first test reload daemons

This commit is contained in:
jigen 2020-02-24 00:20:49 +01:00
parent 1ab4a4bfde
commit 10bf45ee35

View file

@ -6,7 +6,7 @@ import argparse
import configparser import configparser
import logging import logging
import mysql.connector import mysql.connector
import subprocess
# Query for IMAP/POP3 certificate # Query for IMAP/POP3 certificate
mbox_list_stmt = "SELECT DISTINCT(name) FROM records WHERE content in ({}) and (name LIKE 'imap.%' or name LIKE 'pop3.%' or name LIKE 'mail.%')" mbox_list_stmt = "SELECT DISTINCT(name) FROM records WHERE content in ({}) and (name LIKE 'imap.%' or name LIKE 'pop3.%' or name LIKE 'mail.%')"
@ -217,6 +217,7 @@ if __name__ == '__main__':
args, config = init_prog(sys.argv) args, config = init_prog(sys.argv)
dryrun=config['main'].getboolean('dryrun') dryrun=config['main'].getboolean('dryrun')
service_reload = dict()
ot_conn=connect_db(dict(config['ot_db'])) ot_conn=connect_db(dict(config['ot_db']))
dns_conn=connect_db(dict(config['dns_db'])) dns_conn=connect_db(dict(config['dns_db']))
@ -233,6 +234,7 @@ if __name__ == '__main__':
logging.info('vhost {}, domains_list {}'.format(vhost_name, webmails_list)) logging.info('vhost {}, domains_list {}'.format(vhost_name, webmails_list))
if acme_request(config, vhost_name, acme_test='HTTP-01', dryrun=dryrun, domains_list=webmails_list): if acme_request(config, vhost_name, acme_test='HTTP-01', dryrun=dryrun, domains_list=webmails_list):
link_cert(config, vhost_name, vhost_name, dryrun=dryrun) link_cert(config, vhost_name, vhost_name, dryrun=dryrun)
service_reload['webmail'] = True
else: else:
logger.error('Error asking certificate for {}'.format(vhost_name)) logger.error('Error asking certificate for {}'.format(vhost_name))
@ -251,6 +253,7 @@ if __name__ == '__main__':
dryrun=dryrun, domains_list=alias_list): dryrun=dryrun, domains_list=alias_list):
# non e' richiesto il link, punto direttamente le configurazioni alle dir di letsencrypt # non e' richiesto il link, punto direttamente le configurazioni alle dir di letsencrypt
# link_cert(config, vhost_name, vhost_name, dryrun=dryrun) # link_cert(config, vhost_name, vhost_name, dryrun=dryrun)
service_reload['mbox'] = True
pass pass
else: else:
logger.error('Error asking certificate for {}'.format(vhost_name)) logger.error('Error asking certificate for {}'.format(vhost_name))
@ -268,6 +271,7 @@ if __name__ == '__main__':
dryrun=dryrun, domains_list=alias_list): dryrun=dryrun, domains_list=alias_list):
# non e' richiesto il link, punto direttamente le configurazioni alle dir di letsencrypt # non e' richiesto il link, punto direttamente le configurazioni alle dir di letsencrypt
# link_cert(config, vhost_name, vhost_name, dryrun=dryrun) # link_cert(config, vhost_name, vhost_name, dryrun=dryrun)
service_reload['smtp'] = True
pass pass
else: else:
logger.error('Error asking certificate for {}'.format(vhost_name)) logger.error('Error asking certificate for {}'.format(vhost_name))
@ -290,6 +294,8 @@ if __name__ == '__main__':
# Crea il link per ogni subdomain # Crea il link per ogni subdomain
for subdomain in domain_feat['subdomains']: for subdomain in domain_feat['subdomains']:
link_cert(config, domain_name, subdomain, dryrun=dryrun) link_cert(config, domain_name, subdomain, dryrun=dryrun)
service_reload['hosting'] = True
else: else:
# Nel caso i nameserver NON siano gestiti, allora chiedi un certificato per ogni sottodominio # Nel caso i nameserver NON siano gestiti, allora chiedi un certificato per ogni sottodominio
# Crea il link per ogni subdomain # Crea il link per ogni subdomain
@ -297,6 +303,7 @@ if __name__ == '__main__':
logger.info('Get certificates for {}'.format(subdomain)) logger.info('Get certificates for {}'.format(subdomain))
if acme_request(config, subdomain, acme_test='HTTP-01', dryrun=dryrun): if acme_request(config, subdomain, acme_test='HTTP-01', dryrun=dryrun):
link_cert(config, subdomain, subdomain, dryrun=dryrun) link_cert(config, subdomain, subdomain, dryrun=dryrun)
service_reload['hosting'] = True
ot_conn.close() ot_conn.close()
dns_conn.close() dns_conn.close()
@ -307,5 +314,17 @@ if __name__ == '__main__':
liste_list = ["liste.{}".format(d.strip()) for d in config['mailman']['domains'].split(',') if len(d.strip())>0] liste_list = ["liste.{}".format(d.strip()) for d in config['mailman']['domains'].split(',') if len(d.strip())>0]
if acme_request(config, vhost_name, acme_test='HTTP-01', dryrun=dryrun, domains_list=liste_list): if acme_request(config, vhost_name, acme_test='HTTP-01', dryrun=dryrun, domains_list=liste_list):
link_cert(config, vhost_name, vhost_name, dryrun=dryrun) link_cert(config, vhost_name, vhost_name, dryrun=dryrun)
service_reload['liste'] = True
else: else:
logger.error('Error asking certificate for {}'.format(vhost_name)) logger.error('Error asking certificate for {}'.format(vhost_name))
if set('webmail','hosting','liste') & set(service_reload.keys()):
# reload apache
ret = subprocess.run("systemctl reload apache2")
if set('smtp',) & set(service_reload.keys()):
# reload postfix
ret = subprocess.run("systemctl reload postfix")
if set('mbox',) & set(service_reload.keys()):
# reload dovecot
ret = subprocess.run("systemctl reload dovecot")