def request_certificate(self):
logger.debug('[certificate][%s] Requesting new keys for %s ' % (self.service.name, self.domains))
if not self.lock():
logger.debug('[certificate][%s] failed to acquire lock for keys generation' % self.service.name)
return False
try:
data = certificate_provider.get_certificate(self.service.id, self.domains)
with open(data['private_key'], 'r') as f:
self.private_key = f.read()
f.close()
consul.kv.put('vergilius/certificates/%s/private_key' % self.service.id, self.private_key)
with open(data['public_key'], 'r') as f:
self.public_key = f.read()
f.close()
consul.kv.put('vergilius/certificates/%s/public_key' % self.service.id, self.public_key)
self.expires = data['expires']
self.key_domains = self.serialize_domains()
consul.kv.put('vergilius/certificates/%s/expires' % self.service.id, str(self.expires))
consul.kv.put('vergilius/certificates/%s/key_domains' % self.service.id, self.serialize_domains())
logger.info('[certificate][%s]: got new keys for %s ' % (self.service.name, self.domains))
self.write_certificate_files()
except Exception as e:
logger.error(e)
raise e
finally:
self.unlock()
def release(service):
if allocated.get(service.id):
try:
del allocated[service.id]
consul.kv.delete(consul_port_key(service))
except Exception:
logger.error('[service][%s]: deleting service port from consul is failed' % service.id)
def flush_nginx_config(self):
if not self.validate():
logger.error('[service][%s]: failed to validate nginx config!' %
self.id)
return False
has_changes = False
for config_type in self.get_config_types():
nginx_config = self.get_nginx_config(config_type)
deployed_nginx_config = None
try:
deployed_nginx_config = self.read_nginx_config_file(
config_type)
except IOError:
pass
if deployed_nginx_config != nginx_config:
config_file = open(self.get_nginx_config_path(config_type),
'w+')
config_file.write(nginx_config)
config_file.close()
has_changes = True
if has_changes:
NginxReloader.queue_reload()
logger.info('[service][%s]: got new nginx config' % self.name)
def watch(self):
index = None
while True and self.active:
try:
index, data = yield consul_tornado.health.service(self.id,
index,
wait=None,
passing=True)
self.parse_data(data)
except ConsulException as e:
logger.error('consul exception: %s' % e)
except base.Timeout:
pass
def delete(self):
"""
Destroy service, remove nginx config, stop watcher
"""
logger.info('[service][%s]: deleting' % self.name)
self.active = False
self.release_port()
for config_type in self.get_config_types():
try:
os.remove(self.get_nginx_config_path(config_type))
except OSError:
logger.error('[service][%s]: deleting nginx config is failed' %
self.id)
return false
return true
def flush_nginx_config(self):
if not self.validate():
logger.error('[service][%s]: failed to validate nginx config!' % self.id)
return False
nginx_config = self.get_nginx_config()
deployed_nginx_config = None
try:
deployed_nginx_config = self.read_nginx_config_file()
except IOError:
pass
if deployed_nginx_config != nginx_config:
config_file = open(self.get_nginx_config_path(), 'w+')
config_file.write(nginx_config)
config_file.close()
logger.info('[service][%s]: got new nginx config %s' % (self.name, self.get_nginx_config_path()))
NginxReloader.queue_reload()