def setuphsts(self, wo_domain_name, enable=True):
"""Enable or disable htsts for a site"""
if enable:
if WOFileUtils.enabledisable(self,
'/var/www/{0}/conf/nginx/hsts.conf'):
return 0
else:
Log.info(
self, "Adding /var/www/{0}/conf/nginx/hsts.conf".format(
wo_domain_name))
hstsconf = open(
"/var/www/{0}/conf/nginx/hsts.conf".format(wo_domain_name),
encoding='utf-8',
mode='w')
hstsconf.write("more_set_headers "
"\"Strict-Transport-Security: "
"max-age=31536000; "
"includeSubDomains; "
"preload\";")
hstsconf.close()
return 0
else:
if WOFileUtils.enabledisable(self,
'/var/www/{0}/conf/nginx/hsts.conf',
enable=False):
Log.info(self, "HSTS disabled")
return 0
else:
Log.info(self, "HSTS is not enabled")
return 0
def httpsredirect(self, wo_domain_name, acme_domains, redirect=True):
"""Create Nginx redirection from http to https"""
wo_acme_domains = ' '.join(acme_domains)
if redirect:
Log.wait(self, "Adding HTTPS redirection")
if WOFileUtils.enabledisable(
self,
'/etc/nginx/conf.d/force-ssl-{0}.conf'.format(
wo_domain_name),
enable=True):
Log.valide(self, "Adding HTTPS redirection")
return 0
else:
try:
sslconf = open(
"/etc/nginx/conf.d/force-ssl-{0}.conf".format(
wo_domain_name),
encoding='utf-8',
mode='w')
sslconf.write(
"server {\n"
"\tlisten 80;\n" + "\tlisten [::]:80;\n" +
"\tserver_name {0};\n".format(wo_acme_domains) +
"\treturn 301 https://$host"
"$request_uri;\n}")
sslconf.close()
except IOError as e:
Log.debug(self, str(e))
Log.debug(
self, "Error occured while generating "
"/etc/nginx/conf.d/force-ssl-{0}.conf".format(
wo_domain_name))
return 1
Log.valide(self, "Adding HTTPS redirection")
return 0
else:
if WOFileUtils.enabledisable(
self,
"/etc/nginx/conf.d/force-ssl-{0}.conf".format(
wo_domain_name),
enable=False):
Log.info(
self, "Disabled HTTPS Force Redirection for site "
"{0}".format(wo_domain_name))
else:
Log.info(
self, "HTTPS redirection already disabled for site"
"{0}".format(wo_domain_name))
return 0
