Provide domain.properties for ACMEBot.

This commit is contained in:
Michael Hierweck 2017-06-27 13:56:41 +02:00
parent 7a8cc5246c
commit d3d0d75a82
2 changed files with 21 additions and 35 deletions

View File

@ -54,7 +54,7 @@ public class DomainProcessorFactory implements EntityProcessorFactory {
UnixUser domUser = dom.getUser(); UnixUser domUser = dom.getUser();
Pac pac = domUser.getPac(); Pac pac = domUser.getPac();
final Processor apacheVHostSetupProcessor = createApacheVHostSetupProcessor(em, dom); final Processor apacheVHostSetupProcessor = createApacheVHostSetupProcessor(em, dom);
final Processor letencryptSetupProcessor = createLetencryptSetupProcessor(em, dom); final Processor letencryptSetupProcessor = createACMEBotProcessor(em, dom);
WaitingTasksProcessor processor = new WaitingTasksProcessor(new CompoundProcessor(apacheVHostSetupProcessor, letencryptSetupProcessor)); WaitingTasksProcessor processor = new WaitingTasksProcessor(new CompoundProcessor(apacheVHostSetupProcessor, letencryptSetupProcessor));
Config config = Config.getInstance(); Config config = Config.getInstance();
for (String queueName : config.getProperty("queues.mail").split(",")) { for (String queueName : config.getProperty("queues.mail").split(",")) {
@ -77,7 +77,7 @@ public class DomainProcessorFactory implements EntityProcessorFactory {
mainProcessor.appendProcessor(queueName, createMailinUnsetupProcessor(em, dom), queueName + ".hostsharing.net"); mainProcessor.appendProcessor(queueName, createMailinUnsetupProcessor(em, dom), queueName + ".hostsharing.net");
} }
mainProcessor.appendProcessor(dom.getHiveName(), createApacheVHostDeleteProcessor(dom), "remove apache vhost"); mainProcessor.appendProcessor(dom.getHiveName(), createApacheVHostDeleteProcessor(dom), "remove apache vhost");
mainProcessor.appendProcessor(dom.getHiveName(), createLetencryptUnsetProcessor(dom), "remove letsencrypt config"); mainProcessor.appendProcessor(dom.getHiveName(), createACMEBotProcessor(em, dom), "remove letsencrypt config");
return mainProcessor; return mainProcessor;
} }
@ -326,39 +326,17 @@ public class DomainProcessorFactory implements EntityProcessorFactory {
return vhostDelProcessor; return vhostDelProcessor;
} }
private Processor createLetencryptSetupProcessor(final EntityManager em, final Domain dom) { private Processor createACMEBotProcessor(final EntityManager em, final Domain dom) throws ProcessorException {
final Query query = em.createQuery("SELECT d FROM Domains d WHERE d.domainoptions.name = :option AND d.name = :domname"); final Query query = em.createQuery("SELECT d FROM Domains d WHERE d.domainoptions.name = :option AND d.user.pac.hive.name = :hiveName");
final String domName = dom.getName(); final String hiveName = dom.getHiveName();
query.setParameter("domname", domName); final Map<String, Object> templateVars = new HashMap<String, Object>();
query.setParameter("option", "letsencrypt"); query.setParameter("hivename", hiveName);
if (query.getResultList().isEmpty()) { query.setParameter("option", "letsencrypt");
// remove LE config templateVars.put("domains", query.getResultList());
return createLetencryptUnsetProcessor(dom); return new CompoundProcessor(
} else { new CreateFileProcessor("/de/hsadmin/mods/dom/acmebot-domain.properties.vm", templateVars, dom,
// setup LE "/etc/hostsharing/acmebot/domain.properties.tmp", "acmebot", "acmebot", "640", false),
return new ShellProcessor( new ShellProcessor("mv /etc/hostsharing/acmebot/domain.properties.tmp /etc/hostsharing/acmebot/domain.properties"));
"mkdir -p /var/lib/letsencrypt/webroot/" + domName +
" && chown root:root /var/lib/letsencrypt/webroot/" + domName +
" && chmod 0755 /var/lib/letsencrypt/webroot/" + domName +
" && mkdir -p /var/lib/letsencrypt/webroot/" + domName + "/.well-known" +
" && chown root:root /var/lib/letsencrypt/webroot/" + domName + "/.well-known" +
" && chmod 0755 /var/lib/letsencrypt/webroot/" + domName + "/.well-known" +
" && mkdir -p /var/lib/letsencrypt/webroot/" + domName + "/.well-known/acme-challenge" +
" && chown root:root /var/lib/letsencrypt/webroot/" + domName + "/.well-known/acme-challenge" +
" && chmod 0755 /var/lib/letsencrypt/webroot/" + domName + "/.well-known/acme-challenge" +
" && mkdir -p /etc/letsencrypt/renewal/" +
" && mkdir -p /etc/letsencrypt/live/" + domName +
" && mkdir -p /etc/letsencrypt/archive/" + domName +
" && echo \"subs=" + dom.getValidsubdomainnames() + "\" > /etc/letsencrypt/renewal/" + domName + ".conf" );
}
}
private Processor createLetencryptUnsetProcessor(final Domain dom) {
final String domName = dom.getName();
return new ShellProcessor("rm -rf /var/lib/letsencrypt/webroot/" + domName +
" && rm -rf /etc/letsencrypt/archive/" + domName +
" && rm -rf /etc/letsencrypt/live/" + domName +
" && rm -f /etc/letsencrypt/renewal/" + domName + ".conf");
} }
} }

View File

@ -0,0 +1,8 @@
#
# This file is managed by HSAdmin.
# Do not edit manually. Changes will be overwritten.
#
#foreach( $domain in $domains )
${domain.name} = ${domain.getValidsubdomainnames}
#end