mirror of
https://github.com/moepman/acertmgr.git
synced 2024-11-15 02:45:27 +01:00
acertmgr: add force renew option to immediately renew a cert
This commit is contained in:
parent
dfaca3b58f
commit
bd27db4ebd
@ -11,6 +11,7 @@ import importlib
|
|||||||
import io
|
import io
|
||||||
import os
|
import os
|
||||||
import pwd
|
import pwd
|
||||||
|
import re
|
||||||
import stat
|
import stat
|
||||||
import subprocess
|
import subprocess
|
||||||
|
|
||||||
@ -150,15 +151,16 @@ def main():
|
|||||||
|
|
||||||
# check certificate validity and obtain/renew certificates if needed
|
# check certificate validity and obtain/renew certificates if needed
|
||||||
for config in domainconfigs:
|
for config in domainconfigs:
|
||||||
cert_file = config['cert_file']
|
cert = None
|
||||||
cert_file_exists = os.path.isfile(cert_file)
|
if os.path.isfile(config['cert_file']):
|
||||||
if cert_file_exists:
|
cert = tools.read_pem_file(config['cert_file'])
|
||||||
cert = tools.read_pem_file(cert_file)
|
if not cert or not tools.is_cert_valid(cert, config['ttl_days']) or \
|
||||||
if not cert_file_exists or not tools.is_cert_valid(cert, config['ttl_days']):
|
('force_renew' in runtimeconfig and re.search(r'(^| ){}( |$)'.format(
|
||||||
|
re.escape(runtimeconfig['force_renew'])), config['domains'])):
|
||||||
cert_get(config)
|
cert_get(config)
|
||||||
|
|
||||||
for cfg in config['actions']:
|
for cfg in config['actions']:
|
||||||
if not tools.target_is_current(cfg['path'], cert_file):
|
if not tools.target_is_current(cfg['path'], config['cert_file']):
|
||||||
print("Updating '{}' due to newer version".format(cfg['path']))
|
print("Updating '{}' due to newer version".format(cfg['path']))
|
||||||
actions.add(cert_put(cfg))
|
actions.add(cert_put(cfg))
|
||||||
|
|
||||||
|
@ -201,6 +201,8 @@ def load():
|
|||||||
help="persistent work data directory (default=config_dir)")
|
help="persistent work data directory (default=config_dir)")
|
||||||
parser.add_argument("--authority-tos-agreement", "--tos-agreement", "--tos", nargs="?",
|
parser.add_argument("--authority-tos-agreement", "--tos-agreement", "--tos", nargs="?",
|
||||||
help="Agree to the authorities Terms of Service (value required depends on authority)")
|
help="Agree to the authorities Terms of Service (value required depends on authority)")
|
||||||
|
parser.add_argument("--force-renew", "--renew-now", nargs="?",
|
||||||
|
help="Renew all domain configurations matching the given value immediately")
|
||||||
args = parser.parse_args()
|
args = parser.parse_args()
|
||||||
|
|
||||||
# Determine global configuration file
|
# Determine global configuration file
|
||||||
@ -243,6 +245,14 @@ def load():
|
|||||||
else:
|
else:
|
||||||
runtimeconfig['authority_tos_agreement'] = None
|
runtimeconfig['authority_tos_agreement'] = None
|
||||||
|
|
||||||
|
# - force-rewew
|
||||||
|
if args.force_renew:
|
||||||
|
domaintranslation = idna_convert(args.force_renew.split(' '))
|
||||||
|
if len(domaintranslation) > 0:
|
||||||
|
runtimeconfig['force_renew'] = ' '.join(domaintranslation.values())
|
||||||
|
else:
|
||||||
|
runtimeconfig['force_renew'] = args.force_renew
|
||||||
|
|
||||||
# Global configuration: Load from file
|
# Global configuration: Load from file
|
||||||
globalconfig = dict()
|
globalconfig = dict()
|
||||||
if os.path.isfile(global_config_file):
|
if os.path.isfile(global_config_file):
|
||||||
|
Loading…
Reference in New Issue
Block a user