def fixture_domain_list():
"""Return patch DomainName.list() method."""
method = 'plinth.modules.names.components.DomainName.list'
with patch(method) as domain_list:
DomainType._all = {}
DomainType('domain-type-1', 'type-1', 'url1', False)
DomainType('domain-type-2', 'type-2', 'url1', True)
domain1 = DomainName('domain-name-1', 'invalid1.example',
'domain-type-1', '__all__')
domain2 = DomainName('domain-name-2', 'valid.example', 'domain-type-2',
'__all__')
domain3 = DomainName('domain-name-3', 'invalid2.example',
'domain-type-2', '__all__')
domain_list.return_value = [domain1, domain2, domain3]
yield domain_list
def setup_certificates(self, app_domains=None):
"""Setup app certificates for all interested domains.
For every domain, a certificate is copied. If a valid certificate is
not available in Let's Encrypt, a self-signed snakeoil certificate is
used. Each daemon is restarted if it is running.
app_domains is the list of domains for which certificates must be
copied. If it is not provided, the component's list of domains (which
may be acquired by a callable) is used.
"""
if not app_domains:
app_domains = self.domains
if app_domains == '*':
# Setup for all domains and not just ones that LE can obtain
# certificate for. This allows the domains that can't have LE
# certificate to work with self-signed certificates.
app_domains = DomainName.list_names()
domains, status = self._get_letsencrypt_domains()
if self.should_copy_certificates:
for domain in app_domains:
if domain in domains:
lineage = status['domains'][domain]['lineage']
self._copy_letsencrypt_certificates([domain], lineage)
else:
self._copy_self_signed_certificates([domain])
for daemon in self.daemons:
actions.superuser_run('service', ['try-restart', daemon])
def set_domains(primary_domain=None):
"""Set the primary domain and all the domains for postfix."""
all_domains = DomainName.list_names()
if not primary_domain:
primary_domain = get_domains()['primary_domain']
if primary_domain not in all_domains:
primary_domain = config.get_domainname() or list(all_domains)[0]
# Update configuration and don't restart daemons
superuser_run(
'email',
['domain', 'set_domains', primary_domain, ','.join(all_domains)])
superuser_run('email', ['dkim', 'setup_dkim', primary_domain])
# Copy certificates (self-signed if needed) and restart daemons
app = App.get('email')
app.get_component('letsencrypt-email-postfix').setup_certificates()
app.get_component('letsencrypt-email-dovecot').setup_certificates()
def get_context_data(self, **kwargs):
"""Return additional context data for rendering the template."""
context = super().get_context_data(**kwargs)
context['title'] = _('Allowed Client')
public_key = urllib.parse.unquote(self.kwargs['public_key'])
server_info = utils.get_info()['my_server']
if not server_info or public_key not in server_info['peers']:
raise Http404
domains = DomainName.list_names(filter_for_service='wireguard')
context['server'] = server_info
context['client'] = server_info['peers'][public_key]
context['endpoints'] = [
domain + ':' + str(server_info['listen_port'])
for domain in domains
]
return context
def get_status():
"""Return current Tor status."""
output = actions.superuser_run('tor', ['get-status'])
status = json.loads(output)
hs_info = status['hidden_service']
hs_services = []
if hs_info['hostname']:
try:
domain = DomainName.get('domain-tor-' + hs_info['hostname'])
except KeyError:
pass
else:
hs_services = domain.get_readable_services()
# Filter out obfs3/4 ports when bridge relay is disabled
ports = {
service_type: port
for service_type, port in status['ports'].items()
if service_type not in ['obfs4', 'obfs3']
or status['bridge_relay_enabled']
}
return {
'enabled': tor.app.is_enabled(),
'is_running': app_is_running(tor.app),
'use_upstream_bridges': status['use_upstream_bridges'],
'upstream_bridges': status['upstream_bridges'],
'relay_enabled': status['relay_enabled'],
'bridge_relay_enabled': status['bridge_relay_enabled'],
'ports': ports,
'hs_enabled': hs_info['enabled'],
'hs_status': hs_info['status'],
'hs_hostname': hs_info['hostname'],
'hs_ports': hs_info['ports'],
'hs_services': hs_services,
'apt_transport_tor_enabled': is_apt_transport_tor_enabled()
}
def _get_domain_choices():
"""Double domain entries for inclusion in the choice field."""
return ((domain.name, domain.name) for domain in DomainName.list())
def __init__(self, *args, **kwargs):
super().__init__(*args, **kwargs)
from plinth.modules.names.components import DomainName
domains = list(DomainName.list_names())
self.fields['domain_name'].choices = zip(domains, domains)