Remove renew section
This commit is contained in:
VirtuBox
@@ -1289,86 +1289,6 @@ class WOSiteUpdateController(CementBaseController):
|
|||||||
"site")
|
"site")
|
||||||
pargs.letsencrypt = False
|
pargs.letsencrypt = False
|
||||||
|
|
||||||
# --letsencrypt=renew code goes here
|
|
||||||
if pargs.letsencrypt == "renew" and not pargs.all:
|
|
||||||
expiry_days = SSL.getexpirationdays(self, wo_domain)
|
|
||||||
min_expiry_days = 45
|
|
||||||
if check_ssl:
|
|
||||||
if (expiry_days <= min_expiry_days):
|
|
||||||
renewLetsEncrypt(self, wo_domain)
|
|
||||||
elif pargs.force:
|
|
||||||
renewLetsEncrypt(self, wo_domain)
|
|
||||||
else:
|
|
||||||
Log.error(
|
|
||||||
self, "You have more than 30 days with the current "
|
|
||||||
"certificate - refusing to run.")
|
|
||||||
|
|
||||||
else:
|
|
||||||
Log.error(
|
|
||||||
self, "Cannot renew - HTTPS is not configured for "
|
|
||||||
"the given site. Install LE first...")
|
|
||||||
|
|
||||||
if not WOService.reload_service(self, 'nginx'):
|
|
||||||
Log.error(self, "service nginx reload failed. "
|
|
||||||
"check issues with `nginx -t` command")
|
|
||||||
Log.info(self, "SUCCESS: Certificate was successfully renewed For"
|
|
||||||
" https://{0}".format(wo_domain))
|
|
||||||
if (SSL.getexpirationdays(self, wo_domain) > 0):
|
|
||||||
Log.info(self, "Your cert will expire within " +
|
|
||||||
str(SSL.getexpirationdays(self, wo_domain)) +
|
|
||||||
" days.")
|
|
||||||
Log.info(self, "Expiration date: " +
|
|
||||||
str(SSL.getexpirationdate(self, wo_domain)))
|
|
||||||
|
|
||||||
else:
|
|
||||||
Log.warn(
|
|
||||||
self, "The certificate seems to be already expired. "
|
|
||||||
"Please renew it as soon as possible...")
|
|
||||||
return 0
|
|
||||||
|
|
||||||
if pargs.all and pargs.letsencrypt == "renew":
|
|
||||||
|
|
||||||
if check_ssl:
|
|
||||||
expiry_days = SSL.getExpirationDays(self, wo_domain, True)
|
|
||||||
if expiry_days < 0:
|
|
||||||
return 0
|
|
||||||
min_expiry_days = 45
|
|
||||||
if (expiry_days <= min_expiry_days):
|
|
||||||
renewLetsEncrypt(self, wo_domain)
|
|
||||||
if not WOService.reload_service(self, 'nginx'):
|
|
||||||
Log.error(self, "service nginx reload failed. "
|
|
||||||
"check issues with `nginx -t` command")
|
|
||||||
Log.info(self, "SUCCESS: Certificate was successfully "
|
|
||||||
"renewed For https://{0}".format(wo_domain))
|
|
||||||
elif pargs.force:
|
|
||||||
renewLetsEncrypt(self, wo_domain)
|
|
||||||
Log.info(self, "Certificate was successfully renewed")
|
|
||||||
if not WOService.reload_service(self, 'nginx'):
|
|
||||||
Log.error(self, "service nginx reload failed. "
|
|
||||||
"check issues with `nginx -t` command")
|
|
||||||
Log.info(self, "SUCCESS: Certificate was successfully "
|
|
||||||
"renewed For https://{0}".format(wo_domain))
|
|
||||||
else:
|
|
||||||
Log.info(
|
|
||||||
self, "You have more than 45 days with the current "
|
|
||||||
"certificate - refusing to run.\n")
|
|
||||||
|
|
||||||
if (SSL.getexpirationdays(self, wo_domain) > 0):
|
|
||||||
Log.info(self, "Your cert will expire within " +
|
|
||||||
str(SSL.getexpirationdays(self, wo_domain)) +
|
|
||||||
" days.")
|
|
||||||
Log.info(self, "Expiration date: \n\n" +
|
|
||||||
str(SSL.getexpirationdate(self, wo_domain)))
