|
|
@@ -6,7 +6,7 @@ import argparse
|
|
|
import configparser
|
|
|
import logging
|
|
|
import mysql.connector
|
|
|
-
|
|
|
+import subprocess
|
|
|
|
|
|
# Query for IMAP/POP3 certificate
|
|
|
mbox_list_stmt = "SELECT DISTINCT(name) FROM records WHERE content in ({}) and (name LIKE 'imap.%' or name LIKE 'pop3.%' or name LIKE 'mail.%')"
|
|
|
@@ -217,6 +217,7 @@ if __name__ == '__main__':
|
|
|
args, config = init_prog(sys.argv)
|
|
|
|
|
|
dryrun=config['main'].getboolean('dryrun')
|
|
|
+ service_reload = dict()
|
|
|
|
|
|
ot_conn=connect_db(dict(config['ot_db']))
|
|
|
dns_conn=connect_db(dict(config['dns_db']))
|
|
|
@@ -233,6 +234,7 @@ if __name__ == '__main__':
|
|
|
logging.info('vhost {}, domains_list {}'.format(vhost_name, webmails_list))
|
|
|
if acme_request(config, vhost_name, acme_test='HTTP-01', dryrun=dryrun, domains_list=webmails_list):
|
|
|
link_cert(config, vhost_name, vhost_name, dryrun=dryrun)
|
|
|
+ service_reload['webmail'] = True
|
|
|
else:
|
|
|
logger.error('Error asking certificate for {}'.format(vhost_name))
|
|
|
|
|
|
@@ -251,6 +253,7 @@ if __name__ == '__main__':
|
|
|
dryrun=dryrun, domains_list=alias_list):
|
|
|
# non e' richiesto il link, punto direttamente le configurazioni alle dir di letsencrypt
|
|
|
# link_cert(config, vhost_name, vhost_name, dryrun=dryrun)
|
|
|
+ service_reload['mbox'] = True
|
|
|
pass
|
|
|
else:
|
|
|
logger.error('Error asking certificate for {}'.format(vhost_name))
|
|
|
@@ -268,6 +271,7 @@ if __name__ == '__main__':
|
|
|
dryrun=dryrun, domains_list=alias_list):
|
|
|
# non e' richiesto il link, punto direttamente le configurazioni alle dir di letsencrypt
|
|
|
# link_cert(config, vhost_name, vhost_name, dryrun=dryrun)
|
|
|
+ service_reload['smtp'] = True
|
|
|
pass
|
|
|
else:
|
|
|
logger.error('Error asking certificate for {}'.format(vhost_name))
|
|
|
@@ -290,6 +294,8 @@ if __name__ == '__main__':
|
|
|
# Crea il link per ogni subdomain
|
|
|
for subdomain in domain_feat['subdomains']:
|
|
|
link_cert(config, domain_name, subdomain, dryrun=dryrun)
|
|
|
+ service_reload['hosting'] = True
|
|
|
+
|
|
|
else:
|
|
|
# Nel caso i nameserver NON siano gestiti, allora chiedi un certificato per ogni sottodominio
|
|
|
# Crea il link per ogni subdomain
|
|
|
@@ -297,6 +303,7 @@ if __name__ == '__main__':
|
|
|
logger.info('Get certificates for {}'.format(subdomain))
|
|
|
if acme_request(config, subdomain, acme_test='HTTP-01', dryrun=dryrun):
|
|
|
link_cert(config, subdomain, subdomain, dryrun=dryrun)
|
|
|
+ service_reload['hosting'] = True
|
|
|
ot_conn.close()
|
|
|
dns_conn.close()
|
|
|
|
|
|
@@ -307,5 +314,17 @@ if __name__ == '__main__':
|
|
|
liste_list = ["liste.{}".format(d.strip()) for d in config['mailman']['domains'].split(',') if len(d.strip())>0]
|
|
|
if acme_request(config, vhost_name, acme_test='HTTP-01', dryrun=dryrun, domains_list=liste_list):
|
|
|
link_cert(config, vhost_name, vhost_name, dryrun=dryrun)
|
|
|
+ service_reload['liste'] = True
|
|
|
else:
|
|
|
logger.error('Error asking certificate for {}'.format(vhost_name))
|
|
|
+
|
|
|
+
|
|
|
+ if set('webmail','hosting','liste') & set(service_reload.keys()):
|
|
|
+ # reload apache
|
|
|
+ ret = subprocess.run("systemctl reload apache2")
|
|
|
+ if set('smtp',) & set(service_reload.keys()):
|
|
|
+ # reload postfix
|
|
|
+ ret = subprocess.run("systemctl reload postfix")
|
|
|
+ if set('mbox',) & set(service_reload.keys()):
|
|
|
+ # reload dovecot
|
|
|
+ ret = subprocess.run("systemctl reload dovecot")
|
