|
|
@ -753,8 +753,8 @@ class EESiteCreateController(CementBaseController): |
|
|
setupLetsEncrypt(self, ee_domain) |
|
|
setupLetsEncrypt(self, ee_domain) |
|
|
httpsRedirect(self,ee_domain) |
|
|
httpsRedirect(self,ee_domain) |
|
|
Log.info(self,"Creating Cron Job for cert auto-renewal") |
|
|
Log.info(self,"Creating Cron Job for cert auto-renewal") |
|
|
EECron.setcron_daily(self,'ee site update {0} --le=renew --min_expiry_limit 30 2> /dev/null'.format(ee_domain),'Renew ' |
|
|
EECron.setcron_daily(self,'ee site update --le=renew --all 2> /dev/null'.format(ee_domain),'Renew all' |
|
|
'letsencrypt SSL cert. Set by EasyEngine') |
|
|
' letsencrypt SSL cert. Set by EasyEngine') |
|
|
|
|
|
|
|
|
if not EEService.reload_service(self, 'nginx'): |
|
|
if not EEService.reload_service(self, 'nginx'): |
|
|
Log.error(self, "service nginx reload failed. " |
|
|
Log.error(self, "service nginx reload failed. " |
|
|
@ -828,8 +828,6 @@ class EESiteUpdateController(CementBaseController): |
|
|
dict(help="configure letsencrypt ssl for the site", |
|
|
dict(help="configure letsencrypt ssl for the site", |
|
|
action='store' or 'store_const', |
|
|
action='store' or 'store_const', |
|
|
choices=('on', 'off', 'renew'), const='on', nargs='?')), |
|
|
choices=('on', 'off', 'renew'), const='on', nargs='?')), |
|
|
(['--min_expiry_limit'], |
|
|
|
|
|
dict(help="pass minimum expiry days to renew let's encrypt cert")), |
|
|
|
|
|
(['--proxy'], |
|
|
(['--proxy'], |
|
|
dict(help="update to proxy site", nargs='+')), |
|
|
dict(help="update to proxy site", nargs='+')), |
|
|
(['--experimental'], |
|
|
(['--experimental'], |
|
|
@ -1090,9 +1088,15 @@ class EESiteUpdateController(CementBaseController): |
|
|
pargs.pagespeed = False |
|
|
pargs.pagespeed = False |
|
|
|
|
|
|
|
|
#--letsencrypt=renew code goes here |
|
|
#--letsencrypt=renew code goes here |
|
|
if pargs.letsencrypt == "renew" and not pargs.min_expiry_limit: |
|
|
if pargs.letsencrypt == "renew" and not pargs.all: |
|
|
|
|
|
expiry_days = SSL.getExpirationDays(self,ee_domain) |
|
|
|
|
|
min_expiry_days = 30 |
|
|
if check_ssl: |
|
|
if check_ssl: |
|
|
renewLetsEncrypt(self,ee_domain) |
|
|
if (expiry_days <= min_expiry_days): |
|
|
|
|
|
renewLetsEncrypt(self,ee_domain) |
|
|
|
|
|
else: |
|
|
|
|
|
Log.error(self,"More than 60 days left for certificate Expiry. Not renewing now.") |
|
|
|
|
|
|
|
|
else: |
|
|
else: |
|
|
Log.error(self,"Cannot RENEW ! SSL is not configured for given site .") |
|
|
Log.error(self,"Cannot RENEW ! SSL is not configured for given site .") |
|
|
|
|
|
|
|
|
@ -1103,34 +1107,25 @@ class EESiteUpdateController(CementBaseController): |
|
|
Log.info(self, "Expiration DATE: " + str(SSL.getExpirationDate(self,ee_domain))) |
|
|
Log.info(self, "Expiration DATE: " + str(SSL.getExpirationDate(self,ee_domain))) |
|
|
|
|
|
|
|
|
else: |
|
|
else: |
|
|
Log.warn(self, "Your cert already EXPIRED ! .PLEASE renew soon . ") |
|
|
Log.warn(self, "Your cert already EXPIRED !. PLEASE renew soon . ") |
|
|
|
|
|
|
|
|
if pargs.min_expiry_limit: |
|
|
|
|
|
if not int(pargs.min_expiry_limit)>0 or not int(pargs.min_expiry_limit)< 90: |
|
|
|
|
|
Log.error(self,'INVALID --min_expiry_limit argument provided. Please use range 1-89 .') |
|
|
|
|
|
|
|
|
|
|
|
if not pargs.letsencrypt == "renew": |
|
|
if pargs.all and pargs.letsencrypt == "renew": |
|
|
