robin.thoni
/
sitegen
Beobachten 1
Favorisieren 0
Fork 0
Code Issues 0 Pull-Requests 0 Releases 7 Wiki Aktivität
Quellcode durchsuchen

added per host commands

tags/v2.1.0
Robin Thoni vor 7 Jahren
Ursprung
975b3e2a41
Commit
8f70099a38
7 geänderte Dateien mit 84 neuen und 34 gelöschten Zeilen
Gesamtansicht Diff-Statistik anzeigen
  1. 0
    10
      .idea/misc.xml
  2. 8
    0
      apache/sitegen.conf
  3. 3
    1
      install
  4. 15
    7
      sitegen.py
  5. 34
    11
      sitegen/sitegen.json
  6. 2
    2
      tests/fake-letsencrypt.sh
  7. 22
    3
      tests/sitegen.json

+ 0
- 10
.idea/misc.xml Datei anzeigen

1 
 <?xml version="1.0" encoding="UTF-8"?>
 1 
 <?xml version="1.0" encoding="UTF-8"?>
2 
 <project version="4">
 2 
 <project version="4">
3 
-  <component name="ProjectLevelVcsManager" settingsEditedManually="false">
4 
-    <OptionsSetting value="true" id="Add" />
5 
-    <OptionsSetting value="true" id="Remove" />
6 
-    <OptionsSetting value="true" id="Checkout" />
7 
-    <OptionsSetting value="true" id="Update" />
8 
-    <OptionsSetting value="true" id="Status" />
9 
-    <OptionsSetting value="true" id="Edit" />
10 
-    <ConfirmationsSetting value="0" id="Add" />
11 
-    <ConfirmationsSetting value="0" id="Remove" />
12 
-  </component>
13 
   <component name="ProjectRootManager" version="2" project-jdk-name="Python 3.4.3 (/usr/bin/python3.4)" project-jdk-type="Python SDK" />
 3 
   <component name="ProjectRootManager" version="2" project-jdk-name="Python 3.4.3 (/usr/bin/python3.4)" project-jdk-type="Python SDK" />
14 
 </project>
 4 
 </project>

+ 8
- 0
apache/sitegen.conf Datei anzeigen

1 
 Alias "/.well-known/acme-challenge/" "/tmp/acme-challenge/.well-known/acme-challenge/"
 1 
 Alias "/.well-known/acme-challenge/" "/tmp/acme-challenge/.well-known/acme-challenge/"
2 
+<IfModule mod_proxy.c>
3 
+  ProxyPass /.well-known/acme-challenge !
4 
+</IfModule>
2 
 <Directory /tmp/acme-challenge>
 5 
 <Directory /tmp/acme-challenge>
3 
   Options -Indexes -FollowSymLinks
 6 
   Options -Indexes -FollowSymLinks
4 
   AllowOverride All
 7 
   AllowOverride All
6 
   Satisfy Any
 9 
   Satisfy Any
7 
   Allow from all
 10 
   Allow from all
8 
 </Directory>
 11 
 </Directory>
12 
+<Location /.well-known/acme-challenge>
13 
+  Require all granted
14 
+  Satisfy Any
15 
+  Allow from all
16 
+</Location>

+ 3
- 1
install Datei anzeigen

10 
   cp -r "${dir}/sitegen" /etc/sitegen
 10 
   cp -r "${dir}/sitegen" /etc/sitegen
11 
 fi &&
 11 
 fi &&
12
12
13 
+rm -f /usr/local/bin/sitegen &&
13 
 cp "${dir}/sitegen.py" /usr/local/bin/sitegen &&
 14 
 cp "${dir}/sitegen.py" /usr/local/bin/sitegen &&
14
15
15 
 for typedir in "${dir}"/sitegen/hooks-available/*
 16 
 for typedir in "${dir}"/sitegen/hooks-available/*
22 
     done
 23 
     done
23 
 done &&
 24 
 done &&
24
25
26 
+rm -f /etc/bash_completion.d/sitegen &&
25 
 cp "${dir}/bash/sitegen.completion" /etc/bash_completion.d/sitegen &&
 27 
 cp "${dir}/bash/sitegen.completion" /etc/bash_completion.d/sitegen &&
26
28
27 
-a2disconf letsencrypt &&
29 
+(a2disconf letsencrypt && rm -f /etc/apache2/conf-available/letsencrypt.conf || exit 0) &&
28 
 rm -f /etc/apache2/conf-available/sitegen.conf &&
 30 
 rm -f /etc/apache2/conf-available/sitegen.conf &&
29 
 cp "${dir}/apache/sitegen.conf" /etc/apache2/conf-available/sitegen.conf &&
 31 
 cp "${dir}/apache/sitegen.conf" /etc/apache2/conf-available/sitegen.conf &&
30 
 a2enconf sitegen &&
 32 
 a2enconf sitegen &&

+ 15
- 7
sitegen.py Datei anzeigen

1 
 #! /usr/bin/env python3
 1 
 #! /usr/bin/env python3
2 
-
2 
+import fnmatch
3 
 import json
 3 
 import json
4 
 import argparse
 4 
 import argparse
5 
 import os
 5 
 import os
26 
     hooksAvailableDir = ""
 26 
     hooksAvailableDir = ""
27 
     templatesDir = ""
 27 
     templatesDir = ""
28 
     certRenewTime = ""
 28 
     certRenewTime = ""
29 
-    letsencryptCommand = ""
30 
-    letsencryptArgs = []
29 
+    letsencryptCommands = ""
31 
     letsencryptDir = ""
 30 
     letsencryptDir = ""
32 
     certDir = ""
 31 
     certDir = ""
33
32
39 
         self.hooksAvailableDir = path.join(self.confDir, "hooks-available")
 38 
         self.hooksAvailableDir = path.join(self.confDir, "hooks-available")
40 
         self.templatesDir = path.join(self.confDir, "templates")
 39 
         self.templatesDir = path.join(self.confDir, "templates")
41 
         self.certRenewTime = config["certRenewTime"]
 40 
         self.certRenewTime = config["certRenewTime"]
42 
-        self.letsencryptCommand = config["letsencryptCommand"]
43 
-        self.letsencryptArgs = config["letsencryptArgs"]
41 
+        self.letsencryptCommands = config["letsencryptCommands"]
44 
         self.letsencryptDir = config["letsencryptDir"]
 42 
         self.letsencryptDir = config["letsencryptDir"]
45 
         self.certDir = config["certDir"]
 43 
         self.certDir = config["certDir"]
46
44
74 
     def get_letsencrypt_dir(self, domain):
 72 
     def get_letsencrypt_dir(self, domain):
75 
         return path.join(self.letsencryptDir, domain)
 73 
         return path.join(self.letsencryptDir, domain)
76
74
75 
+    def get_letsencrypt_command(self, domain):
76 
+        for d in self.letsencryptCommands:
77 
+            patterns = d['patterns'] if isinstance(d['patterns'], list) else [d['patterns']]
78 
+            for pattern in patterns:
79 
+                if fnmatch.fnmatch(domain, pattern):
80 
+                    return d['command']
81 
+        return None
82 
+
77 
     def symlink_letsencrypt_file(self, domain, file, outfile):
 83 
     def symlink_letsencrypt_file(self, domain, file, outfile):
78 
         letsencrypt_cert_file = path.abspath(self.get_letsencrypt_dir(domain))
 84 
         letsencrypt_cert_file = path.abspath(self.get_letsencrypt_dir(domain))
79 
         my_cert_file = path.join(self.certDir, outfile)
 85 
         my_cert_file = path.join(self.certDir, outfile)
193 
         cert_files.insert(0, domain)
 199 
         cert_files.insert(0, domain)
194 
         self.execute_hooks("cert", "pre", cert_files)
 200 
         self.execute_hooks("cert", "pre", cert_files)
195
201
196 
-        args = self.letsencryptArgs.copy()
202 
+        command = self.get_letsencrypt_command(domain)
203 
+
204 
+        args = command['letsencryptArgs'].copy()
197 
         args.append("-d")
 205 
         args.append("-d")
198 
         args.append(domain)
 206 
         args.append(domain)
199
207
200 
-        res, out = self.execute(self.letsencryptCommand, args, False)
208 
+        res, out = self.execute(command['letsencryptCommand'], args, False)
201 
         if res != 0:
 209 
         if res != 0:
202 
             raise SiteGenException("Certificate request failed with code %i" % res, res)
 210 
             raise SiteGenException("Certificate request failed with code %i" % res, res)
203
211

