From d73adafc228318b62a1c9cbc96874bb1b260dcb4 Mon Sep 17 00:00:00 2001
From: VirtuBox <thomas@virtubox.net>
Date: Sun, 14 Jul 2019 11:49:21 +0200
Subject: [PATCH] Implement DNS API with Letsencrypt

---
 wo/cli/plugins/maintenance.py    | 105 +++++++++++++++----------------
 wo/cli/plugins/site.py           |   9 ++-
 wo/cli/plugins/site_functions.py |  10 +--
 3 files changed, 64 insertions(+), 60 deletions(-)

diff --git a/wo/cli/plugins/maintenance.py b/wo/cli/plugins/maintenance.py
index adf945c..cdbbd14 100644
--- a/wo/cli/plugins/maintenance.py
+++ b/wo/cli/plugins/maintenance.py
@@ -1,53 +1,52 @@
-"""Maintenance Plugin for WordOps"""
-
-from cement.core.controller import CementBaseController, expose
-from cement.core import handler, hook
-from wo.core.logging import Log
-from wo.core.variables import WOVariables
-from wo.core.aptget import WOAptGet
-from wo.core.apt_repo import WORepo
-from wo.core.services import WOService
-from wo.core.shellexec import WOShellExec
-
-
-
-def wo_maintenance_hook(app):
-    pass
-
-
-class WOMaintenanceController(CementBaseController):
-    class Meta:
-        label = 'maintenance'
-        stacked_on = 'base'
-        stacked_type = 'nested'
-        description = ('update server packages to latest version')
-        usage = "wo maintenance"
-
-    @expose(hide=True)
-    def default(self):
-
-        try:
-            Log.info(self, "updating apt-cache, please wait...")
-            WOShellExec.cmd_exec(self, "apt-get update")
-            Log.info(self, "updating packages, please wait...")
-            WOShellExec.cmd_exec(self,  "DEBIAN_FRONTEND=noninteractive "
-                                 "apt-get -o "
-                                 "Dpkg::Options::='--force-confmiss' "
-                                 "-o Dpkg::Options::='--force-confold' "
-                                 "-y dist-upgrade")
-            Log.info(self, "cleaning-up packages, please wait...")
-            WOShellExec.cmd_exec(self, "apt-get -y --purge autoremove")
-            WOShellExec.cmd_exec(self, "apt-get -y autoclean")
-        except OSError as e:
-            Log.debug(self, str(e))
-            Log.error(self, "Package updates failed !")
-        except Exception as e:
-            Log.debug(self, str(e))
-            Log.error(self, "Packages updates failed !")
-
-
-def load(app):
-    # register the plugin class.. this only happens if the plugin is enabled
-    handler.register(WOMaintenanceController)
-    # register a hook (function) to run after arguments are parsed.
-    hook.register('post_argument_parsing', wo_maintenance_hook)
+"""Maintenance Plugin for WordOps"""
+
+from cement.core.controller import CementBaseController, expose
+from cement.core import handler, hook
+from wo.core.logging import Log
+from wo.core.variables import WOVariables
+from wo.core.aptget import WOAptGet
+from wo.core.apt_repo import WORepo
+from wo.core.services import WOService
+from wo.core.shellexec import WOShellExec
+
+
+def wo_maintenance_hook(app):
+    pass
+
+
+class WOMaintenanceController(CementBaseController):
+    class Meta:
+        label = 'maintenance'
+        stacked_on = 'base'
+        stacked_type = 'nested'
+        description = ('update server packages to latest version')
+        usage = "wo maintenance"
+
+    @expose(hide=True)
+    def default(self):
+
+        try:
+            Log.info(self, "updating apt-cache, please wait...")
+            WOShellExec.cmd_exec(self, "apt-get update")
+            Log.info(self, "updating packages, please wait...")
+            WOShellExec.cmd_exec(self,  "DEBIAN_FRONTEND=noninteractive "
+                                 "apt-get -o "
+                                 "Dpkg::Options::='--force-confmiss' "
+                                 "-o Dpkg::Options::='--force-confold' "
+                                 "-y dist-upgrade")
+            Log.info(self, "cleaning-up packages, please wait...")
+            WOShellExec.cmd_exec(self, "apt-get -y --purge autoremove")
+            WOShellExec.cmd_exec(self, "apt-get -y autoclean")
+        except OSError as e:
+            Log.debug(self, str(e))
+            Log.error(self, "Package updates failed !")
+        except Exception as e:
+            Log.debug(self, str(e))
+            Log.error(self, "Packages updates failed !")
+
+
+def load(app):
+    # register the plugin class.. this only happens if the plugin is enabled
+    handler.register(WOMaintenanceController)
+    # register a hook (function) to run after arguments are parsed.
+    hook.register('post_argument_parsing', wo_maintenance_hook)
diff --git a/wo/cli/plugins/site.py b/wo/cli/plugins/site.py
index afbf507..492a646 100644
--- a/wo/cli/plugins/site.py
+++ b/wo/cli/plugins/site.py
@@ -812,7 +812,6 @@ class WOSiteUpdateController(CementBaseController):
             (['--dns'],
                 dict(help="choose dns provider api for letsencrypt",
                      action='store' or 'store_const',
-                     choices=('cf', 'do'),
                      const='cf', nargs='?')),
             (['--hsts'],
                 dict(help="configure hsts for the site",
@@ -941,6 +940,11 @@ class WOSiteUpdateController(CementBaseController):
             except SiteError as e:
                 Log.debug(self, str(e))
                 Log.info(self, "\nFail to enable HSTS")
+            if not WOService.reload_service(self, 'nginx'):
+                Log.error(self, "service nginx reload failed. "
+                          "check issues with `nginx -t` command")
+                Log.info(self, "HSTS is enabled for "
+                         "https://{0}".format(wo_domain))
             return 0
 
