Newer
Older
import re
import utils
def setup(interactive=True):
cmds = [
'apt-get install -y nginx',
'rm -f /etc/nginx/sites-enabled/default.conf',
need_uwsgi = False
# MediaServer vhost (mediaserver-msuser)
hosts.append(utils.get_conf('MS_SERVER_NAME') or 'mediaserver')
hosts.append(utils.get_conf('MONITOR_SERVER_NAME') or 'msmonitor')
hosts.append(utils.get_conf('CM_SERVER_NAME') or 'campusmanager')
# TODO: get domains by parsing files in sites-enabled
if need_uwsgi:
cmds.append('apt-get install -y uwsgi uwsgi-plugin-python3')
if hosts:
utils.add_hosts_to_localhost(hosts)
ssl_conf = '/etc/nginx/conf.d/ssl.conf'
if os.path.exists(ssl_conf):
utils.run_commands([
'grep ssl_certificate /etc/nginx/conf.d/ssl.conf > /etc/nginx/conf.d/ssl_certificate.conf',
'mv /etc/nginx/conf.d/ssl.conf /etc/nginx/conf.d/ssl.conf.old',
])
# Update certificate in ssl_certificate.conf
ssl_conf = '/etc/nginx/conf.d/ssl_certificate.conf'
if not os.path.exists(ssl_conf):
utils.log('The SSL configuration file "%s" does not exist, SSL certificate not updated.' % ssl_conf)
else:
default_cert = '/etc/ssl/certs/ssl-cert-snakeoil.pem'
ssl_cert = utils.get_conf('SSL_CERTIFICATE') or default_cert
ssl_key = utils.get_conf('SSL_CERTIFICATE_KEY') or '/etc/ssl/private/ssl-cert-snakeoil.key'
if ssl_cert == default_cert:
utils.log('The configuration uses the default certificate, no modification will be made in "%s".' % ssl_conf)
else:
with open(ssl_conf, 'r') as fo:
content = fo.read()
new_content = content
new_content = re.sub(r'ssl_certificate\s+([\w/\-\_\.]+);', 'ssl_certificate %s;' % ssl_cert, new_content)
new_content = re.sub(r'ssl_certificate_key\s+([\w/\-\_\.]+);', 'ssl_certificate_key %s;' % ssl_key, new_content)
if new_content != content:
with open(ssl_conf, 'w') as fo:
fo.write(new_content)
utils.log('SSL configuration file "%s" updated.' % ssl_conf)
utils.log('SSL configuration file "%s" already up to date.' % ssl_conf)
utils.run_commands(['nginx -t', 'service nginx restart'])