class Cert(rqlite):
def __init__(self):
self.cli = CLI()
def addCert(self, data):
print("adding", data[0])
response = self.execute([
'INSERT INTO certs(domain,subdomain,fullchain,privkey,updated) VALUES(?, ?, ?, ?, ?)',
data[0], data[1], data[2], data[3], data[4]
])
print(json.dumps(response, indent=4, sort_keys=True))
def updateCert(self, data):
print("updating", data[0])
response = self.execute([
'UPDATE certs SET fullchain = ?,privkey = ?,updated = ? WHERE domain = ? AND subdomain =?',
data[2], data[3], data[4], data[0], data[1]
])
print(json.dumps(response, indent=4, sort_keys=True))
def deleteCert(self, data):
response = self.execute([
'DELETE FROM certs WHERE domain=? and subdomain=?', data[0],
data[1]
])
print(json.dumps(response, indent=4, sort_keys=True))
def getCert(self, fullDomain, domain, subdomain, email, update=False):
directory = "https://acme-v02.api.letsencrypt.org/directory"
#directory = "https://acme-staging-v02.api.letsencrypt.org/directory"
try:
client = simple_acme_dns.ACMEClient(
domains=[fullDomain],
email=email,
directory=directory,
nameservers=["8.8.8.8", "1.1.1.1"],
new_account=True,
generate_csr=True)
except Exception as e:
print(e)
return False
for acmeDomain, token in client.request_verification_tokens():
print("adding {domain} --> {token}".format(domain=acmeDomain,
token=token))
response = self.cli.addVHost(
[domain, "_acme-challenge." + subdomain, 'TXT', token])
if response is False: return False
print("Waiting for dns propagation")
try:
if client.check_dns_propagation(timeout=1200):
print("Requesting certificate")
client.request_certificate()
fullchain = client.certificate.decode()
privkey = client.private_key.decode()
if update is False:
self.addCert([
domain, subdomain, fullchain, privkey,
int(time.time())
])
else:
self.updateCert([
domain, subdomain, fullchain, privkey,
int(time.time())
])
else:
print("Failed to issue certificate for " + str(client.domains))
client.deactivate_account()
return False
except Exception as e:
print(e)
return False
finally:
self.cli.deleteVhost(
[domain, "_acme-challenge." + subdomain, 'TXT'])
return True
def syncCerts(self, current, files, path):
#certs removed from database
for file in files:
if file not in current:
os.remove(path + file)
cli.addDomain(sys.argv[3:])
elif sys.argv[2] == "list":
cli.getTable("domains")
elif sys.argv[2] == "del":
cli.deleteDomain(sys.argv[3:])
elif sys.argv[1] == "vhost":
if len(sys.argv) == 2:
print(
"vhost add <domain> <subdomain> <type> <value>\nvhost list\nvhost del <domain> <subdomain> <type>"
)
elif sys.argv[2] == "add":
cli.addVHost(sys.argv[3:])
elif sys.argv[2] == "list":
cli.getTable("vhosts")
elif sys.argv[2] == "del":
cli.deleteVhost(sys.argv[3:])
elif sys.argv[1] == "pop":
if len(sys.argv) == 2:
print(
"pop add <name> <v4> <latitude> <longitude>\npop list\npop del <name>"
)
elif sys.argv[2] == "add":
cli.addPoP(sys.argv[3:])
elif sys.argv[2] == "list":
cli.getTable("pops")
elif sys.argv[2] == "del":
cli.deletePoP(sys.argv[3:])
elif sys.argv[1] == "cert":
if len(sys.argv) == 2:
print("cert del <domain> <subdomain>")
elif sys.argv[2] == "del":