Exemple #1
0
class Cert(rqlite):
    def __init__(self):
        self.cli = CLI()

    def addCert(self, data):
        print("adding", data[0])
        response = self.execute([
            'INSERT INTO certs(domain,subdomain,fullchain,privkey,updated) VALUES(?, ?, ?, ?, ?)',
            data[0], data[1], data[2], data[3], data[4]
        ])
        print(json.dumps(response, indent=4, sort_keys=True))

    def updateCert(self, data):
        print("updating", data[0])
        response = self.execute([
            'UPDATE certs SET fullchain = ?,privkey = ?,updated = ? WHERE domain = ? AND subdomain =?',
            data[2], data[3], data[4], data[0], data[1]
        ])
        print(json.dumps(response, indent=4, sort_keys=True))

    def deleteCert(self, data):
        response = self.execute([
            'DELETE FROM certs WHERE domain=? and subdomain=?', data[0],
            data[1]
        ])
        print(json.dumps(response, indent=4, sort_keys=True))

    def getCert(self, fullDomain, domain, subdomain, email, update=False):
        directory = "https://acme-v02.api.letsencrypt.org/directory"
        #directory = "https://acme-staging-v02.api.letsencrypt.org/directory"
        try:
            client = simple_acme_dns.ACMEClient(
                domains=[fullDomain],
                email=email,
                directory=directory,
                nameservers=["8.8.8.8", "1.1.1.1"],
                new_account=True,
                generate_csr=True)
        except Exception as e:
            print(e)
            return False

        for acmeDomain, token in client.request_verification_tokens():
            print("adding {domain} --> {token}".format(domain=acmeDomain,
                                                       token=token))
            response = self.cli.addVHost(
                [domain, "_acme-challenge." + subdomain, 'TXT', token])
            if response is False: return False

        print("Waiting for dns propagation")
        try:
            if client.check_dns_propagation(timeout=1200):
                print("Requesting certificate")
                client.request_certificate()
                fullchain = client.certificate.decode()
                privkey = client.private_key.decode()
                if update is False:
                    self.addCert([
                        domain, subdomain, fullchain, privkey,
                        int(time.time())
                    ])
                else:
                    self.updateCert([
                        domain, subdomain, fullchain, privkey,
                        int(time.time())
                    ])
            else:
                print("Failed to issue certificate for " + str(client.domains))
                client.deactivate_account()
                return False
        except Exception as e:
            print(e)
            return False
        finally:
            self.cli.deleteVhost(
                [domain, "_acme-challenge." + subdomain, 'TXT'])

        return True

    def syncCerts(self, current, files, path):
        #certs removed from database
        for file in files:
            if file not in current:
                os.remove(path + file)
Exemple #2
0
        cli.addDomain(sys.argv[3:])
    elif sys.argv[2] == "list":
        cli.getTable("domains")
    elif sys.argv[2] == "del":
        cli.deleteDomain(sys.argv[3:])
elif sys.argv[1] == "vhost":
    if len(sys.argv) == 2:
        print(
            "vhost add <domain> <subdomain> <type> <value>\nvhost list\nvhost del <domain> <subdomain> <type>"
        )
    elif sys.argv[2] == "add":
        cli.addVHost(sys.argv[3:])
    elif sys.argv[2] == "list":
        cli.getTable("vhosts")
    elif sys.argv[2] == "del":
        cli.deleteVhost(sys.argv[3:])
elif sys.argv[1] == "pop":
    if len(sys.argv) == 2:
        print(
            "pop add <name> <v4> <latitude> <longitude>\npop list\npop del <name>"
        )
    elif sys.argv[2] == "add":
        cli.addPoP(sys.argv[3:])
    elif sys.argv[2] == "list":
        cli.getTable("pops")
    elif sys.argv[2] == "del":
        cli.deletePoP(sys.argv[3:])
elif sys.argv[1] == "cert":
    if len(sys.argv) == 2:
        print("cert del <domain> <subdomain>")
    elif sys.argv[2] == "del":