def request_certificate(self): logger.debug('[certificate][%s] Requesting new keys for %s ' % (self.service.name, self.domains)) if not self.lock(): logger.debug('[certificate][%s] failed to acquire lock for keys generation' % self.service.name) return False try: data = certificate_provider.get_certificate(self.service.id, self.domains) with open(data['private_key'], 'r') as f: self.private_key = f.read() f.close() consul.kv.put('vergilius/certificates/%s/private_key' % self.service.id, self.private_key) with open(data['public_key'], 'r') as f: self.public_key = f.read() f.close() consul.kv.put('vergilius/certificates/%s/public_key' % self.service.id, self.public_key) self.expires = data['expires'] self.key_domains = self.serialize_domains() consul.kv.put('vergilius/certificates/%s/expires' % self.service.id, str(self.expires)) consul.kv.put('vergilius/certificates/%s/key_domains' % self.service.id, self.serialize_domains()) logger.info('[certificate][%s]: got new keys for %s ' % (self.service.name, self.domains)) self.write_certificate_files() except Exception as e: logger.error(e) raise e finally: self.unlock()
def load_keys_from_consul(self, data=None): if data: for item in data: key = item['Key'].replace('vergilius/certificates/%s/' % self.service.id, '') if hasattr(self, key): setattr(self, key, item['Value']) if not self.validate(): logger.warn('[certificate][%s]: cant validate existing keys' % self.service.id) return False else: logger.debug('[certificate][%s]: using existing keys' % self.service.id) else: logger.warn('[certificate][%s]: cant find certificate in consul' % self.service.id) return False self.write_certificate_files() return True
def load_keys_from_consul(self, data=None): if data: for item in data: key = item['Key'].replace('vergilius/certificates/%s/' % self.service.id, '') if hasattr(self, key): setattr(self, key, item['Value']) if not self.validate(): logger.warn('[certificate][%s]: cant validate existing keys' % self.service.id) self.discard_certificate() if not self.request_certificate(): return False else: logger.debug('[certificate][%s]: using existing keys' % self.service.id) else: if not self.request_certificate(): return False self.write_certificate_files() return True
def allocate(service): get_ports_from_consul() if allocated.get(service.id): return allocated[service.id] min_port = PROXY_PORTS[0] max_port = PROXY_PORTS[1] port = False while min_port < max_port: if min_port not in allocated.values(): port = allocated[service.id] = min_port min_port += 1 break min_port += 1 if port: consul.kv.put(consul_port_key(service), str(port)) logger.debug('[service][%s]: got allocated port %s' % (service.name, port)) return port raise Exception('Failed to allocate port')