Makussu/bunkerweb
1
0
Fork 0
Code Issues Pull Requests Projects Releases Wiki Activity

certbot - add USE_LETS_ENCRYPT_STAGING=yes/no env var for using staging or production servers of let's encrypt

Browse Source
This commit is contained in:
bunkerity
2021-07-23 11:51:50 +02:00
parent 0dc2a5ec25
commit ef8969e2cf
6 changed files with 27 additions and 9 deletions
Download Patch File Download Diff File Expand all files Collapse all files

4
jobs/CertbotNew.py
View File

@@ -2,8 +2,10 @@ from Job import Job
class CertbotNew(Job) :
def __init__(self, redis_host=None, copy_cache=False, domain="", email="") :
def __init__(self, redis_host=None, copy_cache=False, domain="", email="", staging=False) :
name = "certbot-new"
data = ["certbot", "certonly", "--webroot", "-w", "/opt/bunkerized-nginx/acme-challenge", "-n", "-d", domain, "--email", email, "--agree-tos"]
if staging :
data.append("--staging")
type = "exec"
super().__init__(name, data, filename=None, redis_host=redis_host, type=type, copy_cache=copy_cache)

6
jobs/Job.py
View File

@@ -1,4 +1,4 @@
import abc, requests, redis, os, datetime, traceback, re, shutil, enum, filecmp
import abc, requests, redis, os, datetime, traceback, re, shutil, enum, filecmp, subprocess
class JobRet(enum.Enum) :
KO = 0
@@ -41,7 +41,7 @@ class Job(abc.ABC) :
elif self._type == "exec" :
return self.__exec()
except Exception as e :
self.__log("exception while running job : " + traceback.format_exc())
self._log("exception while running job : " + traceback.format_exc())
return JobRet.KO
return ret
@@ -101,7 +101,7 @@ class Job(abc.ABC) :
def __exec(self) :
proc = subprocess.run(self._data, capture_output=True)
stdout = proc.stdout.decode("ascii")
stderr = proc.stderr.decode("err")
stderr = proc.stderr.decode("ascii")
if len(stdout) > 1 :
self._log("stdout = " + stdout)
if len(stderr) > 1 :

3
jobs/main.py
View File

@@ -30,6 +30,7 @@ if __name__ == "__main__" :
parser.add_argument("--cache", action="store_true", help="copy data from cache if available")
parser.add_argument("--domain", default="", type=str, help="domain(s) for certbot-new job (e.g. : www.example.com or app1.example.com,app2.example.com)")
parser.add_argument("--email", default="", type=str, help="email for certbot-new job (e.g. : contact@example.com)")
parser.add_argument("--staging", action="store_true", help="use staging server for let's encrypt instead of the production one")
parser.add_argument("--dst_cert", default="", type=str, help="certificate path for self-signed-cert job (e.g. : /etc/nginx/default-cert.pem)")
parser.add_argument("--dst_key", default="", type=str, help="key path for self-signed-cert job (e.g. : /etc/nginx/default-key.pem)")
parser.add_argument("--expiry", default="", type=str, help="number of validity days for self-signed-cert job (e.g. : 365)")
@@ -46,7 +47,7 @@ if __name__ == "__main__" :
print("[*] Executing job " + job)
ret = 0
if job == "certbot-new" :
instance = JOBS[job](redis_host=args.redis, copy_cache=args.cache, domain=args.domain, email=args.email)
instance = JOBS[job](redis_host=args.redis, copy_cache=args.cache, domain=args.domain, email=args.email, staging=args.staging)
elif job == "self-signed-cert" :
instance = JOBS[job](redis_host=args.redis, copy_cache=args.cache, dst_cert=args.dst_cert, dst_key=args.dst_key, expiry=args.expiry, subj=args.subj)
else :