link letsencrypt cert and trigger acmebot

This commit is contained in:
Peter Hormanns 2017-06-28 15:31:52 +02:00
parent b22842eb7d
commit 4934c2d085

View File

@ -13,6 +13,7 @@ import de.hsadmin.core.qserv.CompoundProcessor;
import de.hsadmin.core.qserv.CopyFileProcessor;
import de.hsadmin.core.qserv.CreateFileProcessor;
import de.hsadmin.core.qserv.EntityProcessorFactory;
import de.hsadmin.core.qserv.NullProcessor;
import de.hsadmin.core.qserv.Processor;
import de.hsadmin.core.qserv.ProcessorException;
import de.hsadmin.core.qserv.ShellProcessor;
@ -51,13 +52,30 @@ public class DomainProcessorFactory implements EntityProcessorFactory {
}
public <T extends AbstractEntity> Processor createUpdateProcessor(EntityManager em, T entity) throws ProcessorException {
Domain dom = (Domain) entity;
UnixUser domUser = dom.getUser();
Pac pac = domUser.getPac();
final Domain dom = (Domain) entity;
final UnixUser domUser = dom.getUser();
final Pac pac = domUser.getPac();
final Processor apacheVHostSetupProcessor = createApacheVHostSetupProcessor(em, dom);
final Processor letencryptSetupProcessor = createACMEBotProcessor(em, dom);
WaitingTasksProcessor processor = new WaitingTasksProcessor(new CompoundProcessor(apacheVHostSetupProcessor, letencryptSetupProcessor));
Config config = Config.getInstance();
final String domName = dom.getName();
final Query query = em.createQuery("SELECT d FROM Domains d WHERE d.domainoptions.name = :option AND d.name = :domname");
query.setParameter("domname", domName);
query.setParameter("option", "letsencrypt");
Processor linkLetsencryptCertsProcessor = new NullProcessor();
if (!query.getResultList().isEmpty()) {
linkLetsencryptCertsProcessor = new ShellProcessor(
"rm -f /etc/apache2/pems-enabled/" + domName + ".crt" +
" && rm -f /etc/apache2/pems-enabled/" + domName + ".key" +
" && rm -f /etc/apache2/pems-enabled/" + domName + ".chain" +
" && ln -s /etc/apache2/pems-generated/" + domName + ".key /etc/apache2/pems-enabled/" + domName + ".key" +
" && ln -s /etc/apache2/pems-generated/" + domName + ".crt /etc/apache2/pems-enabled/" + domName + ".crt" +
" && ln -s /etc/apache2/pems-generated/" + domName + ".chain /etc/apache2/pems-enabled/" + domName + ".chain");
}
final WaitingTasksProcessor processor = new WaitingTasksProcessor(
new CompoundProcessor(apacheVHostSetupProcessor, letencryptSetupProcessor, linkLetsencryptCertsProcessor));
final Config config = Config.getInstance();
for (String queueName : config.getProperty("queues.mail").split(",")) {
processor.appendProcessor(queueName, createMailinSetupProcessor(em, dom, pac), queueName + ".hostsharing.net");
}
@ -65,12 +83,12 @@ public class DomainProcessorFactory implements EntityProcessorFactory {
}
public <T extends AbstractEntity> Processor createDeleteProcessor(EntityManager em, T entity) throws ProcessorException {
Domain dom = (Domain) entity;
String domName = dom.getName();
WaitingTasksProcessor mainProcessor = new WaitingTasksProcessor(
final Domain dom = (Domain) entity;
final String domName = dom.getName();
final WaitingTasksProcessor mainProcessor = new WaitingTasksProcessor(
createHiveDNSRemoveProcessor(domName)
);
Config config = Config.getInstance();
final Config config = Config.getInstance();
for (String queueName : config.getProperty("queues.dns").split(",")) {
mainProcessor.appendProcessor(queueName, createDNSServerConfigProcessor(em), queueName + ".hostsharing.net");
}
@ -83,8 +101,8 @@ public class DomainProcessorFactory implements EntityProcessorFactory {
}
private Processor createDNSServerConfigProcessor(EntityManager em) {
Query query = em.createQuery("SELECT d FROM Domains d");
HashMap<String, Object> templateVars = new HashMap<String, Object>();
final Query query = em.createQuery("SELECT d FROM Domains d");
