first test reload daemons

2020-02-24 00:20:49 +01:00 · 2020-02-24 00:20:49 +01:00 · 10bf45ee35
commit 10bf45ee35
parent 1ab4a4bfde
1 changed files with 20 additions and 1 deletions
--- a/OTcerts.py
+++ b/OTcerts.py
@ -6,7 +6,7 @@ import argparse
 import configparser
 import logging
 import mysql.connector
-
+import subprocess

 # Query for IMAP/POP3 certificate
 mbox_list_stmt = "SELECT DISTINCT(name) FROM records WHERE content in ({}) and (name LIKE 'imap.%' or name LIKE 'pop3.%' or name LIKE 'mail.%')"
@ -217,6 +217,7 @@ if __name__ == '__main__':
    args, config = init_prog(sys.argv)

    dryrun=config['main'].getboolean('dryrun')
+    service_reload = dict()

    ot_conn=connect_db(dict(config['ot_db']))
    dns_conn=connect_db(dict(config['dns_db']))
@ -233,6 +234,7 @@ if __name__ == '__main__':
        logging.info('vhost {}, domains_list {}'.format(vhost_name, webmails_list))
        if acme_request(config, vhost_name, acme_test='HTTP-01', dryrun=dryrun, domains_list=webmails_list):
            link_cert(config, vhost_name, vhost_name, dryrun=dryrun)
+            service_reload['webmail'] = True
        else:
            logger.error('Error asking certificate for {}'.format(vhost_name))

@ -251,6 +253,7 @@ if __name__ == '__main__':
                        dryrun=dryrun, domains_list=alias_list):
            # non e' richiesto il link, punto direttamente le configurazioni alle dir di letsencrypt
            # link_cert(config, vhost_name, vhost_name, dryrun=dryrun)
+            service_reload['mbox'] = True
            pass
        else:
            logger.error('Error asking certificate for {}'.format(vhost_name))
@ -268,6 +271,7 @@ if __name__ == '__main__':
                        dryrun=dryrun, domains_list=alias_list):
            # non e' richiesto il link, punto direttamente le configurazioni alle dir di letsencrypt
            # link_cert(config, vhost_name, vhost_name, dryrun=dryrun)
+            service_reload['smtp'] = True
            pass
        else:
            logger.error('Error asking certificate for {}'.format(vhost_name))
@ -290,6 +294,8 @@ if __name__ == '__main__':
                    # Crea il link per ogni subdomain
                    for subdomain in domain_feat['subdomains']:
                        link_cert(config, domain_name, subdomain, dryrun=dryrun)
+                    service_reload['hosting'] = True
+
            else:
                # Nel caso i nameserver NON siano gestiti, allora chiedi un certificato per ogni sottodominio
                # Crea il link per ogni subdomain
@ -297,6 +303,7 @@ if __name__ == '__main__':
                    logger.info('Get certificates for {}'.format(subdomain))
                    if acme_request(config, subdomain, acme_test='HTTP-01', dryrun=dryrun):
                        link_cert(config, subdomain, subdomain, dryrun=dryrun)
+                        service_reload['hosting'] = True
        ot_conn.close()
        dns_conn.close()

@ -307,5 +314,17 @@ if __name__ == '__main__':
        liste_list = ["liste.{}".format(d.strip()) for d in config['mailman']['domains'].split(',') if len(d.strip())>0]
        if acme_request(config, vhost_name, acme_test='HTTP-01', dryrun=dryrun, domains_list=liste_list):
            link_cert(config, vhost_name, vhost_name, dryrun=dryrun)
+            service_reload['liste'] = True
        else:
            logger.error('Error asking certificate for {}'.format(vhost_name))
+
+
+    if set('webmail','hosting','liste') & set(service_reload.keys()):
+        # reload apache
+        ret = subprocess.run("systemctl reload apache2")
+    if set('smtp',) & set(service_reload.keys()):
+        # reload postfix
+        ret = subprocess.run("systemctl reload postfix")
+    if set('mbox',) & set(service_reload.keys()):
+        # reload dovecot
+        ret = subprocess.run("systemctl reload dovecot")