moepman/acertmgr
1
0
Fork 0
mirror of https://github.com/moepman/acertmgr.git synced 2024-11-15 02:45:27 +01:00
Code Releases Activity

acertmgr: add force renew option to immediately renew a cert

Browse Source
This commit is contained in:
Kishi85 2019-03-27 15:31:15 +01:00
parent dfaca3b58f
commit bd27db4ebd
2 changed files with 19 additions and 7 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

16
acertmgr/__init__.py
View File

@ -11,6 +11,7 @@ import importlib
import io import io
import os import os
import pwd import pwd
import re
import stat import stat
import subprocess import subprocess
@ -150,15 +151,16 @@ def main():
# check certificate validity and obtain/renew certificates if needed # check certificate validity and obtain/renew certificates if needed
for config in domainconfigs: for config in domainconfigs:
cert_file = config['cert_file'] cert = None
cert_file_exists = os.path.isfile(cert_file) if os.path.isfile(config['cert_file']):
if cert_file_exists: cert = tools.read_pem_file(config['cert_file'])
cert = tools.read_pem_file(cert_file) if not cert or not tools.is_cert_valid(cert, config['ttl_days']) or \
if not cert_file_exists or not tools.is_cert_valid(cert, config['ttl_days']): ('force_renew' in runtimeconfig and re.search(r'(^| ){}( |$)'.format(
cert_get(config) re.escape(runtimeconfig['force_renew'])), config['domains'])):
cert_get(config)
for cfg in config['actions']: for cfg in config['actions']:
if not tools.target_is_current(cfg['path'], cert_file): if not tools.target_is_current(cfg['path'], config['cert_file']):
print("Updating '{}' due to newer version".format(cfg['path'])) print("Updating '{}' due to newer version".format(cfg['path']))
actions.add(cert_put(cfg)) actions.add(cert_put(cfg))

10
acertmgr/configuration.py
View File

@ -201,6 +201,8 @@ def load():
help="persistent work data directory (default=config_dir)") help="persistent work data directory (default=config_dir)")
parser.add_argument("--authority-tos-agreement", "--tos-agreement", "--tos", nargs="?", parser.add_argument("--authority-tos-agreement", "--tos-agreement", "--tos", nargs="?",
help="Agree to the authorities Terms of Service (value required depends on authority)") help="Agree to the authorities Terms of Service (value required depends on authority)")
parser.add_argument("--force-renew", "--renew-now", nargs="?",
help="Renew all domain configurations matching the given value immediately")
args = parser.parse_args() args = parser.parse_args()
# Determine global configuration file # Determine global configuration file
@ -243,6 +245,14 @@ def load():
else: else:
runtimeconfig['authority_tos_agreement'] = None runtimeconfig['authority_tos_agreement'] = None
# - force-rewew
if args.force_renew:
domaintranslation = idna_convert(args.force_renew.split(' '))
if len(domaintranslation) > 0:
runtimeconfig['force_renew'] = ' '.join(domaintranslation.values())
else:
runtimeconfig['force_renew'] = args.force_renew
# Global configuration: Load from file # Global configuration: Load from file
globalconfig = dict() globalconfig = dict()
if os.path.isfile(global_config_file): if os.path.isfile(global_config_file):