @@ -188,16 +185,14 @@ class SSL: self, "{0}/ssl.crt" .format(selfs_tmp), "/var/www/22222/cert/22222.crt") - else: - if not os.path.isdir(cert_path): - WOFileUtils.mkdir(self, cert_path) + if proftpd: WOFileUtils.mvfile( self, "{0}/ssl.key" .format(selfs_tmp), - "{0}/key.pem".format(cert_path)) + "/etc/proftpd/ssl/proftpd.key") WOFileUtils.mvfile( self, "{0}/ssl.crt" .format(selfs_tmp), - "{0}/cert.pem".format(cert_path)) + "/etc/proftpd/ssl/proftpd.crt") # remove self-signed tmp directory WOFileUtils.rm(self, selfs_tmp)