def textappend(self, path, content):
"""
Append content to a file
"""
Log.debug(self, "Writing content in {0}".format(path))
try:
with open("{0}".format(path),
encoding='utf-8', mode='a') as final_file:
final_file.write('{0}'.format(content))
except IOError as e:
Log.debug(self, "{0}".format(e))
Log.error(self, "Unable to write content in {0}".format(path))
def mkdir(self, path):
"""
create directories.
path : path for directory to be created
Similar to `mkdir -p`
"""
try:
Log.debug(self, "Creating directories: {0}".format(path))
os.makedirs(path)
except OSError as e:
Log.debug(self, "{0}".format(e.strerror))
Log.error(self, "Unable to create directory {0} ".format(path))
def chdir(self, path):
"""
Change Directory to path specified
Path : path for destination directory
"""
try:
Log.debug(self, "Changing directory to {0}"
.format(path))
os.chdir(path)
except OSError as e:
Log.debug(self, "{err}".format(err=e.strerror))
Log.error(self, 'Unable to Change Directory {0}'.format(path))
def clone(self, repo, path, branch='master'):
"""Equivalent to git clone """
if not os.path.exists('{0}'.format(path)):
global git
try:
git.clone('{0}'.format(repo), '{0}'.format(path),
'--branch={0}'.format(branch), '--depth=1')
except ErrorReturnCode as e:
Log.debug(self, "{0}".format(e))
Log.error(self, "Unable to git clone at {0} ".format(path))
else:
Log.debug(self, "WOGit: Path {0} already exist".format(path))
def renew(self, domain):
"""Renew letsencrypt certificate with acme.sh"""
# check acme.sh is installed
WOAcme.check_acme(self)
try:
WOShellExec.cmd_exec(
self, "{0} ".format(WOAcme.wo_acme_exec) +
"--renew -d {0} --ecc --force".format(domain))
except CommandExecutionError as e:
Log.debug(self, str(e))
Log.error(self, 'Unable to renew certificate')
return True
def extract(self, file, path):
"""Function to extract tar.gz file"""
try:
tar = tarfile.open(file)
tar.extractall(path=path)
tar.close()
os.remove(file)
return True
except tarfile.TarError as e:
Log.debug(self, "{0}".format(e))
Log.error(self, 'Unable to extract file \{0}'.format(file))
return False
def isexist(self, path):
"""
Check if file exist on given path
"""
try:
if os.path.exists(path):
return (True)
else:
return (False)
except OSError as e:
Log.debug(self, "{0}".format(e.strerror))
Log.error(self, "Unable to check path {0}".format(path))
def default(self):
pargs = self.app.pargs
filename = "woupdate" + time.strftime("%Y%m%d-%H%M%S")
install_args = ""
wo_branch = "master"
if pargs.mainline or pargs.beta:
wo_branch = "mainline"
install_args = install_args + "--mainline "
elif pargs.branch:
wo_branch = pargs.branch
install_args = install_args + "-b {0} ".format(wo_branch)
if pargs.force:
install_args = install_args + "--force "
if pargs.travis:
install_args = install_args + "--travis "
wo_branch = "updating-configuration"
if ((not pargs.force) and (not pargs.travis) and (not pargs.mainline)
and (not pargs.beta) and (not pargs.branch)):
wo_current = ("v{0}".format(WOVar.wo_version))
wo_latest = WODownload.latest_release(self, "WordOps/WordOps")
if wo_current == wo_latest:
Log.error(self,
"WordOps {0} is already installed".format(wo_latest))
if not os.path.isdir('/var/lib/wo/tmp'):
os.makedirs('/var/lib/wo/tmp')
WODownload.download(self, [[
"https://raw.githubusercontent.com/"
"WordOps/WordOps/{0}/install".format(wo_branch),
"/var/lib/wo/tmp/{0}".format(filename), "update script"
]])
if os.path.isfile('install'):
Log.info(self, "updating WordOps from local install\n")
try:
Log.info(self, "updating WordOps, please wait...")
os.system("/bin/bash install --travis")
except OSError as e:
Log.debug(self, str(e))
Log.error(self, "WordOps update failed !")
