nik/FreedomBox
1
0
Fork 0
mirror of https://github.com/freedombox/FreedomBox.git synced 2026-01-28 08:03:36 +00:00
Code Issues Packages Projects Releases Wiki Activity
FreedomBox/plinth/modules/letsencrypt/views.py
Sunil Mohan Adapa 1a17819380
letsencrypt: New basic module for SSL certficates 
This is the first implementation for obtaining certificates from Let's
Encrypt.  Following the features and limitations.

- Requires manual operation.

- Registrations are done anonymously.

- Supports revoking and re-obtaining certificates.  Does not have a way
  to show if a certficate is already renewed.

- Automatic renewal is not available.

- Details messages in case of errors.

- Has ability to switch to testing mode by using LE's staging servers.

- Sets up Apache configuration for the domain and enables/disables it.
  When certificates are not available for a domain, default website
  configuration is used.  When certificates are available, separate
  SSL website configuration for each domain is used.

- Many domain will work with a single IP address with the help of Server
  Name Indication (SNI) which is supported by all modern browsers.

- Supports diagnostics on websites.
2016-01-14 14:18:43 +05:30

93 lines
2.9 KiB
Python
Raw Blame History

#
# This file is part of Plinth.
#
# This program is free software: you can redistribute it and/or modify
# it under the terms of the GNU Affero General Public License as
# published by the Free Software Foundation, either version 3 of the
# License, or (at your option) any later version.
#
# This program is distributed in the hope that it will be useful,
# but WITHOUT ANY WARRANTY; without even the implied warranty of
# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
# GNU Affero General Public License for more details.
#
# You should have received a copy of the GNU Affero General Public License
# along with this program. If not, see <http://www.gnu.org/licenses/>.
#
"""
Plinth module for using Let's Encrypt.
"""
from django.contrib import messages
from django.core.urlresolvers import reverse_lazy
from django.shortcuts import redirect
from django.template.response import TemplateResponse
from django.utils.translation import ugettext as _
from django.views.decorators.http import require_POST
import json
import logging
from plinth import actions
from plinth import package
from plinth.errors import ActionError
from plinth.modules import names
logger = logging.getLogger(__name__)
@package.required(['letsencrypt'])
def index(request):
"""Serve configuration page."""
status = get_status()
return TemplateResponse(request, 'letsencrypt.html',
{'title': _('Certificates (Let\'s Encrypt)'),
'status': status})
@require_POST
def revoke(request, domain):
"""Revoke a certficate for a given domain."""
try:
actions.superuser_run('letsencrypt', ['revoke', '--domain', domain])
messages.success(
request, _('Certificate successfully revoked for domain {domain}')
.format(domain=domain))
except ActionError as exception:
messages.error(
request,
_('Failed to revoke certificate for domain {domain}: {error}')
.format(domain=domain, error=exception.args[2]))
return redirect(reverse_lazy('letsencrypt:index'))
@require_POST
def obtain(request, domain):
"""Obtain and install a certficate for a given domain."""
try:
actions.superuser_run('letsencrypt', ['obtain', '--domain', domain])
messages.success(
request, _('Certificate successfully obtained for domain {domain}')
.format(domain=domain))
except ActionError as exception:
messages.error(
request,
_('Failed to obtain certificate for domain {domain}: {error}')
.format(domain=domain, error=exception.args[2]))
return redirect(reverse_lazy('letsencrypt:index'))
def get_status():
"""Get the current settings."""
status = actions.superuser_run('letsencrypt', ['get-status'])
status = json.loads(status)
for domains in names.domains.values():
for domain in domains:
status['domains'].setdefault(domain, {})
return status
Reference in New Issue View Git Blame Copy Permalink