final HashMap<String, Object> templateVars = new HashMap<String, Object>();
templateVars.put("domains", query.getResultList());
return new CompoundProcessor(
new VelocityProcessor("/de/hsadmin/mods/dom/named-hsh-conf.vm",
@ -95,25 +113,25 @@ public class DomainProcessorFactory implements EntityProcessorFactory {
}
private Processor createHiveDNSSetupProcessor(EntityManager em, Domain dom) throws ProcessorException {
Map<String, Object> templateVars = new HashMap<String, Object>();
templateVars.put("sio", Long.toString(System.currentTimeMillis()/1000L));
String domName = dom.getName();
String zonefileTargetPath = "/etc/bind/pri." + domName;
Processor zonefileTemplateProcessor =
new VelocityProcessor("/de/hsadmin/mods/dom/zonefile.vm", templateVars, dom, zonefileTargetPath, false);
Processor zonefileACLProcessor =
final Map<String, Object> zonefileTemplateVars = new HashMap<String, Object>();
zonefileTemplateVars.put("sio", Long.toString(System.currentTimeMillis()/1000L));
final String domName = dom.getName();
final String zonefileTargetPath = "/etc/bind/pri." + domName;
final Processor zonefileTemplateProcessor =
new VelocityProcessor("/de/hsadmin/mods/dom/zonefile.vm", zonefileTemplateVars, dom, zonefileTargetPath, false);
final Processor zonefileACLProcessor =
new ShellProcessor("chown root:bind " + zonefileTargetPath + " && chmod 644 " + zonefileTargetPath);
Query query = em.createQuery("SELECT d FROM Domains d WHERE d.user.pac.hive.name = :hivename");
final Query query = em.createQuery("SELECT d FROM Domains d WHERE d.user.pac.hive.name = :hivename");
query.setParameter("hivename", dom.getUser().getHiveName());
templateVars = new HashMap<String, Object>();
templateVars.put("domains", query.getResultList());
Processor prizonesFileProcessor = new CompoundProcessor(
final Map<String, Object> namedZonesTemplateVars = new HashMap<String, Object>();
namedZonesTemplateVars.put("domains", query.getResultList());
final Processor prizonesFileProcessor = new CompoundProcessor(
new VelocityProcessor("/de/hsadmin/mods/dom/named-pri-zones.vm",
templateVars, dom, "/etc/bind/named.pri-zones.tmp", true),
namedZonesTemplateVars, dom, "/etc/bind/named.pri-zones.tmp", true),
new ShellProcessor(" ( diff -q /etc/bind/named.pri-zones.tmp /etc/bind/named.pri-zones && rm /etc/bind/named.pri-zones.tmp ) " +
"|| ( mv /etc/bind/named.pri-zones.tmp /etc/bind/named.pri-zones && invoke-rc.d bind9 reload )")
);
Processor dnsSetupProcessor =
final Processor dnsSetupProcessor =
new CompoundProcessor(zonefileTemplateProcessor, zonefileACLProcessor, prizonesFileProcessor);
return dnsSetupProcessor;
}
@ -126,28 +144,28 @@ public class DomainProcessorFactory implements EntityProcessorFactory {
}
private CompoundProcessor createHiveEMailSetupProcessor(EntityManager em, Domain dom) {
EMailAddressProcessorFactory eMailAddressProcessorFactory = new EMailAddressProcessorFactory();
CompoundProcessor emailAdrProcessor = new CompoundProcessor();
Query query = em.createQuery(
final EMailAddressProcessorFactory eMailAddressProcessorFactory = new EMailAddressProcessorFactory();
final CompoundProcessor emailAdrProcessor = new CompoundProcessor();
final Query query = em.createQuery(
"SELECT adr FROM " +
EMailAddress.class.getAnnotation(javax.persistence.Entity.class).name() + " adr " +
"WHERE adr.domain.name='" + dom.getName() + "'");
List<?> resultList = query.getResultList();
for (Object obj : resultList) {
EMailAddress eMailAddress = (EMailAddress) obj;
final List<?> resultList = query.getResultList();
for (final Object obj : resultList) {
final EMailAddress eMailAddress = (EMailAddress) obj;
emailAdrProcessor.appendProcessor(eMailAddressProcessorFactory.createCreateProcessor(em, eMailAddress));
