Switched hook order in certbot integration so it does not detect RENEWED_LINEAGE as CERTBOT_VALIDATION hook.
This commit is contained in:
Thulinma
parent
27a2e596fd
commit
58276b8fbe
1 changed files with 48 additions and 48 deletions
|
|
@ -55,6 +55,54 @@ int main(int argc, char **argv){
|
||||||
Util::Config conf(argv[0]);
|
Util::Config conf(argv[0]);
|
||||||
conf.parseArgs(argc, argv);
|
conf.parseArgs(argc, argv);
|
||||||
|
|
||||||
|
//Handle --deploy-hook
|
||||||
|
if (getenv("RENEWED_LINEAGE")){
|
||||||
|
INFO_MSG("Detected '--deploy-hook' calling. Installing certificate.");
|
||||||
|
std::string cbPath = getenv("RENEWED_LINEAGE");
|
||||||
|
std::string cbCert = cbPath + "/fullchain.pem";
|
||||||
|
std::string cbKey = cbPath + "/privkey.pem";
|
||||||
|
Socket::UDPConnection uSock;
|
||||||
|
uSock.SetDestination(UDP_API_HOST, UDP_API_PORT);
|
||||||
|
Util::DTSCShmReader rProto(SHM_PROTO);
|
||||||
|
DTSC::Scan prtcls = rProto.getScan();
|
||||||
|
unsigned int pro_cnt = prtcls.getSize();
|
||||||
|
bool found = false;
|
||||||
|
for (unsigned int i = 0; i < pro_cnt; ++i){
|
||||||
|
std::string ctor = prtcls.getIndice(i).getMember("connector").asString();
|
||||||
|
if (ctor == "HTTPS"){
|
||||||
|
found = true;
|
||||||
|
JSON::Value currConf = prtcls.getIndice(i).asJSON();
|
||||||
|
JSON::Value cmd;
|
||||||
|
cmd["updateprotocol"].append(currConf);
|
||||||
|
cmd["updateprotocol"].append(currConf);
|
||||||
|
cmd["updateprotocol"][1u]["cert"] = cbCert;
|
||||||
|
cmd["updateprotocol"][1u]["key"] = cbKey;
|
||||||
|
INFO_MSG("Executing: %s", cmd.toString().c_str());
|
||||||
|
uSock.SendNow(cmd.toString());
|
||||||
|
Util::wait(500);
|
||||||
|
uSock.SendNow(cmd.toString());
|
||||||
|
Util::wait(500);
|
||||||
|
uSock.SendNow(cmd.toString());
|
||||||
|
}
|
||||||
|
}
|
||||||
|
if (!found){
|
||||||
|
INFO_MSG("No HTTPS active; enabling on port 443");
|
||||||
|
JSON::Value cmd;
|
||||||
|
cmd["addprotocol"]["connector"] = "HTTPS";
|
||||||
|
cmd["addprotocol"]["port"] = 443;
|
||||||
|
cmd["addprotocol"]["cert"] = cbCert;
|
||||||
|
cmd["addprotocol"]["key"] = cbKey;
|
||||||
|
INFO_MSG("Executing: %s", cmd.toString().c_str());
|
||||||
|
uSock.SendNow(cmd.toString());
|
||||||
|
Util::wait(500);
|
||||||
|
uSock.SendNow(cmd.toString());
|
||||||
|
Util::wait(500);
|
||||||
|
uSock.SendNow(cmd.toString());
|
||||||
|
}
|
||||||
|
Util::wait(5000);
|
||||||
|
return 0;
|
||||||
|
}
|
||||||
|
|
||||||
//Handle --manual-auth-hook
|
//Handle --manual-auth-hook
|
||||||
if (getenv("CERTBOT_VALIDATION") && getenv("CERTBOT_TOKEN")){
|
if (getenv("CERTBOT_VALIDATION") && getenv("CERTBOT_TOKEN")){
|
||||||
INFO_MSG("Detected '--manual-auth-hook' calling. Performing authentication.");
|
INFO_MSG("Detected '--manual-auth-hook' calling. Performing authentication.");
|
||||||
|
|
