HSAdmin Backend Domains, E-Mail, Datenbanken
Peter Hormanns
2017-06-22 9185975ed66e9ae9e0e6d98000576bb9974a4aff
create letsencrypt directories and config
2 files modified
41 ■■■■■ changed files
hsarback/src/de/hsadmin/mods/dom/DomainModuleImpl.java 8 ●●●● patch | view | raw | blame | history
hsarback/src/de/hsadmin/mods/dom/DomainProcessorFactory.java 33 ●●●●● patch | view | raw | blame | history
hsarback/src/de/hsadmin/mods/dom/DomainModuleImpl.java
@@ -44,8 +44,7 @@
                    DOMOPT_MULTIVIEWS, 
                    DOMOPT_INDEXES, 
                    DOMOPT_HTDOCSFALLBACK, 
                    DOMOPT_INCLUDES,
                    DOMOPT_LETSENCRYPT
                    DOMOPT_INCLUDES
            };
    @Override
@@ -226,6 +225,11 @@
                opt.setId(((DomainOption) list.get(0)).getId());
            }
        }
        for (DomainOption opt : domainOptions) {
            if ("letsencrypt".equals(opt.getName()) && updatedDom.getServeraliases().contains("*")) {
                throw new HSAdminException("invalid domain option: " + opt.getName() + " for woldcard subdomain");
            }
        }
        needsWriteAccessOn(oldDom, "update");
        return super.update(existingEntity);
    }
hsarback/src/de/hsadmin/mods/dom/DomainProcessorFactory.java
@@ -53,7 +53,9 @@
        Domain dom = (Domain) entity;
        UnixUser domUser = dom.getUser();
        Pac pac = domUser.getPac();
        WaitingTasksProcessor processor = new WaitingTasksProcessor(createApacheVHostSetupProcessor(em, dom));
        final Processor apacheVHostSetupProcessor = createApacheVHostSetupProcessor(em, dom);
        final Processor letencryptSetupProcessor = createLetencryptSetupProcessor(em, dom);
        WaitingTasksProcessor processor = new WaitingTasksProcessor(new CompoundProcessor(apacheVHostSetupProcessor, letencryptSetupProcessor));
        Config config = Config.getInstance();
        for (String queueName : config.getProperty("queues.mail").split(",")) {
            processor.appendProcessor(queueName, createMailinSetupProcessor(em, dom, pac), queueName + ".hostsharing.net");
@@ -75,6 +77,7 @@
            mainProcessor.appendProcessor(queueName, createMailinUnsetupProcessor(em, dom), queueName + ".hostsharing.net");
        }
        mainProcessor.appendProcessor(dom.getHiveName(), createApacheVHostDeleteProcessor(dom), "remove apache vhost");
        mainProcessor.appendProcessor(dom.getHiveName(), createLetencryptUnsetProcessor(dom), "remove letsencrypt config");
        return mainProcessor;
    }
@@ -323,4 +326,32 @@
        return vhostDelProcessor;
    }
    private Processor createLetencryptSetupProcessor(final EntityManager em, final Domain dom) {
        final Query query = em.createQuery("SELECT d FROM Domains d WHERE d.domainoptions.name = :option AND d.name = :domname");
        final String domName = dom.getName();
        query.setParameter("domname", domName);
        query.setParameter("option", "letsencrypt");
        if (query.getResultList().isEmpty()) {
            // remove LE config
            return createLetencryptUnsetProcessor(dom);
        } else {
            // setup LE
            return new ShellProcessor("mkdir -p /var/lib/letsencrypt/webroot/" + domName +
                    " && chown root:root /var/lib/letsencrypt/webroot/" + domName +
                    " && chmod 0755 /var/lib/letsencrypt/webroot/" + domName +
                    " && mkdir -p /etc/letsencrypt/renwal/" + domName +
                    " && mkdir -p /etc/letsencrypt/live/" + domName +
                    " && mkdir -p /etc/letsencrypt/archive/" + domName +
                    " && echo \"" + dom.getValidsubdomainnames() + "\" > /etc/letsencrypt/renwal/" + domName + ".conf" );
        }
    }
    private Processor createLetencryptUnsetProcessor(final Domain dom) {
        final String domName = dom.getName();
        return new ShellProcessor("rm -rf  /var/lib/letsencrypt/webroot/" + domName +
                    " && rm -rf /etc/letsencrypt/archive/" + domName +
                    " && rm -rf /etc/letsencrypt/live/" + domName +
                    " && rm -f /etc/letsencrypt/renwal/" + domName + ".conf");
    }
}