create letsencrypt directories and config

This commit is contained in:
Peter Hormanns 2017-06-22 18:46:17 +02:00
parent b7f74efbfd
commit 9185975ed6
2 changed files with 38 additions and 3 deletions

View File

@ -44,8 +44,7 @@ public class DomainModuleImpl extends AbstractModuleImpl {
DOMOPT_MULTIVIEWS, DOMOPT_MULTIVIEWS,
DOMOPT_INDEXES, DOMOPT_INDEXES,
DOMOPT_HTDOCSFALLBACK, DOMOPT_HTDOCSFALLBACK,
DOMOPT_INCLUDES, DOMOPT_INCLUDES
DOMOPT_LETSENCRYPT
}; };
@Override @Override
@ -226,6 +225,11 @@ public class DomainModuleImpl extends AbstractModuleImpl {
opt.setId(((DomainOption) list.get(0)).getId()); opt.setId(((DomainOption) list.get(0)).getId());
} }
} }
for (DomainOption opt : domainOptions) {
if ("letsencrypt".equals(opt.getName()) && updatedDom.getServeraliases().contains("*")) {
throw new HSAdminException("invalid domain option: " + opt.getName() + " for woldcard subdomain");
}
}
needsWriteAccessOn(oldDom, "update"); needsWriteAccessOn(oldDom, "update");
return super.update(existingEntity); return super.update(existingEntity);
} }

View File

@ -53,7 +53,9 @@ public class DomainProcessorFactory implements EntityProcessorFactory {
Domain dom = (Domain) entity; Domain dom = (Domain) entity;
UnixUser domUser = dom.getUser(); UnixUser domUser = dom.getUser();
Pac pac = domUser.getPac(); Pac pac = domUser.getPac();
WaitingTasksProcessor processor = new WaitingTasksProcessor(createApacheVHostSetupProcessor(em, dom)); final Processor apacheVHostSetupProcessor = createApacheVHostSetupProcessor(em, dom);
final Processor letencryptSetupProcessor = createLetencryptSetupProcessor(em, dom);
WaitingTasksProcessor processor = new WaitingTasksProcessor(new CompoundProcessor(apacheVHostSetupProcessor, letencryptSetupProcessor));
Config config = Config.getInstance(); Config config = Config.getInstance();
for (String queueName : config.getProperty("queues.mail").split(",")) { for (String queueName : config.getProperty("queues.mail").split(",")) {
processor.appendProcessor(queueName, createMailinSetupProcessor(em, dom, pac), queueName + ".hostsharing.net"); processor.appendProcessor(queueName, createMailinSetupProcessor(em, dom, pac), queueName + ".hostsharing.net");
@ -75,6 +77,7 @@ public class DomainProcessorFactory implements EntityProcessorFactory {
mainProcessor.appendProcessor(queueName, createMailinUnsetupProcessor(em, dom), queueName + ".hostsharing.net"); mainProcessor.appendProcessor(queueName, createMailinUnsetupProcessor(em, dom), queueName + ".hostsharing.net");
} }
mainProcessor.appendProcessor(dom.getHiveName(), createApacheVHostDeleteProcessor(dom), "remove apache vhost"); mainProcessor.appendProcessor(dom.getHiveName(), createApacheVHostDeleteProcessor(dom), "remove apache vhost");
mainProcessor.appendProcessor(dom.getHiveName(), createLetencryptUnsetProcessor(dom), "remove letsencrypt config");
return mainProcessor; return mainProcessor;
} }
@ -323,4 +326,32 @@ public class DomainProcessorFactory implements EntityProcessorFactory {
return vhostDelProcessor; return vhostDelProcessor;
} }
private Processor createLetencryptSetupProcessor(final EntityManager em, final Domain dom) {
final Query query = em.createQuery("SELECT d FROM Domains d WHERE d.domainoptions.name = :option AND d.name = :domname");
final String domName = dom.getName();
query.setParameter("domname", domName);
query.setParameter("option", "letsencrypt");
if (query.getResultList().isEmpty()) {
// remove LE config
return createLetencryptUnsetProcessor(dom);
} else {
// setup LE
return new ShellProcessor("mkdir -p /var/lib/letsencrypt/webroot/" + domName +
" && chown root:root /var/lib/letsencrypt/webroot/" + domName +
" && chmod 0755 /var/lib/letsencrypt/webroot/" + domName +
" && mkdir -p /etc/letsencrypt/renwal/" + domName +
" && mkdir -p /etc/letsencrypt/live/" + domName +
" && mkdir -p /etc/letsencrypt/archive/" + domName +
" && echo \"" + dom.getValidsubdomainnames() + "\" > /etc/letsencrypt/renwal/" + domName + ".conf" );
}
}
private Processor createLetencryptUnsetProcessor(final Domain dom) {
final String domName = dom.getName();
return new ShellProcessor("rm -rf /var/lib/letsencrypt/webroot/" + domName +
" && rm -rf /etc/letsencrypt/archive/" + domName +
" && rm -rf /etc/letsencrypt/live/" + domName +
" && rm -f /etc/letsencrypt/renwal/" + domName + ".conf");
}
} }