Log.error(self,'--min_expiry_limit parameter cannot be used as a standalone. Provide --le=renew') |
|
|
|
|
|
|
|
|
|
|
|
if not check_ssl: |
|
|
if check_ssl: |
|
|
Log.error(self,"Cannot RENEW ! SSL is not configured for given site .") |
|
|
expiry_days = SSL.getExpirationDays(self,ee_domain) |
|
|
|
|
|
min_expiry_days = 30 |
|
|
expiry_days = SSL.getExpirationDays(self,ee_domain) |
|
|
if (expiry_days <= min_expiry_days): |
|
|
min_expiry_days = int(pargs.min_expiry_limit) |
|
|
renewLetsEncrypt(self,ee_domain) |
|
|
if (expiry_days <= min_expiry_days): |
|
|
Log.info(self, "SUCCESS: Certificate was successfully renewed For" |
|
|
renewLetsEncrypt(self,ee_domain) |
|
|
" https://{0}".format(ee_domain)) |
|
|
Log.info(self, "SUCCESS: Certificate was successfully renewed For" |
|
|
|
|
|
" https://{0}".format(ee_domain)) |
|
|
|
|
|
else: |
|
|
|
|
|
Log.info(self, "Not renewing SSL .") |
|
|
|
|
|
|
|
|
|
|
|
if (SSL.getExpirationDays(self,ee_domain)>0): |
|
|
if (SSL.getExpirationDays(self,ee_domain)>0): |
|
|
Log.info(self, "Your cert will expire within " + str(SSL.getExpirationDays(self,ee_domain)) + " days.") |
|
|
Log.info(self, "Your cert will expire within " + str(SSL.getExpirationDays(self,ee_domain)) + " days.") |
|
|
Log.info(self, "Expiration DATE: " + str(SSL.getExpirationDate(self,ee_domain))) |
|
|
Log.info(self, "Expiration DATE: \n\n" + str(SSL.getExpirationDate(self,ee_domain))) |
|
|
|
|
|
|
|
|
else: |
|
|
#else: |
|
|
Log.warn(self, "Your cert already EXPIRED ! .PLEASE renew soon . ") |
|
|
# Log.warn(self, "Your cert already EXPIRED ! .PLEASE renew soon . ") |
|
|
return 0 |
|
|
#return 0 |
|
|
|
|
|
|
|
|
if pargs.letsencrypt: |
|
|
if pargs.letsencrypt: |
|
|
if pargs.letsencrypt == 'on': |
|
|
if pargs.letsencrypt == 'on': |
|
|
@ -1323,7 +1318,7 @@ class EESiteUpdateController(CementBaseController): |
|
|
|
|
|
|
|
|
httpsRedirect(self,ee_domain) |
|
|
httpsRedirect(self,ee_domain) |
|
|
Log.info(self,"Creating Cron Job for cert auto-renewal") |
|
|
Log.info(self,"Creating Cron Job for cert auto-renewal") |
|
|
EECron.setcron_daily(self,'ee site update {0} --le=renew --min_expiry_limit 30 2> /dev/null'.format(ee_domain),'Renew' |
|
|
EECron.setcron_daily(self,'ee site update --le=renew --all 2> /dev/null'.format(ee_domain),'Renew all' |
|
|
' letsencrypt SSL cert. Set by EasyEngine') |
|
|
' letsencrypt SSL cert. Set by EasyEngine') |
|
|
|
|
|
|
|
|
if not EEService.reload_service(self, 'nginx'): |
|
|
if not EEService.reload_service(self, 'nginx'): |
|
|
@ -1351,7 +1346,7 @@ class EESiteUpdateController(CementBaseController): |
|
|
Log.error(self, "service nginx reload failed. " |
|
|
Log.error(self, "service nginx reload failed. " |
|
|
"check issues with `nginx -t` command") |
|
|
"check issues with `nginx -t` command") |
|
|
Log.info(self,"Removing Cron Job set for cert auto-renewal") |
|
|
Log.info(self,"Removing Cron Job set for cert auto-renewal") |
|
|
EECron.remove_cron(self,'ee site update {0} --le=renew --min_expiry_limit 30 2> \/dev\/null'.format(ee_domain)) |
|
|
#EECron.remove_cron(self,'ee site update {0} --le=renew --min_expiry_limit 30 2> \/dev\/null'.format(ee_domain)) |
|
|
Log.info(self, "Successfully Disabled SSl for Site " |
|
|
Log.info(self, "Successfully Disabled SSl for Site " |
|
|
" http://{0}".format(ee_domain)) |
|
|
" http://{0}".format(ee_domain)) |
|
|
|
|
|
|
|
|
|
Prabuddha Chakraborty
9 years ago