Skip to content
Snippets Groups Projects
Commit d020dcf1 authored by Stéphane Diemer's avatar Stéphane Diemer
Browse files

Changed file for SSL certificate (refs #27515).

parent ed064b84
No related branches found
No related tags found
No related merge requests found
...@@ -103,8 +103,15 @@ def setup(interactive=True): ...@@ -103,8 +103,15 @@ def setup(interactive=True):
utils.log('/etc/hosts updated.') utils.log('/etc/hosts updated.')
else: else:
utils.log('/etc/hosts is already up to date.') utils.log('/etc/hosts is already up to date.')
# Update certificate in ssl.conf # Move ssl.conf
ssl_conf = '/etc/nginx/conf.d/ssl.conf' ssl_conf = '/etc/nginx/conf.d/ssl.conf'
if os.path.exists(ssl_conf):
utils.run_commands([
'grep ssl_certificate /etc/nginx/conf.d/ssl.conf > /etc/nginx/conf.d/ssl_certificate.conf',
'mv /etc/nginx/conf.d/ssl.conf /etc/nginx/conf.d/ssl.conf.old',
])
# Update certificate in ssl_certificate.conf
ssl_conf = '/etc/nginx/conf.d/ssl_certificate.conf'
if not os.path.exists(ssl_conf): if not os.path.exists(ssl_conf):
utils.log('The SSL configuration file "%s" does not exist, SSL certificate not updated.' % ssl_conf) utils.log('The SSL configuration file "%s" does not exist, SSL certificate not updated.' % ssl_conf)
else: else:
......
...@@ -7,8 +7,15 @@ import utils ...@@ -7,8 +7,15 @@ import utils
def setup(interactive=True): def setup(interactive=True):
# Check if a custom SSL certificate is used # Move ssl.conf
ssl_conf = '/etc/nginx/conf.d/ssl.conf' ssl_conf = '/etc/nginx/conf.d/ssl.conf'
if os.path.exists(ssl_conf):
utils.run_commands([
'grep ssl_certificate /etc/nginx/conf.d/ssl.conf > /etc/nginx/conf.d/ssl_certificate.conf',
'mv /etc/nginx/conf.d/ssl.conf /etc/nginx/conf.d/ssl.conf.old',
])
# Check if a custom SSL certificate is used
ssl_conf = '/etc/nginx/conf.d/ssl_certificate.conf'
if not os.path.exists(ssl_conf): if not os.path.exists(ssl_conf):
utils.log('The SSL configuration file "%s" does not exist, letsencrypt will not be used.' % ssl_conf) utils.log('The SSL configuration file "%s" does not exist, letsencrypt will not be used.' % ssl_conf)
return return
...@@ -52,7 +59,7 @@ def setup(interactive=True): ...@@ -52,7 +59,7 @@ def setup(interactive=True):
'certbot certonly --agree-tos --no-eff-email --rsa-key-size 4096 --webroot --webroot-path /tmp/letsencrypt --domains "%s" --email sysadmin@ubicast.eu' % (','.join(domains)), 'certbot certonly --agree-tos --no-eff-email --rsa-key-size 4096 --webroot --webroot-path /tmp/letsencrypt --domains "%s" --email sysadmin@ubicast.eu' % (','.join(domains)),
] ]
utils.run_commands(cmds) utils.run_commands(cmds)
# Update Nginx configuration in ssl.conf # Update Nginx configuration in ssl_certificate.conf
ssl_cert = '/etc/letsencrypt/live/%s/fullchain.pem' % domains[0] ssl_cert = '/etc/letsencrypt/live/%s/fullchain.pem' % domains[0]
ssl_key = '/etc/letsencrypt/live/%s/privkey.pem' % domains[0] ssl_key = '/etc/letsencrypt/live/%s/privkey.pem' % domains[0]
if not os.path.exists(ssl_cert): if not os.path.exists(ssl_cert):
......
0% Loading or .
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment