def account(config_path: str, directory_path: str): dnsrobocert_config = config.load(config_path) acme = dnsrobocert_config.get("acme", {}) email = acme.get("email_account") if not email: LOGGER.warning( "Parameter acme.email_account is not set, skipping ACME registration." ) return url = config.get_acme_url(dnsrobocert_config) utils.execute( [ sys.executable, "-m", "dnsrobocert.core.certbot", "register", *_DEFAULT_FLAGS, "--config-dir", directory_path, "--work-dir", os.path.join(directory_path, "workdir"), "--logs-dir", os.path.join(directory_path, "logs"), "-m", email, "--agree-tos", "--server", url, ], check=False, )
def certonly( config_path: str, directory_path: str, lineage: str, lock: threading.Lock, domains: Optional[List[str]] = None, force_renew: bool = False, reuse_key: bool = False, ): if not domains: return url = config.get_acme_url(config.load(config_path)) additional_params = [] if force_renew: additional_params.append("--force-renew") if reuse_key: additional_params.append("--reuse-key") for domain in domains: additional_params.append("-d") additional_params.append(domain) utils.execute( [ sys.executable, "-m", "dnsrobocert.core.certbot", "certonly", *_DEFAULT_FLAGS, "--config-dir", directory_path, "--work-dir", os.path.join(directory_path, "workdir"), "--logs-dir", os.path.join(directory_path, "logs"), "--manual", "--preferred-challenges=dns", "--manual-auth-hook", _hook_cmd("auth", config_path, lineage), "--manual-cleanup-hook", _hook_cmd("cleanup", config_path, lineage), "--expand", "--deploy-hook", _hook_cmd("deploy", config_path, lineage), "--server", url, "--cert-name", lineage, *additional_params, ], lock=lock, )
def _autocmd(certificate: Dict[str, Any]): autocmd = certificate.get("autocmd") if autocmd: if not os.path.exists("/var/run/docker.sock"): raise RuntimeError("Error, /var/run/docker.sock socket is missing.") for onecmd in autocmd: command = onecmd.get("cmd") containers = onecmd.get("containers", []) for container in containers: utils.execute(["docker", "exec", container, command])
def _autocmd(certificate: Dict[str, Any]): autocmd = certificate.get("autocmd") if autocmd: if not os.path.exists("/var/run/docker.sock"): raise RuntimeError("Error, /var/run/docker.sock socket is missing.") for onecmd in autocmd: command = onecmd.get("cmd") containers = onecmd.get("containers", []) for container in containers: if isinstance(command, list): utils.execute(["docker", "exec", container, *command]) else: utils.execute(f"docker exec {container} {command}", shell=True)
def renew(config_path: str, directory_path: str): dnsrobocert_config = config.load(config_path) if dnsrobocert_config: utils.execute([ sys.executable, "-m", "dnsrobocert.core.certbot", "renew", *_DEFAULT_FLAGS, "--config-dir", directory_path, "--deploy-hook", _hook_cmd("deploy", config_path), "--work-dir", os.path.join(directory_path, "workdir"), "--logs-dir", os.path.join(directory_path, "logs"), ])
def revoke(config_path: str, directory_path: str, lineage: str): url = config.get_acme_url(config.load(config_path)) utils.execute([ sys.executable, "-m", "dnsrobocert.core.certbot", "revoke", "-n", "--config-dir", directory_path, "--work-dir", os.path.join(directory_path, "workdir"), "--logs-dir", os.path.join(directory_path, "logs"), "--server", url, "--cert-path", os.path.join(directory_path, "live", lineage, "cert.pem"), ])
def _autorestart(certificate: Dict[str, Any]): autorestart = certificate.get("autorestart") if autorestart: if not os.path.exists("/var/run/docker.sock") and not os.path.exists( "/run/podman/podman.sock" ): raise RuntimeError( "Error, /var/run/docker.sock and /run/podman/podman.sock sockets are missing." ) if os.path.exists("/var/run/docker.sock"): for onerestart in autorestart: containers = onerestart.get("containers", []) for container in containers: utils.execute(["docker", "restart", container]) swarm_services = onerestart.get("swarm_services", []) for service in swarm_services: utils.execute( [ "docker", "service", "update", "--detach=false", "--force", service, ] ) if os.path.exists("/run/podman/podman.sock"): for onerestart in autorestart: containers = onerestart.get("podman_containers", []) for container in containers: utils.execute(["podman", "--remote", "restart", container])