mirror of
https://github.com/frappe/bench.git
synced 2025-01-10 09:02:10 +00:00
fix: replace certbot-auto with certbot (#1303)
* fix: replace certbot-auto references with certbot and add in prerequesites ansile tasks * fix: config file flag fix * fix: certbot path using find_executable instead of hardcoded * fix: remove easy install entry for certbot * fix: replace find_executable with which * fix: no need to check and raise. * fix: provide user with cerbot install instructions" * fix: return certbot path * fix: Use get_certbot_path instead of harcoded path Co-authored-by: Abhishek Balam <abhishekbalam96@gmail.com> Co-authored-by: gavin <gavin18d@gmail.com>
This commit is contained in:
parent
6790f6beaa
commit
a88932592e
@ -10,11 +10,10 @@ from bench.config.nginx import make_nginx_conf
|
||||
from bench.config.production_setup import service
|
||||
from bench.config.site_config import get_domains, remove_domain, update_site_config
|
||||
from bench.bench import Bench
|
||||
from bench.utils import exec_cmd
|
||||
from bench.utils import exec_cmd, which
|
||||
from bench.utils.bench import update_common_site_config
|
||||
from bench.exceptions import CommandFailedError
|
||||
|
||||
|
||||
def setup_letsencrypt(site, custom_domain, bench_path, interactive):
|
||||
|
||||
site_path = os.path.join(bench_path, "sites", site, "site_config.json")
|
||||
@ -58,7 +57,6 @@ def create_config(site, custom_domain):
|
||||
|
||||
def run_certbot_and_setup_ssl(site, custom_domain, bench_path, interactive=True):
|
||||
service('nginx', 'stop')
|
||||
get_certbot()
|
||||
|
||||
try:
|
||||
interactive = '' if interactive else '-n'
|
||||
@ -88,7 +86,7 @@ def run_certbot_and_setup_ssl(site, custom_domain, bench_path, interactive=True)
|
||||
def setup_crontab():
|
||||
from crontab import CronTab
|
||||
|
||||
job_command = '/opt/certbot-auto renew -a nginx --post-hook "systemctl reload nginx"'
|
||||
job_command = f'{get_certbot_path()} renew -a nginx --post-hook "systemctl reload nginx"'
|
||||
job_comment = 'Renew lets-encrypt every month'
|
||||
print(f"Setting Up cron job to {job_comment}")
|
||||
|
||||
@ -107,20 +105,11 @@ def create_dir_if_missing(path):
|
||||
os.makedirs(os.path.dirname(path))
|
||||
|
||||
|
||||
def get_certbot():
|
||||
from urllib.request import urlretrieve
|
||||
|
||||
certbot_path = get_certbot_path()
|
||||
create_dir_if_missing(certbot_path)
|
||||
|
||||
if not os.path.isfile(certbot_path):
|
||||
urlretrieve("https://dl.eff.org/certbot-auto", certbot_path)
|
||||
os.chmod(certbot_path, 0o744)
|
||||
|
||||
|
||||
def get_certbot_path():
|
||||
return "/opt/certbot-auto"
|
||||
|
||||
try:
|
||||
return which("certbot", raise_err=True)
|
||||
except FileNotFoundError:
|
||||
raise CommandFailedError("Certbot is not installed on your system. Please visit https://certbot.eff.org/instructions for installation instructions, then try again.")
|
||||
|
||||
def renew_certs():
|
||||
# Needs to be run with sudo
|
||||
@ -156,7 +145,6 @@ def setup_wildcard_ssl(domain, email, bench_path, exclude_base_domain):
|
||||
print("You cannot setup SSL without DNS Multitenancy")
|
||||
return
|
||||
|
||||
get_certbot()
|
||||
domain_list = _get_domains(domain.strip())
|
||||
|
||||
email_param = ''
|
||||
|
@ -15,6 +15,5 @@
|
||||
{{ user }} ALL = (root) NOPASSWD: {{ nginx }}
|
||||
{% endif %}
|
||||
|
||||
{{ user }} ALL = (root) NOPASSWD: /opt/certbot-auto
|
||||
{{ user }} ALL = (root) NOPASSWD: {{ certbot }}
|
||||
Defaults:{{ user }} !requiretty
|
||||
|
||||
|
@ -108,6 +108,8 @@ def init(
|
||||
|
||||
|
||||
def setup_sudoers(user):
|
||||
from bench.config.lets_encrypt import get_certbot_path
|
||||
|
||||
if not os.path.exists("/etc/sudoers.d"):
|
||||
os.makedirs("/etc/sudoers.d")
|
||||
|
||||
@ -128,6 +130,7 @@ def setup_sudoers(user):
|
||||
"service": which("service"),
|
||||
"systemctl": which("systemctl"),
|
||||
"nginx": which("nginx"),
|
||||
"certbot": get_certbot_path(),
|
||||
}
|
||||
)
|
||||
|
||||
|
Loading…
Reference in New Issue
Block a user