@ -118,54 +166,6 @@ int main(int argc, char **argv){
|
||||||
return 0;
|
return 0;
|
||||||
}
|
}
|
||||||
|
|
||||||
//Handle --deploy-hook
|
|
||||||
if (getenv("RENEWED_LINEAGE")){
|
|
||||||
INFO_MSG("Detected '--deploy-hook' calling. Installing certificate.");
|
|
||||||
std::string cbPath = getenv("RENEWED_LINEAGE");
|
|
||||||
std::string cbCert = cbPath + "/fullchain.pem";
|
|
||||||
std::string cbKey = cbPath + "/privkey.pem";
|
|
||||||
Socket::UDPConnection uSock;
|
|
||||||
uSock.SetDestination(UDP_API_HOST, UDP_API_PORT);
|
|
||||||
Util::DTSCShmReader rProto(SHM_PROTO);
|
|
||||||
DTSC::Scan prtcls = rProto.getScan();
|
|
||||||
unsigned int pro_cnt = prtcls.getSize();
|
|
||||||
bool found = false;
|
|
||||||
for (unsigned int i = 0; i < pro_cnt; ++i){
|
|
||||||
std::string ctor = prtcls.getIndice(i).getMember("connector").asString();
|
|
||||||
if (ctor == "HTTPS"){
|
|
||||||
found = true;
|
|
||||||
JSON::Value currConf = prtcls.getIndice(i).asJSON();
|
|
||||||
JSON::Value cmd;
|
|
||||||
cmd["updateprotocol"].append(currConf);
|
|
||||||
cmd["updateprotocol"].append(currConf);
|
|
||||||
cmd["updateprotocol"][1u]["cert"] = cbCert;
|
|
||||||
cmd["updateprotocol"][1u]["key"] = cbKey;
|
|
||||||
INFO_MSG("Executing: %s", cmd.toString().c_str());
|
|
||||||
uSock.SendNow(cmd.toString());
|
|
||||||
Util::wait(500);
|
|
||||||
uSock.SendNow(cmd.toString());
|
|
||||||
Util::wait(500);
|
|
||||||
uSock.SendNow(cmd.toString());
|
|
||||||
}
|
|
||||||
}
|
|
||||||
if (!found){
|
|
||||||
INFO_MSG("No HTTPS active; enabling on port 443");
|
|
||||||
JSON::Value cmd;
|
|
||||||
cmd["addprotocol"]["connector"] = "HTTPS";
|
|
||||||
cmd["addprotocol"]["port"] = 443;
|
|
||||||
cmd["addprotocol"]["cert"] = cbCert;
|
|
||||||
cmd["addprotocol"]["key"] = cbKey;
|
|
||||||
INFO_MSG("Executing: %s", cmd.toString().c_str());
|
|
||||||
uSock.SendNow(cmd.toString());
|
|
||||||
Util::wait(500);
|
|
||||||
uSock.SendNow(cmd.toString());
|
|
||||||
Util::wait(500);
|
|
||||||
uSock.SendNow(cmd.toString());
|
|
||||||
}
|
|
||||||
Util::wait(5000);
|
|
||||||
return 0;
|
|
||||||
}
|
|
||||||
|
|
||||||
//Print usage message to help point users in the right direction
|
//Print usage message to help point users in the right direction
|
||||||
FAIL_MSG("This utility is meant to be ran by certbot, not by hand.");
|
FAIL_MSG("This utility is meant to be ran by certbot, not by hand.");
|
||||||
FAIL_MSG("Sample usage: certbot certonly --manual --preferred-challenges=http --manual-auth-hook MistUtilCertbot --deploy-hook MistUtilCertbot -d yourdomain.example.com");
|
FAIL_MSG("Sample usage: certbot certonly --manual --preferred-challenges=http --manual-auth-hook MistUtilCertbot --deploy-hook MistUtilCertbot -d yourdomain.example.com");
|
||||||
|
|
|
||||||
Loading…
Add table
Reference in a new issue