Malin/WPIQ
1
0
Fork 0
Code Issues Pull Requests Actions 1 Packages Projects Releases Wiki Activity

Implement DNS API with Letsencrypt

Browse Source
This commit is contained in:
VirtuBox
2019-07-14 11:49:21 +02:00
parent b7e7da0d2f
commit d73adafc22
3 changed files with 64 additions and 60 deletions
Download Patch File Download Diff File Expand all files Collapse all files

1
wo/cli/plugins/maintenance.py
View File

@@ -10,7 +10,6 @@ from wo.core.services import WOService
from wo.core.shellexec import WOShellExec from wo.core.shellexec import WOShellExec
def wo_maintenance_hook(app): def wo_maintenance_hook(app):
pass pass

9
wo/cli/plugins/site.py
View File

@@ -812,7 +812,6 @@ class WOSiteUpdateController(CementBaseController):
(['--dns'], (['--dns'],
dict(help="choose dns provider api for letsencrypt", dict(help="choose dns provider api for letsencrypt",
action='store' or 'store_const', action='store' or 'store_const',
choices=('cf', 'do'),
const='cf', nargs='?')), const='cf', nargs='?')),
(['--hsts'], (['--hsts'],
dict(help="configure hsts for the site", dict(help="configure hsts for the site",
@@ -941,6 +940,11 @@ class WOSiteUpdateController(CementBaseController):
except SiteError as e: except SiteError as e:
Log.debug(self, str(e)) Log.debug(self, str(e))
Log.info(self, "\nFail to enable HSTS") Log.info(self, "\nFail to enable HSTS")
if not WOService.reload_service(self, 'nginx'):
Log.error(self, "service nginx reload failed. "
"check issues with `nginx -t` command")
Log.info(self, "HSTS is enabled for "
"https://{0}".format(wo_domain))
return 0 return 0
if ((stype == 'php' and if ((stype == 'php' and
@@ -1276,7 +1280,8 @@ class WOSiteUpdateController(CementBaseController):
setupLetsEncryptSubdomain(self, wo_domain) setupLetsEncryptSubdomain(self, wo_domain)
httpsRedirect(self, wo_domain) httpsRedirect(self, wo_domain)
elif self.app.pargs.letsencrypt == "wildcard": elif self.app.pargs.letsencrypt == "wildcard":
setupLetsEncryptWildcard(self, wo_domain, dns_cf) wo_acme_dns = pargs.dns
setupLetsEncryptWildcard(self, wo_domain, wo_acme_dns)
httpsRedirect(self, wo_domain, True, True) httpsRedirect(self, wo_domain, True, True)
else: else:
WOFileUtils.mvfile(self, "{0}/conf/nginx/ssl.conf.disabled" WOFileUtils.mvfile(self, "{0}/conf/nginx/ssl.conf.disabled"

10
wo/cli/plugins/site_functions.py
View File

@@ -1436,7 +1436,7 @@ def setupLetsEncryptSubdomain(self, wo_domain_name):
# setup letsencrypt for domain + www.domain # setup letsencrypt for domain + www.domain
def setupLetsEncryptWildcard(self, wo_domain_name, dns_cf=True): def setupLetsEncryptWildcard(self, wo_domain_name, wo_acme_dns=dns_cf):
if os.path.isfile("/etc/letsencrypt/renewal/{0}_ecc/{0}.conf" if os.path.isfile("/etc/letsencrypt/renewal/{0}_ecc/{0}.conf"
.format(wo_domain_name)): .format(wo_domain_name)):
@@ -1453,18 +1453,18 @@ def setupLetsEncryptWildcard(self, wo_domain_name, dns_cf=True):
"--config-home " "--config-home "
"'/etc/letsencrypt/config' " "'/etc/letsencrypt/config' "
"--issue " "--issue "
"-d {0} -d *.{0} --dns dns_cf " "-d {0} -d *.{0} --dns {1} "
"-k ec-384 -f" "-k ec-384 -f"
.format(wo_domain_name)) .format(wo_domain_name, wo_acme_dns))
else: else:
Log.info(self, "Issuing SSL cert with acme.sh") Log.info(self, "Issuing SSL cert with acme.sh")
ssl = WOShellExec.cmd_exec(self, "/etc/letsencrypt/acme.sh " ssl = WOShellExec.cmd_exec(self, "/etc/letsencrypt/acme.sh "
"--config-home " "--config-home "
"'/etc/letsencrypt/config' " "'/etc/letsencrypt/config' "
"--issue " "--issue "
"-d {0} -d *.{0} --dns dns_cf " "-d {0} -d *.{0} --dns {1} "
"-k ec-384 -f" "-k ec-384 -f"
.format(wo_domain_name)) .format(wo_domain_name, wo_acme_dns))
if ssl: if ssl: