diff --git a/wo/cli/ext/wo_outputhandler.py b/wo/cli/ext/wo_outputhandler.py index c472420..47a92f8 100644 --- a/wo/cli/ext/wo_outputhandler.py +++ b/wo/cli/ext/wo_outputhandler.py @@ -19,3 +19,4 @@ class WOOutputHandler(MustacheOutputHandler): return open(full_path, encoding='utf-8', mode='r').read() else: continue + return 1 diff --git a/wo/cli/plugins/site.py b/wo/cli/plugins/site.py index b5ab0a2..7a2be55 100644 --- a/wo/cli/plugins/site.py +++ b/wo/cli/plugins/site.py @@ -1069,23 +1069,39 @@ class WOSiteUpdateController(CementBaseController): else: Log.error(self, 'ngxblocker stack is not installed') elif pargs.ngxblocker == "off": - if os.path.isfile( - '/var/www/{0}/conf/nginx/ngxblocker.conf' - .format(wo_domain)): - WOFileUtils.mvfile(self, '/var/www/{0}/conf/' - 'nginx/ngxblocker.conf' - .format(wo_domain), - '/var/www/{0}/conf/' - 'nginx/ngxblocker.conf.disabled' - .format(wo_domain)) - else: - Log.error(self, "ngxblocker isn't enabled") + try: + setupngxblocker(self, wo_domain, False) + except SiteError as e: + Log.debug(self, str(e)) + Log.info(self, "\nngxblocker not enabled.") # Service Nginx Reload if not WOService.reload_service(self, 'nginx'): Log.error(self, "service nginx reload failed. " "check issues with `nginx -t` command") return 0 + # + if (pargs.letsencrypt == 'renew' and + not (pargs.html or + pargs.php or pargs.php73 or pargs.mysql or + pargs.wp or pargs.wpfc or pargs.wpsc or + pargs.wprocket or pargs.wpce or + pargs.wpsubdir or pargs.wpsubdomain or + pargs.ngxblocker or pargs.hsts)): + + if WOAcme.cert_check(self, wo_domain): + if not pargs.force: + if (SSL.getexpirationdays(self, wo_domain) > 45): + Log.error( + self, + 'Your certificate expire in more than 45 days.\n' + 'Add \'--force\' to force to renew') + Log.wait(self, "Renewing SSL certificate") + if WOAcme.renew(self, wo_domain): + Log.valide(self, "Renewing SSL certificate") + else: + Log.error(self, "Certificate doesn't exist") + return 0 if ((stype == 'php' and oldsitetype not in ['html', 'proxy', 'php73']) or @@ -1281,10 +1297,10 @@ class WOSiteUpdateController(CementBaseController): if not (acme_subdomain is True): if letsencrypt is check_ssl: if letsencrypt is False: - Log.error(self, "SSl is not configured for given " + Log.error(self, "SSL is not configured for given " "site") elif letsencrypt is True: - Log.error(self, "SSl is already configured for given " + Log.error(self, "SSL is already configured for given " "site") pargs.letsencrypt = False diff --git a/wo/cli/plugins/site_functions.py b/wo/cli/plugins/site_functions.py index d0924e0..d40bf6e 100644 --- a/wo/cli/plugins/site_functions.py +++ b/wo/cli/plugins/site_functions.py @@ -1554,19 +1554,31 @@ def setuprocketchat(self): def setupngxblocker(self, domain, block=True): - if os.path.isdir('/var/www/{0}/conf/nginx'.format(domain)): - if not os.path.isfile('/var/www/{0}/conf/nginx/ngxblocker.disabled' - .format(domain)): - ngxconf = open("/var/www/{0}/conf/nginx/ngxblocker.conf" - .format(domain), - encoding='utf-8', mode='w') - ngxconf.write("# Bad Bot Blocker\n" - "include /etc/nginx/bots.d/ddos.conf;\n" - "include /etc/nginx/bots.d/blockbots.conf;\n") - ngxconf.close() - else: + if block: + if os.path.isdir('/var/www/{0}/conf/nginx'.format(domain)): + if not os.path.isfile( + '/var/www/{0}/conf/nginx/ngxblocker.conf.disabled' + .format(domain)): + ngxconf = open( + "/var/www/{0}/conf/nginx/ngxblocker.conf" + .format(domain), + encoding='utf-8', mode='w') + ngxconf.write( + "# Bad Bot Blocker\n" + "include /etc/nginx/bots.d/ddos.conf;\n" + "include /etc/nginx/bots.d/blockbots.conf;\n") + ngxconf.close() + else: + WOFileUtils.mvfile( + self, '/var/www/{0}/conf/nginx/ngxblocker.conf.disabled' + .format(domain), '/var/www/{0}/conf/nginx/ngxblocker.conf' + .format(domain)) + else: + if os.path.isfile('/var/www/{0}/conf/nginx/ngxblocker.conf' + .format(domain)): WOFileUtils.mvfile( - self, '/var/www/{0}/conf/nginx/ngxblocker.disabled' - .format(domain), '/var/www/{0}/conf/nginx/ngxblocker' + self, '/var/www/{0}/conf/nginx/ngxblocker.conf' + .format(domain), + '/var/www/{0}/conf/nginx/ngxblocker.conf.disabled' .format(domain)) return 0 diff --git a/wo/core/acme.py b/wo/core/acme.py index 5b76eb5..8196238 100644 --- a/wo/core/acme.py +++ b/wo/core/acme.py @@ -132,6 +132,17 @@ class WOAcme: "ssl.conf") return 0 + def renew(self, domain): + """Renew letsencrypt certificate with acme.sh""" + try: + WOShellExec.cmd_exec( + self, "{0} ".format(WOAcme.wo_acme_exec) + + "--renew -d {0} --ecc --force".format(domain)) + except CommandExecutionError as e: + Log.debug(self, str(e)) + Log.error(self, 'Unable to renew certificate') + return True + def check_dns(self, acme_domains): """Check if a list of domains point to the server IP""" server_ip = requests.get('http://v4.wordops.eu/').text diff --git a/wo/core/logging.py b/wo/core/logging.py index 8e034f7..bb6cbda 100644 --- a/wo/core/logging.py +++ b/wo/core/logging.py @@ -44,7 +44,7 @@ class Log: """ Logs debug messages into log file """ - self.app.log.debug(Log.HEADER + msg + Log.ENDC + __name__) + self.app.log.debug(Log.HEADER + msg + Log.ENDC) def wait(self, msg, end='\r', log=True): """