else:
try:
Log.info(self, "updating WordOps, please wait...")
os.system("/bin/bash /var/lib/wo/tmp/{0} "
"{1}".format(filename, install_args))
except OSError as e:
Log.debug(self, str(e))
Log.error(self, "WordOps update failed !")
os.remove("/var/lib/wo/tmp/{0}".format(filename))
def import_slow_log(self):
"""Default function for import slow log"""
if os.path.isdir("{0}22222/htdocs/db/anemometer".format(
WOVariables.wo_webroot)):
if os.path.isfile("/var/log/mysql/mysql-slow.log"):
# Get Anemometer user name and password
Log.info(self, "Importing MySQL slow log to Anemometer")
host = os.popen("grep -e \"\'host\'\" {0}22222/htdocs/".format(
WOVariables.wo_webroot) +
"db/anemometer/conf/config.inc.php "
"| head -1 | cut -d\\\' -f4 | "
"tr -d '\n'").read()
user = os.popen("grep -e \"\'user\'\" {0}22222/htdocs/".format(
WOVariables.wo_webroot) +
"db/anemometer/conf/config.inc.php "
"| head -1 | cut -d\\\' -f4 | "
"tr -d '\n'").read()
password = os.popen("grep -e \"\'password\'\" {0}22222/".
format(WOVariables.wo_webroot) +
"htdocs/db/anemometer/conf"
"/config.inc.php "
"| head -1 | cut -d\\\' -f4 | "
"tr -d '\n'").read()
# Import slow log Anemometer using pt-query-digest
try:
WOShellExec.cmd_exec(
self, "pt-query-digest --user={0} "
"--password={1} "
"--review D=slow_query_log,"
"t=global_query_review "
"--history D=slow_query_log,t="
"global_query_review_history "
"--no-report --limit=0% "
"--filter=\" \\$event->{{Bytes}} = "
"length(\\$event->{{arg}}) "
"and \\$event->{{hostname}}=\\\""
"{2}\\\"\" "
"/var/log/mysql/mysql-slow.log".format(
user, password, host))
except CommandExecutionError as e:
Log.debug(self, str(e))
Log.error(self, "MySQL slow log import failed.")
else:
Log.error(
self, "MySQL slow log file not found,"
" so not imported slow logs")
else:
Log.error(
self, "Anemometer is not installed." + Log.ENDC +
"\n Install Anemometer with:" + Log.BOLD +
"\n `wo stack install --utils`" + Log.ENDC)
def mvfile(self, src, dst):
"""
Moves file from source path to destination path
src : source path
dst : Destination path
"""
try:
Log.debug(self, "Moving file from {0} to {1}".format(src, dst))
shutil.move(src, dst)
except Exception as e:
Log.debug(self, "{err}".format(err=e))
Log.error(self,
'Unable to move file from {0} to {1}'.format(src, dst))
def auto_clean(self):
"""
Similar to `apt-get autoclean`
"""
try:
orig_out = sys.stdout
sys.stdout = open(self.app.config.get('log.logging', 'file'),
encoding='utf-8', mode='a')
apt_get.autoclean("-y")
sys.stdout = orig_out
except ErrorReturnCode as e:
Log.debug(self, "{0}".format(e))
Log.error(self, "Unable to apt-get autoclean")
def setcron_weekly(self, cmd, comment='Cron set by WordOps', user='******',
min=0, hour=12):
if not WOShellExec.cmd_exec(self, "crontab -l "
"| grep -q \'{0}\'".format(cmd)):
WOShellExec.cmd_exec(self, "/bin/bash -c \"crontab -l "
"2> /dev/null | {{ cat; echo -e"
" \\\""
"\\n0 0 * * 0 "
"{0}".format(cmd) +
" # {0}".format(comment) +
"\\\"; } | crontab -\"")
Log.debug(self, "Cron set")
def debug_fpm(self):
"""Start/Stop PHP5-FPM debug"""
# PHP5-FPM start global debug
if (self.app.pargs.fpm == 'on' and not self.app.pargs.site_name):
if not WOShellExec.cmd_exec(
self, "grep \"log_level = debug\" "
"/etc/{0}/"
"fpm/php-fpm.conf".format("php/7.2")):
Log.info(self, "Setting up PHP5-FPM log_level = debug")
config = configparser.ConfigParser()
config.read('/etc/{0}/fpm/php-fpm.conf'.format("php/7.2"))
config.remove_option('global', 'include')
config['global']['log_level'] = 'debug'
config['global'][
'include'] = '/etc/{0}/fpm/pool.d/*.conf'.format("php/7.2")
with open('/etc/{0}/fpm/php-fpm.conf'.format("php/7.2"),
encoding='utf-8',
mode='w') as configfile:
Log.debug(
self, "Writting php5-FPM configuration into "
"/etc/{0}/fpm/php-fpm.conf".format("php/7.2"))
config.write(configfile)
self.trigger_php = True
else:
Log.info(self, "PHP5-FPM log_level = debug already setup")
self.msg = self.msg + ['/var/log/{0}/fpm.log'.format("php/7.2")]
# PHP5-FPM stop global debug
elif (self.app.pargs.fpm == 'off' and not self.app.pargs.site_name):
if WOShellExec.cmd_exec(
self, "grep \"log_level = debug\" "
"/etc/{0}/fpm/php-fpm.conf".format("php/7.2")):
Log.info(self, "Disabling PHP5-FPM log_level = debug")
config = configparser.ConfigParser()
config.read('/etc/{0}/fpm/php-fpm.conf'.format("php/7.2"))
config.remove_option('global', 'include')
config['global']['log_level'] = 'notice'
config['global'][
'include'] = '/etc/{0}/fpm/pool.d/*.conf'.format("php/7.2")
with open('/etc/{0}/fpm/php-fpm.conf'.format("php/7.2"),
encoding='utf-8',
mode='w') as configfile:
Log.debug(
self, "writting php5 configuration into "
"/etc/{0}/fpm/php-fpm.conf".format("php/7.2"))
config.write(configfile)
self.trigger_php = True
else:
Log.info(self, "PHP5-FPM log_level = debug already disabled")
def add_key(self, keyid, keyserver=None):
"""
This function adds imports repository keys from keyserver.
default keyserver is hkp://keyserver.ubuntu.com
user can provide other keyserver with keyserver="hkp://xyz"
"""
try:
WOShellExec.cmd_exec(
self, "apt-key adv --keyserver {serv}".format(
serv=(keyserver or "hkp://keyserver.ubuntu.com")) +
" --recv-keys {key}".format(key=keyid))
except Exception as e:
Log.debug(self, "{0}".format(e))
Log.error(self, "Unable to import repo key")
def default(self):
filename = "woupdate" + time.strftime("%Y%m%d-%H%M%S")
WODownload.download(self, [["https://raw.githubusercontent.com/WordOps/WordOps/master/install",
"/tmp/{0}".format(filename),
"update script"]])
try:
Log.info(self, "updating WordOps, please wait...")
os.system("bash /tmp/{0}".format(filename))
except OSError as e:
Log.debug(self, str(e))
Log.error(self, "WordOps update failed !")
except Exception as e:
Log.debug(self, str(e))
Log.error(self, "WordOps update failed !")
def grep(self, fnm, sstr):
"""
Searches for string in file and returns the matched line.
"""
try:
Log.debug(self, "Finding string {0} to file {1}".format(sstr, fnm))
for line in open(fnm, encoding='utf-8'):
if sstr in line:
return line
return False
except OSError as e:
Log.debug(self, "{0}".format(e.strerror))
Log.error(self,
"Unable to Search string {0} in {1}".format(sstr, fnm))
def setupletsencrypt(self, acme_domains, acmedata):
"""Issue SSL certificates with acme.sh"""
all_domains = '\' -d \''.join(acme_domains)
wo_acme_dns = acmedata['acme_dns']
keylenght = acmedata['keylength']
if acmedata['dns'] is True:
acme_mode = "--dns {0}".format(wo_acme_dns)
validation_mode = "DNS mode with {0}".format(wo_acme_dns)
if acmedata['dnsalias'] is True:
acme_mode = acme_mode + \
" --challenge-alias {0}".format(acmedata['acme_alias'])
else:
acme_mode = "-w /var/www/html"
validation_mode = "Webroot challenge"
Log.debug(self, "Validation : Webroot mode")
if not os.path.isdir('/var/www/html/.well-known/acme-challenge'):
WOFileUtils.mkdir(self,
'/var/www/html/.well-known/acme-challenge')
WOFileUtils.chown(self,
'/var/www/html/.well-known',
'www-data',
'www-data',
recursive=True)
WOFileUtils.chmod(self,
'/var/www/html/.well-known',
0o750,
recursive=True)
Log.info(self, "Validation mode : {0}".format(validation_mode))
Log.wait(self, "Issuing SSL cert with acme.sh")
if not WOShellExec.cmd_exec(
self, "{0} ".format(WOAcme.wo_acme_exec) +
"--issue -d '{0}' {1} -k {2} -f".format(
all_domains, acme_mode, keylenght)):
Log.failed(self, "Issuing SSL cert with acme.sh")
if acmedata['dns'] is True:
Log.error(
self, "Please make sure your properly "
"set your DNS API credentials for acme.sh")
return False
else:
Log.error(
self, "Your domain is properly configured "
"but acme.sh was unable to issue certificate.\n"
"You can find more informations in "
"/var/log/wo/wordops.log")
return False
else:
Log.valide(self, "Issuing SSL cert with acme.sh")
return True
def httpsredirect(self, wo_domain_name, acme_domains, redirect=True):
"""Create Nginx redirection from http to https"""
wo_acme_domains = ' '.join(acme_domains)
if redirect:
Log.wait(self, "Adding HTTPS redirection")
if WOFileUtils.enabledisable(
self,
'/etc/nginx/conf.d/force-ssl-{0}.conf'.format(
wo_domain_name),
enable=True):
Log.valide(self, "Adding HTTPS redirection")
return 0
else:
try:
sslconf = open(
"/etc/nginx/conf.d/force-ssl-{0}.conf".format(
wo_domain_name),
encoding='utf-8',
mode='w')
sslconf.write(
"server {\n"
"\tlisten 80;\n" + "\tlisten [::]:80;\n" +
"\tserver_name {0};\n".format(wo_acme_domains) +
"\treturn 301 https://$host"
"$request_uri;\n}")
sslconf.close()
except IOError as e:
Log.debug(self, str(e))
Log.debug(
self, "Error occured while generating "
"/etc/nginx/conf.d/force-ssl-{0}.conf".format(
wo_domain_name))
return 1
Log.valide(self, "Adding HTTPS redirection")
return 0
else:
if WOFileUtils.enabledisable(
self,
"/etc/nginx/conf.d/force-ssl-{0}.conf".format(
wo_domain_name),
enable=False):
Log.info(
self, "Disabled HTTPS Force Redirection for site "
"{0}".format(wo_domain_name))
else:
Log.info(
self, "HTTPS redirection already disabled for site"
"{0}".format(wo_domain_name))
return 0
def connect(self):
# Makes connection with MySQL server
try:
if os.path.exists('/etc/mysql/conf.d/my.cnf'):
connection = pymysql.connect(
read_default_file='/etc/mysql/conf.d/my.cnf')
else:
connection = pymysql.connect(read_default_file='~/.my.cnf')
return connection
except ValueError as e:
Log.debug(self, str(e))
raise MySQLConnectionError
except pymysql.err.InternalError as e:
Log.debug(self, str(e))
raise MySQLConnectionError
def secure_ssh_port(self):
"""Change SSH port"""
WOGit.add(self, ["/etc/ssh"],
msg="Adding changed SSH port into Git")
pargs = self.app.pargs
if pargs.user_input:
while ((not pargs.user_input.isdigit()) and
(not pargs.user_input < 65536)):
Log.info(self, "Please enter a valid port number ")
pargs.user_input = input("Server "
"SSH port [22]:")
if not pargs.user_input:
port = input("Server SSH port [22]:")
if port == "":
port = 22
while (not port.isdigit()) and (port != "") and (not port < 65536):
Log.info(self, "Please Enter valid port number :")
port = input("Server SSH port [22]:")
pargs.user_input = port
if WOFileUtils.grepcheck(self, '/etc/ssh/sshd_config', '#Port'):
WOShellExec.cmd_exec(self, "sed -i \"s/#Port.*/Port "
"{port}/\" /etc/ssh/sshd_config"
.format(port=pargs.user_input))
else:
WOShellExec.cmd_exec(self, "sed -i \"s/Port.*/Port "
"{port}/\" /etc/ssh/sshd_config"
.format(port=pargs.user_input))
# allow new ssh port if ufw is enabled
if os.path.isfile('/etc/ufw/ufw.conf'):
# add rule for proftpd with UFW
if WOFileUtils.grepcheck(
self, '/etc/ufw/ufw.conf', 'ENABLED=yes'):
try:
WOShellExec.cmd_exec(
self, 'ufw limit {0}'.format(pargs.user_input))
WOShellExec.cmd_exec(
self, 'ufw reload')
except Exception as e:
Log.debug(self, "{0}".format(e))
Log.error(self, "Unable to add UFW rule")
# add ssh into git
WOGit.add(self, ["/etc/ssh"],
msg="Adding changed SSH port into Git")
# restart ssh service
if not WOService.restart_service(self, 'ssh'):
Log.error(self, "service SSH restart failed.")
Log.info(self, "Successfully changed SSH port to {port}"
.format(port=pargs.user_input))
def default(self):
try:
Log.info(self, "updating apt-cache, please wait...")
WOAptGet.update(self)
Log.info(self, "updating packages, please wait...")
WOAptGet.dist_upgrade(self)
Log.info(self, "cleaning-up packages, please wait...")
WOAptGet.auto_remove(self)
WOAptGet.auto_clean(self)
except OSError as e:
Log.debug(self, str(e))
Log.error(self, "Package updates failed !")
except Exception as e:
Log.debug(self, str(e))
Log.error(self, "Packages updates failed !")
def latest_release(self, repository, name=False):
"""Get the latest release number of a GitHub repository.\n
repository format should be: \"user/repo\""""
try:
req = requests.get(
'https://api.github.com/repos/{0}/releases/latest'.format(
repository),
timeout=(5, 30))
github_json = req.json()
except requests.RequestException as e:
Log.debug(self, str(e))
Log.error(self, "Unable to query GitHub API")
if name:
return github_json["name"]
else:
return github_json["tag_name"]
def check_dns(self, acme_domains):
"""Check if a list of domains point to the server IP"""
server_ip = requests.get('http://v4.wordops.eu/').text
for domain in acme_domains:
domain_ip = requests.get(
'http://v4.wordops.eu/dns/{0}/'.format(domain)).text
if (not domain_ip == server_ip):
Log.warn(
self,
"{0} is not pointing to your server IP".format(domain))
Log.error(self, "You have to add the "
"proper DNS record", False)
return False
else:
Log.debug(self, "DNS record are properly set")
return True
def removeconf(self, domain):
sslconf = ("/var/www/{0}/conf/nginx/ssl.conf"
.format(domain))
sslforce = ("/etc/nginx/conf.d/force-ssl-{0}.conf"
.format(domain))
acmedir = [
'{0}'.format(sslforce), '{0}'.format(sslconf),
'{0}/{1}_ecc'.format(WOVar.wo_ssl_archive, domain),
'{0}.disabled'.format(sslconf), '{0}.disabled'
.format(sslforce), '{0}/{1}'
.format(WOVar.wo_ssl_live, domain),
'/etc/letsencrypt/shared/{0}.conf'.format(domain)]
wo_domain = domain
# check acme.sh is installed
WOAcme.check_acme(self)
if WOAcme.cert_check(self, wo_domain):
Log.info(self, "Removing Acme configuration")
Log.debug(self, "Removing Acme configuration")
try:
WOShellExec.cmd_exec(
self, "{0} ".format(WOAcme.wo_acme_exec) +
"--remove -d {0} --ecc".format(domain))
except CommandExecutionError as e:
Log.debug(self, "{0}".format(e))
Log.error(self, "Cert removal failed")
# remove all files and directories
for dir in acmedir:
if os.path.exists('{0}'.format(dir)):
WOFileUtils.rm(self, '{0}'.format(dir))
# find all broken symlinks
WOFileUtils.findBrokenSymlink(self, "/var/www")
else:
if os.path.islink("{0}".format(sslconf)):
WOFileUtils.remove_symlink(self, "{0}".format(sslconf))
WOFileUtils.rm(self, '{0}'.format(sslforce))
if WOFileUtils.grepcheck(self, '/var/www/22222/conf/nginx/ssl.conf',
'{0}'.format(domain)):
Log.info(
self, "Setting back default certificate for WordOps backend")
with open("/var/www/22222/conf/nginx/"
"ssl.conf", "w") as ssl_conf_file:
ssl_conf_file.write("ssl_certificate "
"/var/www/22222/cert/22222.crt;\n"
"ssl_certificate_key "
"/var/www/22222/cert/22222.key;\n")
def deleteSiteInfo(self, site):
"""Delete site record in database"""
try:
q = SiteDB.query.filter(SiteDB.sitename == site).first()
except Exception as e:
Log.debug(self, "{0}".format(e))
Log.error(self, "Unable to query database")
if not q:
Log.error(self, "{0} does not exist in database".format(site))
try:
db_session.delete(q)
db_session.commit()
except Exception as e:
Log.debug(self, "{0}".format(e))
Log.error(self, "Unable to delete site from application database.")
def start_service(self, service_name):
"""
start service
Similar to `service xyz start`
"""
try:
if service_name in ['nginx']:
Log.wait(self, "Testing Nginx configuration ")
# Check Nginx configuration before executing command
sub = subprocess.Popen('nginx -t',
stdout=subprocess.PIPE,
stderr=subprocess.PIPE,
shell=True)
output = sub.communicate()
if 'emerg' not in str(output):
Log.valide(self, "Testing Nginx configuration ")
Log.wait(self, "Starting Nginx")
service_cmd = ('service {0} start'.format(service_name))
retcode = subprocess.getstatusoutput(service_cmd)
if retcode[0] == 0:
Log.valide(self, "Starting Nginx ")
return True
else:
Log.failed(self, "Starting Nginx")
else:
Log.failed(self, "Testing Nginx configuration ")
return False
else:
service_cmd = ('service {0} start'.format(service_name))
Log.info(self, "Start : {0:10}".format(service_name), end='')
retcode = subprocess.getstatusoutput(service_cmd)
if retcode[0] == 0:
Log.info(
self, "[" + Log.ENDC + Log.OKGREEN + "OK" + Log.ENDC +
Log.OKBLUE + "]")
return True
else:
Log.debug(self, "{0}".format(retcode[1]))
Log.info(self,
"[" + Log.FAIL + "Failed" + Log.OKBLUE + "]")
return False
except OSError as e:
Log.debug(self, "{0}".format(e))
Log.error(self,
"\nFailed to start service {0}".format(service_name))
def grepcheck(self, fnm, sstr):
"""
Searches for string in file and returns True or False.
"""
if os.path.isfile('{0}'.format(fnm)):
try:
Log.debug(self, "Finding string {0} to file {1}"
.format(sstr, fnm))
for line in open(fnm, encoding='utf-8'):
if sstr in line:
return True
return False
except OSError as e:
Log.debug(self, "{0}".format(e.strerror))
Log.error(self, "Unable to Search string {0} in {1}"
.format(sstr, fnm))
return False
def selfsignedcert(self, proftpd=False, backend=False):
"""issue a self-signed certificate"""
selfs_tmp = '/var/lib/wo/tmp/selfssl'
# create self-signed tmp directory
if not os.path.isdir(selfs_tmp):
WOFileUtils.mkdir(self, selfs_tmp)
try:
WOShellExec.cmd_exec(
self, "openssl genrsa -out "
"{0}/ssl.key 2048".format(selfs_tmp))
WOShellExec.cmd_exec(
self, "openssl req -new -batch "
"-subj /commonName=localhost/ "
"-key {0}/ssl.key -out {0}/ssl.csr".format(selfs_tmp))
WOFileUtils.mvfile(self, "{0}/ssl.key".format(selfs_tmp),
"{0}/ssl.key.org".format(selfs_tmp))
WOShellExec.cmd_exec(
self, "openssl rsa -in "
"{0}/ssl.key.org -out "
"{0}/ssl.key".format(selfs_tmp))
WOShellExec.cmd_exec(
self, "openssl x509 -req -days "
"3652 -in {0}/ssl.csr -signkey {0}"
"/ssl.key -out {0}/ssl.crt".format(selfs_tmp))
except Exception as e:
Log.debug(self, "{0}".format(e))
Log.error(self, "Failed to generate HTTPS "
"certificate for 22222", False)
if backend:
WOFileUtils.mvfile(self, "{0}/ssl.key".format(selfs_tmp),
"/var/www/22222/cert/22222.key")
WOFileUtils.mvfile(self, "{0}/ssl.crt".format(selfs_tmp),
"/var/www/22222/cert/22222.crt")
if proftpd:
WOFileUtils.mvfile(self, "{0}/ssl.key".format(selfs_tmp),
"/etc/proftpd/ssl/proftpd.key")
WOFileUtils.mvfile(self, "{0}/ssl.crt".format(selfs_tmp),
"/etc/proftpd/ssl/proftpd.crt")
# remove self-signed tmp directory
WOFileUtils.rm(self, selfs_tmp)
def archivedcertificatehandle(self, domain, acme_domains):
Log.warn(
self, "You already have an existing certificate "
"for the domain requested.\n"
"(ref: {0}/"
"{1}_ecc/{1}.conf)".format(WOVar.wo_ssl_archive, domain) +
"\nPlease select an option from below?"
"\n\t1: Reinstall existing certificate"
"\n\t2: Issue a new certificate to replace "
"the current one (limit ~5 per 7 days)"
"")
check_prompt = input(
"\nType the appropriate number [1-2] or any other key to cancel: ")
if not os.path.isfile("{0}/{1}/fullchain.pem".format(
WOVar.wo_ssl_live, domain)):
Log.debug(
self, "{0}/{1}/fullchain.pem file is missing.".format(
WOVar.wo_ssl_live, domain))
check_prompt = "2"
if check_prompt == "1":
Log.info(self, "Reinstalling SSL cert with acme.sh")
ssl = WOAcme.deploycert(self, domain)
if ssl:
SSL.httpsredirect(self, domain, acme_domains)
elif (check_prompt == "2"):
Log.info(self, "Issuing new SSL cert with acme.sh")
ssl = WOShellExec.cmd_exec(
self, "/etc/letsencrypt/acme.sh "
"--config-home '/etc/letsencrypt/config' "
"--renew -d {0} --ecc --force".format(domain))
if ssl:
WOAcme.deploycert(self, domain)
else:
Log.error(self, "Operation cancelled by user.")
if os.path.isfile("{0}/conf/nginx/ssl.conf".format(domain)):
Log.info(self, "Existing ssl.conf . Backing it up ..")
WOFileUtils.mvfile(
self, "/var/www/{0}/conf/nginx/ssl.conf".format(domain),
'/var/www/{0}/conf/nginx/ssl.conf.bak'.format(domain))
return ssl
def remove(self, filelist):
"""remove files from given path"""
for file in filelist:
if os.path.isfile(file):
Log.info(self, "Removing {0:65}".format(file), end=' ')
os.remove(file)
Log.info(self, "{0}".format("[" + Log.ENDC + "Done" +
Log.OKBLUE + "]"))
Log.debug(self, 'file Removed')
if os.path.isdir(file):
try:
Log.info(self, "Removing {0:65}".format(file), end=' ')
shutil.rmtree(file)
Log.info(self, "{0}".format("[" + Log.ENDC + "Done" +
Log.OKBLUE + "]"))
except shutil.Error as e:
Log.debug(self, "{err}".format(err=str(e.reason)))
Log.error(self, 'Unable to Remove file ')