|
|
||||||
return 0
|
|
||||||
# else:
|
|
||||||
# Log.warn(self, "Your cert already EXPIRED !
|
|
||||||
# .PLEASE renew soon . ")
|
|
||||||
else:
|
|
||||||
Log.info(
|
|
||||||
self, "SSL not configured for "
|
|
||||||
"site http://{0}".format(wo_domain))
|
|
||||||
return 0
|
|
||||||
|
|
||||||
if pargs.all and pargs.letsencrypt == "off":
|
if pargs.all and pargs.letsencrypt == "off":
|
||||||
if letsencrypt is check_ssl:
|
if letsencrypt is check_ssl:
|
||||||
if letsencrypt is False:
|
if letsencrypt is False:
|
||||||
@@ -1466,6 +1386,9 @@ class WOSiteUpdateController(CementBaseController):
|
|||||||
|
|
||||||
if pargs.letsencrypt:
|
if pargs.letsencrypt:
|
||||||
if data['letsencrypt'] is True:
|
if data['letsencrypt'] is True:
|
||||||
|
if WOAcme.cert_check(self, wo_domain):
|
||||||
|
archivedCertificateHandle(self, wo_domain)
|
||||||
|
else:
|
||||||
# DNS API configuration
|
# DNS API configuration
|
||||||
if pargs.dns:
|
if pargs.dns:
|
||||||
Log.debug(self, "DNS validation enabled")
|
Log.debug(self, "DNS validation enabled")
|
||||||
@@ -1483,30 +1406,31 @@ class WOSiteUpdateController(CementBaseController):
|
|||||||
acme_domains = acme_domains + ['{0}'.format(wo_domain)]
|
acme_domains = acme_domains + ['{0}'.format(wo_domain)]
|
||||||
elif acme_wildcard is True:
|
elif acme_wildcard is True:
|
||||||
Log.info(self, "Certificate type : wildcard")
|
Log.info(self, "Certificate type : wildcard")
|
||||||
acme_domains = acme_domains + ['{0}'.format(wo_domain),
|
acme_domains = \
|
||||||
|
acme_domains + ['{0}'.format(wo_domain),
|
||||||
'*.{0}'.format(wo_domain)]
|
'*.{0}'.format(wo_domain)]
|
||||||
else:
|
else:
|
||||||
Log.info(self, "Certificate type : domain")
|
Log.info(self, "Certificate type : domain")
|
||||||
acme_domains = acme_domains + ['{0}'.format(wo_domain),
|
acme_domains = \
|
||||||
|
acme_domains + ['{0}'.format(wo_domain),
|
||||||
'www.{0}'.format(wo_domain)]
|
'www.{0}'.format(wo_domain)]
|
||||||
|
|
||||||
if acme_subdomain:
|
|
||||||
# check if a wildcard cert for the root domain exist
|
|
||||||
Log.debug(self, "checkWildcardExist on *.{0}"
|
|
||||||
.format(wo_root_domain))
|
|
||||||
iswildcard = SSL.checkwildcardexist(self, wo_root_domain)
|
|
||||||
Log.debug(self, "iswildcard = {0}".format(iswildcard))
|
|
||||||
if not os.path.isfile("{0}/conf/nginx/ssl.conf.disabled"):
|
if not os.path.isfile("{0}/conf/nginx/ssl.conf.disabled"):
|
||||||
if acme_subdomain:
|
if acme_subdomain:
|
||||||
if iswildcard:
|
Log.debug(self, "checkWildcardExist on *.{0}"
|
||||||
Log.info(self, "Using existing Wildcard SSL "
|
.format(wo_root_domain))
|
||||||
|
if SSL.checkwildcardexist(self, wo_root_domain):
|
||||||
|
Log.info(
|
||||||
|
self, "Using existing Wildcard SSL "
|
||||||
"certificate from {0} to secure {1}"
|
"certificate from {0} to secure {1}"
|
||||||
.format(wo_root_domain, wo_domain))
|
.format(wo_root_domain, wo_domain))
|
||||||
Log.debug(self, "symlink wildcard "
|
Log.debug(
|
||||||
|
self, "symlink wildcard "
|
||||||
"cert between {0} & {1}"
|
"cert between {0} & {1}"
|
||||||
.format(wo_domain, wo_root_domain))
|
.format(wo_domain, wo_root_domain))
|
||||||
# copy the cert from the root domain
|
# copy the cert from the root domain
|
||||||
copyWildcardCert(self, wo_domain, wo_root_domain)
|
copyWildcardCert(self, wo_domain,
|
||||||
|
wo_root_domain)
|
||||||
else:
|
else:
|
||||||
# check DNS records before issuing cert
|
# check DNS records before issuing cert
|
||||||
if not acmedata['dns'] is True:
|
if not acmedata['dns'] is True:
|
||||||
@@ -1538,11 +1462,13 @@ class WOSiteUpdateController(CementBaseController):
|
|||||||
else:
|
else:
|
||||||
Log.error(self, "Unable to issue certificate")
|
Log.error(self, "Unable to issue certificate")
|
||||||
else:
|
else:
|
||||||
WOFileUtils.mvfile(self, "{0}/conf/nginx/ssl.conf.disabled"
|
WOFileUtils.mvfile(
|
||||||
|
self, "{0}/conf/nginx/ssl.conf.disabled"
|
||||||
.format(wo_site_webroot),
|
.format(wo_site_webroot),
|
||||||
'{0}/conf/nginx/ssl.conf'
|
'{0}/conf/nginx/ssl.conf'
|
||||||
.format(wo_site_webroot))
|
.format(wo_site_webroot))
|
||||||
WOFileUtils.mvfile(self, "/etc/nginx/conf.d/"
|
WOFileUtils.mvfile(
|
||||||
|
self, "/etc/nginx/conf.d/"
|
||||||
"force-ssl-{0}.conf.disabled"
|
"force-ssl-{0}.conf.disabled"
|
||||||
.format(wo_domain),
|
.format(wo_domain),
|
||||||
'/etc/nginx/conf.d/force-ssl-{0}.conf'
|
'/etc/nginx/conf.d/force-ssl-{0}.conf'
|
||||||
|
|||||||
Reference in New Issue
Block a user