1
0
mirror of https://github.com/moepman/acertmgr.git synced 2025-01-04 02:35:23 +01:00

Minor code and documentation improvements

This commit is contained in:
Markus 2016-01-10 15:48:16 +01:00
parent 72c9fe0115
commit 933c2e8ed1
2 changed files with 17 additions and 10 deletions

View File

@ -20,6 +20,7 @@ All configuration files use yaml syntax.
--- ---
mode: webdir mode: webdir
#mode: standalone
webdir: /var/www/challenges/ webdir: /var/www/challenges/
``` ```
@ -32,7 +33,9 @@ mail.example.com:
- user: postfix - user: postfix
group: postfix group: postfix
perm: '400' perm: '400'
notify: '/etc/init.d/postfix reload'
- user: dovecot - user: dovecot
group: dovecot group: dovecot
perm: '400' perm: '400'
notify: '/etc/init.d/dovecot reload'
``` ```

View File

@ -51,6 +51,7 @@ def cert_isValid(domain, settings):
def cert_get(domain, settings): def cert_get(domain, settings):
key_file = ACME_DIR + "server.key" key_file = ACME_DIR + "server.key"
csr_file = "/tmp/%s.csr" % domain csr_file = "/tmp/%s.csr" % domain
print("Getting certificate for %s." % domain) print("Getting certificate for %s." % domain)
@ -58,28 +59,31 @@ def cert_get(domain, settings):
# TODO run acme_tiny # TODO run acme_tiny
# TODO check if resulting certificate is valid # TODO check if resulting certificate is valid
# TODO delete temporary files
# TODO copy cert w/ correct permissions # TODO copy cert w/ correct permissions
# TODO restart/reload service(s) # TODO restart/reload service(s)
if __name__ == "__main__": if __name__ == "__main__":
# load configuration # load global configuration
if os.path.isfile(ACME_CONF):
with open(ACME_CONF) as config_fd: with open(ACME_CONF) as config_fd:
config = yaml.load(config_fd) config = yaml.load(config_fd)
if not config: if not config:
config = {} config = {}
if 'domains' not in config: if 'domains' not in config:
config['domains'] = {} config['domains'] = {}
# load domain configuration
for config_file in os.listdir(ACME_CONFD): for config_file in os.listdir(ACME_CONFD):
if config_file.endswith(".conf"): if config_file.endswith(".conf"):
with open(ACME_CONFD + config_file) as config_fd: with open(ACME_CONFD + config_file) as config_fd:
config['domains'].update(yaml.load(config_fd)) config['domains'].update(yaml.load(config_fd))
#print(str(config)) #print(str(config))
# fill up configuration with defaults # TODO fill up configuration with defaults
# TODO
# check certificate validity # check certificate validity and obtain/renew certificates if needed
for domain in config['domains']: for domain in config['domains']:
if not cert_isValid(domain, config['domains'][domain]): if not cert_isValid(domain, config['domains'][domain]):
cert_get(domain, config['domains'][domain]) cert_get(domain, config['domains'][domain])