def deploy_exim_cert(source_domain, target_domain, log=logger.Log(False)): """ Run deploy_file() on the key and certificate paths for the given domains. This needs to be run for each domain listed in a certificate as the target domain. Args: source_domain - The main domain of the certificate target_domain - A list of domains covered by the certificate log - An open log file """ deployed_cert = False deployed_key = False # Public Certificate source = source_cert_dir + '/' + source_domain + '/fullchain.pem' target = target_cert_dir + '/' + target_domain + '.pem' if not os.path.exists(source): log.log('Warning: no certificate found at ' + source) else: deployed_cert = deploy_file(source, target) # Private Key source = source_key_dir + '/' + source_domain + '/privkey.pem' target = target_key_dir + '/' + target_domain + '.pem' if not os.path.exists(source): log.log('Warning: no private key found at ' + source) else: deployed_key = deploy_file(source, target) return deployed_cert or deployed_key
def restart_service(version, log=logger.Log(False)): """ Restart a given PHP service. Args: version - The PHP subversion to start (such as 7.3) log (optional) - An open log file to log to """ service.restart('php-' + version + '-fpm', log)
def reload_init(log=logger.Log(False)): """ Reload services in systemd. Args: log - An open logger """ if use_systemctl: log.run(['systemctl', 'daemon-reload']) else: pass
def reload(service_name, log=logger.Log(False)): """ Reload a system service. Args: service_name - The name of the service to enable log - An open logger """ if use_systemctl: log.run(['systemctl', 'reload', service_name + '.service']) else: log.run(['service', service_name, 'reload'])
def stop(service_name, log=logger.Log(False)): """ Stop a system service. Args: service_name - The name of the service to enable log - An open logger """ if use_systemctl: log.run(['systemctl', 'stop', service_name + '.service']) else: log.run(['service', service_name, 'stop'])
def _install_prebuilt(slug, more): if not slug: print('Please specify slug being installed') if not more: print('Please specify version being installed') from libsw import build_index, logger if not slug: slug = build_index.select_slug("Select a package to (re)install it") slug = slug.lower() builder = build_index.get_builder(slug) builder.source_version = more[0] with open(builder.log_name(), 'w+') as log_output: log = logger.Log(log_output) builder.install(log)
def deploy_all_exim_domains(log=logger.Log(False)): """ Check each certificate in Let's Encrypt against the corresponding exim. If the one in LE is newer or if the one in exim does not yet exist, the certificate and private key are copied once for each mail subdomain into exim's certificate and key folders. Args: log - An open log file """ count = 0 for dom in email.get_mail_domains(): if deploy_exim_domain(dom, log): count += 1 return count
def deploy_exim_domain(domain, log=logger.Log(False)): """ Copies the certificate from Let's Encrypt to exim for each subdomain in the mail subdomain list. Args: domain - The main domain of the certificate log - An open log file """ deployed = False #TODO - read covered domains instead of using a set list for sub in get_mail_domain_list(domain): if deploy_exim_cert(domain, sub, log): deployed = True return deployed
def check(): """ Check for updates to certificates with Let's Encrypt and then push any updated files to exim as well as any users that require locally stored certificates. """ with open(settings.install_path + 'var/log/letsencrypt', 'w+') as log_file: log = logger.Log(log_file) log.run(['letsencrypt', 'renew']) local_count = deploy_locals() count = deploy_all_exim_domains(log) if count > 0: update_dovecot_ssl() nginx.reload() log.log('Deployed ' + str(count) + ' certificates')
def build(self): """ Download or update the source code, compile it and then install it. """ logfile = self.log_name() success = False old_pwd = os.getcwd() logdir = os.path.dirname(logfile) if not os.path.exists(logdir): os.makedirs(logdir) with open(logfile, 'w+') as open_log: log = logger.Log(open_log) log.log("Build started for " + self.slug + " at " + str(datetime.datetime.now())) source_url = self.get_source_url() if not is_frozen(self.slug): log.log('Fetching ' + source_url) self.fetch_source(source_url, log) os.chdir(self.source_dir()) log.log("Running pre-config") self.run_pre_config(log) log.log("Getting config arguments") command = self.populate_config_args(log) if len(command) > 0: log.log("Running configuration") if debug: log.log('CONFIG: ' + ' '.join(command)) log.run(command) log.log("Running make") make_ret_val = self.make(log) if make_ret_val != 0: # if not success log.log(self.slug + ' make command failed. Exiting.') else: log.log("Installing") self.install(log) log.log("Build completed for " + self.slug + " at " + str(datetime.datetime.now())) success = self.check_build() self.cleanup_old_versions(log) os.chdir(old_pwd) if not success: email.send_admin_logfile('Build failed for ' + self.slug, logfile) elif settings.get_bool('email_admin_on_build_success'): email.send_admin_log_clip('Build succeeded for ' + self.slug, logfile) return success, logfile
def _daemon(): from libsw import clamav, logger log = logger.Log() clamav.use_daemon_update(log)
def _offline(): from libsw import clamav, logger log = logger.Log() clamav.use_offline_update(log)