WMDE
/
wmdeit-cf-wmdelib
2
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity

Reads domains from cert

This commit is contained in:
Tobias Herre 2023-10-31 17:20:11 +01:00
parent 1aed9ae685
commit fc5c2ca129
1 changed files with 29 additions and 9 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

36
certbot.cf
View File

@ -62,12 +62,15 @@ bundle agent certbot_cert(site,webroot)
vars: vars:
"domain" string => "$(site[domain])"; "domain" string => "$(site[domain])";
"keytype" string => "rsa"; "keytype" string => "rsa";
"ds" slist => {"$(site[domain])"}; "ds" slist => {"$(site[domain])"};
"domains" slist => sort(mergedata(@(ds),getvalues(@(site[aliases])))); "domains" slist => sort(mergedata(@(ds),getvalues(@(site[aliases]))));
"domains_txt" string => string_mustache("{{#-top-}}{{.}} {{/-top-}}",@(domains));
"site_json" string => storejson(@(site)); "site_json" string => storejson(@(site));
"args" string => string_mustache( "args" string => string_mustache(
@ -79,19 +82,27 @@ vars:
"--standalone", "--standalone",
"--webroot -w $(webroot)"); "--webroot -w $(webroot)");
"cert_test_cmd" string => "$(def.wmde_lib)/scripts/get-domains-from-cert.sh $(certbot.certbot_dir)/live/$(site[domain])/cert.pem";
"current_domains_txt" string => execresult("/bin/sh $(cert_test_cmd)","useshell"),
if => isvariable ("site[domain]");
files: files:
"$(sys.workdir)/data/agent/certbot/$(site[domain])-cert-created" # "$(sys.workdir)/data/agent/certbot/$(site[domain])-cert-created"
create => "true", # create => "true",
content => "$(args)", # content => "$(args)",
classes => if_repaired(certbot_repaired); # classes => if_repaired(certbot_repaired);
classes: classes:
"no_cert_file" # "no_cert_file"
comment => "run certbot because no cert dir exists", # comment => "run certbot because no cert dir exists",
not => fileexists("$(certbot.certbot_dir)/live/$(site[domain])"); # not => fileexists("$(certbot.certbot_dir)/live/$(site[domain])");
# "run_certbot"
# or => {no_cert_file, certbot_repaired};
"run_certbot" "run_certbot"
or => {no_cert_file, certbot_repaired}; expression => not (strcmp("$(current_domains_txt) ","$(domains_txt)"));
defaults: defaults:
"webroot" string => "standalone"; "webroot" string => "standalone";
@ -113,6 +124,15 @@ commands:
args => "certonly --agree-tos -n $(webroot_arg) --expand --email $(site[email]) $(args)"; args => "certonly --agree-tos -n $(webroot_arg) --expand --email $(site[email]) $(args)";
reports: reports:
# "CURRENT DOMAINS FOR $(site[domain]) : $(current_domains)";
# "EXEC IST: $(cert_test_cmd)";
# "IS '$(domains_txt)' == '$(current_domains_txt) ' ?";
# run_certbot_new::
# "WE MUST RUN CERTBOT FOR $(domains_txt)";
# !run_certbot_new::
# "WE SHOULD NOT RUN CERTBOT FOR $(domains_txt)";
} }