nik/FreedomBox
1
0
Fork 0
mirror of https://github.com/freedombox/FreedomBox.git synced 2026-02-04 08:13:38 +00:00
Code Issues Packages Projects Releases Wiki Activity
FreedomBox/plinth/modules/letsencrypt/__init__.py
Johannes Keyser f628eb2cc2
ejabberd: Use Let's Encrypt certificate, also across renewals. 
Reviewed-by: James Valleroy <jvalleroy@mailbox.org>
2017-10-01 10:48:39 -04:00

128 lines
4.0 KiB
Python
Raw Blame History

#
# This file is part of Plinth.
#
# This program is free software: you can redistribute it and/or modify
# it under the terms of the GNU Affero General Public License as
# published by the Free Software Foundation, either version 3 of the
# License, or (at your option) any later version.
#
# This program is distributed in the hope that it will be useful,
# but WITHOUT ANY WARRANTY; without even the implied warranty of
# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
# GNU Affero General Public License for more details.
#
# You should have received a copy of the GNU Affero General Public License
# along with this program. If not, see <http://www.gnu.org/licenses/>.
#
"""
Plinth module for using Let's Encrypt.
"""
from django.utils.translation import ugettext_lazy as _
from plinth import actions
from plinth import action_utils
from plinth import cfg
from plinth.errors import ActionError
from plinth.menu import main_menu
from plinth.modules import names
from plinth.utils import format_lazy
from plinth.signals import domainname_change
from plinth import module_loader
version = 1
is_essential = True
depends = ['names']
managed_packages = ['certbot']
name = _('Let\'s Encrypt')
short_description = _('Certificates')
description = [
format_lazy(
_('A digital certificate allows users of a web service to verify the '
'identity of the service and to securely communicate with it. '
'{box_name} can automatically obtain and setup digital '
'certificates for each available domain. It does so by proving '
'itself to be the owner of a domain to Let\'s Encrypt, a '
'certificate authority (CA).'), box_name=_(cfg.box_name)),
_('Let\'s Encrypt is a free, automated, and open certificate '
'authority, run for the public\'s benefit by the Internet Security '
'Research Group (ISRG). Please read and agree with the '
'<a href="https://letsencrypt.org/repository/">Let\'s Encrypt '
'Subscriber Agreement</a> before using this service.')
]
service = None
MODULES_WITH_HOOKS = ['ejabberd']
LIVE_DIRECTORY = '/etc/letsencrypt/live/'
def init():
"""Intialize the module."""
menu = main_menu.get('system')
menu.add_urlname(name,
'glyphicon-lock', 'letsencrypt:index', short_description)
domainname_change.connect(on_domainname_change)
def setup(helper, old_version=None):
"""Install and configure the module."""
helper.install(managed_packages)
def diagnose():
"""Run diagnostics and return the results."""
results = []
for domain_type, domains in names.domains.items():
if domain_type == 'hiddenservice':
continue
for domain in domains:
results.append(action_utils.diagnose_url('https://' + domain))
return results
def on_domainname_change(sender, old_domainname, new_domainname, **kwargs):
"""Disable renewal hook management after a domain name change."""
del sender # Unused
del new_domainname # Unused
del kwargs # Unused
for module in MODULES_WITH_HOOKS:
actions.superuser_run(module, ['letsencrypt', 'drop',
'--domain', old_domainname], async=True)
actions.superuser_run('letsencrypt', ['manage_hooks', 'disable',
'--domain', old_domainname],
async=True)
def get_manage_hooks_status():
"""Return status of hook management for current domain."""
try:
output = actions.superuser_run('letsencrypt',
['manage_hooks', 'status'])
except ActionError:
return False
return output.strip()
def get_installed_modules():
installed_modules = [module_name for module_name, module in
module_loader.loaded_modules.items()
if module_name in MODULES_WITH_HOOKS
and module.setup_helper.get_state() == 'up-to-date']
return installed_modules
Reference in New Issue View Git Blame Copy Permalink