         if ((stype == 'php' and
@@ -1276,7 +1280,8 @@ class WOSiteUpdateController(CementBaseController):
                         setupLetsEncryptSubdomain(self, wo_domain)
                         httpsRedirect(self, wo_domain)
                     elif self.app.pargs.letsencrypt == "wildcard":
-                        setupLetsEncryptWildcard(self, wo_domain, dns_cf)
+                        wo_acme_dns = pargs.dns
+                        setupLetsEncryptWildcard(self, wo_domain, wo_acme_dns)
                         httpsRedirect(self, wo_domain, True, True)
                 else:
                     WOFileUtils.mvfile(self, "{0}/conf/nginx/ssl.conf.disabled"
diff --git a/wo/cli/plugins/site_functions.py b/wo/cli/plugins/site_functions.py
index ba6e3ea..95f656d 100644
--- a/wo/cli/plugins/site_functions.py
+++ b/wo/cli/plugins/site_functions.py
@@ -1436,7 +1436,7 @@ def setupLetsEncryptSubdomain(self, wo_domain_name):
 # setup letsencrypt for domain + www.domain
 
 
-def setupLetsEncryptWildcard(self, wo_domain_name, dns_cf=True):
+def setupLetsEncryptWildcard(self, wo_domain_name, wo_acme_dns=dns_cf):
 
     if os.path.isfile("/etc/letsencrypt/renewal/{0}_ecc/{0}.conf"
                       .format(wo_domain_name)):
@@ -1453,18 +1453,18 @@ def setupLetsEncryptWildcard(self, wo_domain_name, dns_cf=True):
                                        "--config-home "
                                        "'/etc/letsencrypt/config' "
                                        "--issue "
-                                       "-d {0} -d *.{0} --dns dns_cf "
+                                       "-d {0} -d *.{0} --dns {1} "
                                        "-k ec-384 -f"
-                                       .format(wo_domain_name))
+                                       .format(wo_domain_name, wo_acme_dns))
     else:
         Log.info(self, "Issuing SSL cert with acme.sh")
         ssl = WOShellExec.cmd_exec(self, "/etc/letsencrypt/acme.sh "
                                    "--config-home "
                                    "'/etc/letsencrypt/config' "
                                    "--issue "
-                                   "-d {0} -d *.{0} --dns dns_cf "
+                                   "-d {0} -d *.{0} --dns {1} "
                                    "-k ec-384 -f"
-                                   .format(wo_domain_name))
+                                   .format(wo_domain_name, wo_acme_dns))
 
     if ssl: