def setuphsts(self, wo_domain_name, enable=True): """Enable or disable htsts for a site""" if enable: if WOFileUtils.enabledisable(self, '/var/www/{0}/conf/nginx/hsts.conf'): return 0 else: Log.info( self, "Adding /var/www/{0}/conf/nginx/hsts.conf".format( wo_domain_name)) hstsconf = open( "/var/www/{0}/conf/nginx/hsts.conf".format(wo_domain_name), encoding='utf-8', mode='w') hstsconf.write("more_set_headers " "\"Strict-Transport-Security: " "max-age=31536000; " "includeSubDomains; " "preload\";") hstsconf.close() return 0 else: if WOFileUtils.enabledisable(self, '/var/www/{0}/conf/nginx/hsts.conf', enable=False): Log.info(self, "HSTS disabled") return 0 else: Log.info(self, "HSTS is not enabled") return 0
def httpsredirect(self, wo_domain_name, acme_domains, redirect=True): """Create Nginx redirection from http to https""" wo_acme_domains = ' '.join(acme_domains) if redirect: Log.wait(self, "Adding HTTPS redirection") if WOFileUtils.enabledisable( self, '/etc/nginx/conf.d/force-ssl-{0}.conf'.format( wo_domain_name), enable=True): Log.valide(self, "Adding HTTPS redirection") return 0 else: try: sslconf = open( "/etc/nginx/conf.d/force-ssl-{0}.conf".format( wo_domain_name), encoding='utf-8', mode='w') sslconf.write( "server {\n" "\tlisten 80;\n" + "\tlisten [::]:80;\n" + "\tserver_name {0};\n".format(wo_acme_domains) + "\treturn 301 https://$host" "$request_uri;\n}") sslconf.close() except IOError as e: Log.debug(self, str(e)) Log.debug( self, "Error occured while generating " "/etc/nginx/conf.d/force-ssl-{0}.conf".format( wo_domain_name)) return 1 Log.valide(self, "Adding HTTPS redirection") return 0 else: if WOFileUtils.enabledisable( self, "/etc/nginx/conf.d/force-ssl-{0}.conf".format( wo_domain_name), enable=False): Log.info( self, "Disabled HTTPS Force Redirection for site " "{0}".format(wo_domain_name)) else: Log.info( self, "HTTPS redirection already disabled for site" "{0}".format(wo_domain_name)) return 0