}
return emailAdrProcessor;
}
private Processor createMailinSetupProcessor(EntityManager em, Domain dom, Pac pac) throws ProcessorException {
String inetAddr = pac.getCurINetAddr().getInetAddr();
CompoundProcessor cp = new CompoundProcessor(
final String inetAddr = pac.getCurINetAddr().getInetAddr();
final CompoundProcessor cp = new CompoundProcessor(
createPostgreyConfiguration(em),
new ShellProcessor("postmap -r -i /etc/postfix-mailin/relaydomains",
dom.getName() + " anything\n" +
"." + dom.getName() + " anything\n"));
Query query = em.createQuery("SELECT d FROM Domains d WHERE d.domainoptions.name = :option AND d.name = :domname");
final Query query = em.createQuery("SELECT d FROM Domains d WHERE d.domainoptions.name = :option AND d.name = :domname");
query.setParameter("domname", dom.getName());
query.setParameter("option", "backupmxforexternalmx");
if (query.getResultList().isEmpty()) {
@ -167,19 +185,19 @@ public class DomainProcessorFactory implements EntityProcessorFactory {
}
private Processor createPostgreyConfiguration(EntityManager em) throws ProcessorException {
List<Domain> whitelistDoms = new ArrayList<Domain>();
Query query = em.createQuery("SELECT DISTINCT dom FROM Domains dom WHERE NOT EXISTS " +
final List<Domain> whitelistDoms = new ArrayList<Domain>();
final Query query = em.createQuery("SELECT DISTINCT dom FROM Domains dom WHERE NOT EXISTS " +
"( SELECT postgreyDom FROM Domains postgreyDom " +
" WHERE postgreyDom.domainoptions.name = :option" +
" AND postgreyDom.name = dom.name )");
query.setParameter("option", "greylisting");
List<?> result = query.getResultList();
final List<?> result = query.getResultList();
for (Object dom : result) {
if (dom instanceof Domain) {
whitelistDoms.add((Domain) dom);
}
}
HashMap<String, Object> templateVars = new HashMap<String, Object>();
final HashMap<String, Object> templateVars = new HashMap<String, Object>();
templateVars.put("whitelist", whitelistDoms);
return new CompoundProcessor(
new VelocityProcessor("/de/hsadmin/mods/dom/postgrey-whitelist-recipients.vm",
@ -201,15 +219,15 @@ public class DomainProcessorFactory implements EntityProcessorFactory {
}
private CompoundProcessor createDomainDirectoriesProcessor(Domain dom) throws ProcessorException {
Map<String, Object> templateVars = new HashMap<String, Object>();
UnixUser domUser = dom.getUser();
String domName = dom.getName();
Pac pac = domUser.getPac();
String pacName = pac.getName();
String homeDir = domUser.getHomedir();
String domsDir = homeDir + "/doms";
String userName = domUser.getName();
String domainDir = domsDir + "/" + dom.getName();
final Map<String, Object> templateVars = new HashMap<String, Object>();
final UnixUser domUser = dom.getUser();
final String domName = dom.getName();
final Pac pac = domUser.getPac();
final String pacName = pac.getName();
final String homeDir = domUser.getHomedir();
final String domsDir = homeDir + "/doms";
final String userName = domUser.getName();
final String domainDir = domsDir + "/" + dom.getName();
String httpdRights = "";
if (pacName != userName) {
httpdRights =
@ -308,10 +326,10 @@ public class DomainProcessorFactory implements EntityProcessorFactory {
}
private Processor createApacheVHostDeleteProcessor(Domain dom) {
String domName = dom.getName();
int level = domName.split("\\.").length;
String linkPrefix = Integer.toString(100 - level);
Processor vhostDelProcessor =
final String domName = dom.getName();
final int level = domName.split("\\.").length;
final String linkPrefix = Integer.toString(100 - level);
final Processor vhostDelProcessor =
new ShellProcessor("rm -f /home/doms/" + domName +
" && rm -f /etc/apache2/sites-enabled/" + linkPrefix + "-" + domName +
" && rm -f /etc/apache2/sites-available/" + domName +