+ 34
- 11
sitegen/sitegen.json Datei anzeigen

3 
   "siteDir": "/var/",
 3 
   "siteDir": "/var/",
4 
   "confDir": "/etc/sitegen/",
 4 
   "confDir": "/etc/sitegen/",
5 
   "certRenewTime": 5356800,
 5 
   "certRenewTime": 5356800,
6 
-  "letsencryptCommand": "letsencrypt",
7 
-  "letsencryptArgs": [
8 
-    "--agree-tos",
9 
-    "--text",
10 
-    "--renew-by-default",
11 
-    "--webroot",
12 
-    "--webroot-path",
13 
-    "/tmp/acme-challenge/",
14 
-    "--server",
15 
-    "https://acme-v01.api.letsencrypt.org/directory",
16 
-    "certonly"
6 
+  "letsencryptCommands": [
7 
+    {
8 
+      "patterns": "*",
9 
+      "command": {
10 
+        "letsencryptCommand": "letsencrypt",
11 
+        "letsencryptArgs": [
12 
+          "--agree-tos",
13 
+          "--text",
14 
+          "--renew-by-default",
15 
+          "--webroot",
16 
+          "--webroot-path",
17 
+          "/tmp/acme-challenge/",
18 
+          "--server",
19 
+          "https://acme-v01.api.letsencrypt.org/directory",
20 
+          "certonly"
21 
+        ]
22 
+      }
23 
+    },
24 
+    {
25 
+      "patterns": "*",
26 
+      "command": {
27 
+        "letsencryptCommand": "letsencrypt",
28 
+        "letsencryptArgs": [
29 
+          "--agree-tos",
30 
+          "--text",
31 
+          "--renew-by-default",
32 
+          "--authenticator",
33 
+          "certbot-dns:auth",
34 
+          "--server",
35 
+          "https://acme-v01.api.letsencrypt.org/directory",
36 
+          "certonly"
37 
+        ]
38 
+      }
39 
+    }
17 
   ],
 40 
   ],
18 
   "letsencryptDir": "/etc/letsencrypt/live/",
 41 
   "letsencryptDir": "/etc/letsencrypt/live/",
19 
   "certDir": "/etc/ssl/private/"
 42 
   "certDir": "/etc/ssl/private/"

+ 2
- 2
tests/fake-letsencrypt.sh Datei anzeigen

5 
 d="${2}"
 5 
 d="${2}"
6 
 host="${3}"
 6 
 host="${3}"
7
7
8 
-if [ "${host}" = "error.com" ] || [ "${arg}" != "Test." ] || [ "${d}" != "-d" ]
8 
+if [ "${arg}" != "Test." ] || [ "${d}" != "-d" ]
9 
 then
 9 
 then
10 
-    echo "Failed to get certificate" >&2
10 
+    echo "Failed to get certificate: ${arg}" >&2
11 
     exit 1
 11 
     exit 1
12 
 fi &&
 12 
 fi &&
13
13

+ 22
- 3
tests/sitegen.json Datei anzeigen

3 
   "siteDir": "./tests/var/",
 3 
   "siteDir": "./tests/var/",
4 
   "confDir": "./sitegen/",
 4 
   "confDir": "./sitegen/",
5 
   "certRenewTime": 5356800,
 5 
   "certRenewTime": 5356800,
6 
-  "letsencryptCommand": "./tests/fake-letsencrypt.sh",
7 
-  "letsencryptArgs": [
8 
-    "Test."
6 
+  "letsencryptCommands": [
7 
+    {
8 
+      "patterns": [
9 
+        "error.com",
10 
+        "*.error.com"
11 
+      ],
12 
+      "command": {
13 
+        "letsencryptCommand": "./tests/fake-letsencrypt.sh",
14 
+        "letsencryptArgs": [
15 
+          "error"
16 
+        ]
17 
+      }
18 
+    },
19 
+    {
20 
+      "patterns": "*",
21 
+      "command": {
22 
+        "letsencryptCommand": "./tests/fake-letsencrypt.sh",
23 
+        "letsencryptArgs": [
24 
+          "Test."
25 
+        ]
26 
+      }
27 
+    }
9 
   ],
 28 
   ],
10 
   "letsencryptDir": "./tests/etc/letsencrypt/live/",
 29 
   "letsencryptDir": "./tests/etc/letsencrypt/live/",
11 
   "certDir": "./tests/etc/ssl/private/"
 30 
   "certDir": "./tests/etc/ssl/private/"

Verfassen Vorschau
Laden…
Abbrechen
Speichern