ansible-base/roles/tlscert_acme_inwx/files/tls-renew

#!/usr/bin/env python3

import os as _os
import json as _json
import argparse as _argparse


def file_read(path):
	handle = open(path, "r")
	content = handle.read()
	handle.close()
	return content
	

def main():
	## args
	argument_parser = _argparse.ArgumentParser()
	argument_parser.add_argument(
		"-c",
		"--conf-path",
		type = str,
		dest = "conf_path",
		metavar = "<conf-path>",
		default = "./tls-renew-conf.json",
	)
	argument_parser.add_argument(
		type = str,
		dest = "domain_base",
		metavar = "<domain-base>",
	)
	argument_parser.add_argument(
		type = str,
		dest = "domain_path",
		metavar = "<domain-path>",
	)
	argument_parser.add_argument(
		"-t",
		"--target-directory",
		dest = "target_directory",
		type = str,
		metavar = "<target-directory>",
		default = "/etc/ssl",
	)
	argument_parser.add_argument(
		"-x",
		"--challenge-prefix",
		dest = "challenge_prefix",
		type = str,
		metavar = "<challenge-prefix>",
		default = "_acme-challenge",
		help = "which subdomain to use for ACME challanges",
	)
	argument_parser.add_argument(
		"-w",
		"--delay",
		dest = "delay",
		type = float,
		default = 60.0,
		metavar = "<delay>",
		help = "seconds to wait at end of certbot auth hook",
	)
	args = argument_parser.parse_args()
	
	
	## vars
	conf = _json.loads(file_read(args.conf_path))
	domain = (args.domain_base + args.domain.path)
	
	## exec
	command_hook_parts = [
		("/usr/local/bin/inwx"),
		("--username='%s'" % conf["inwx_account"]["username"]),
		("--password='%s'" % conf["inwx_account"]["password"]),
		("--challenge-prefix='%s'" % args.challenge_prefix),
		("--delay=%.4f" % args.delay),
		("save"),
		(args.domain_base),
		("_acme-challenge.%s" % args.domain.path),
		("TXT"),
		("'\${CERTBOT_VALIDATION}'"),
	]
	command_hook = " ".join(command_hook_parts)
	
	command_certbot_parts = [
		("certbot"),
		("--email='%s'" % conf["acme_account"]["email"]),
		("--work-dir='%s'" % conf["misc"]["working_directory"]),
		("--preferred-challenges='dns'"),
		("--non-interactive"),
		("--key-path='%s'" % _os.path.join(args.target_directory, "private", "%s.pem" % domain)),
		("--cert-path='%s'" % _os.path.join(args.target_directory, "certs", "%s.pem" % domain)),
		("--chain-path='%s'" % _os.path.join(args.target_directory, "chains", "%s.pem" % domain)),
		("--fullchain-path='%s'" % _os.path.join(args.target_directory, "fullchains", "%s.pem" % domain)),
		("--domain='%s'" % domain),
		("--manual-auth-hook='%s'" % command_hook),
		("renew"),
	]
	command_certbot = " ".join(command_certbot_parts)
	
	_os.system(command_certbot)
	

main()
[int] 2024-05-30 18:44:28 +02:00			`#!/usr/bin/env python3`

			`import os as _os`
			`import json as _json`
			`import argparse as _argparse`


			`def file_read(path):`
			`handle = open(path, "r")`
			`content = handle.read()`
			`handle.close()`
			`return content`


			`def main():`
			`## args`
			`argument_parser = _argparse.ArgumentParser()`
			`argument_parser.add_argument(`
			`"-c",`
			`"--conf-path",`
			`type = str,`
			`dest = "conf_path",`
			`metavar = "<conf-path>",`
			`default = "./tls-renew-conf.json",`
			`)`
			`argument_parser.add_argument(`
			`type = str,`
			`dest = "domain_base",`
			`metavar = "<domain-base>",`
			`)`
			`argument_parser.add_argument(`
			`type = str,`
			`dest = "domain_path",`
			`metavar = "<domain-path>",`
			`)`
			`argument_parser.add_argument(`
			`"-t",`
			`"--target-directory",`
			`dest = "target_directory",`
			`type = str,`
			`metavar = "<target-directory>",`
			`default = "/etc/ssl",`
			`)`
			`argument_parser.add_argument(`
			`"-x",`
			`"--challenge-prefix",`
			`dest = "challenge_prefix",`
			`type = str,`
			`metavar = "<challenge-prefix>",`
			`default = "_acme-challenge",`
			`help = "which subdomain to use for ACME challanges",`
			`)`
			`argument_parser.add_argument(`
			`"-w",`
			`"--delay",`
			`dest = "delay",`
			`type = float,`
			`default = 60.0,`
			`metavar = "<delay>",`
			`help = "seconds to wait at end of certbot auth hook",`
			`)`
			`args = argument_parser.parse_args()`


			`## vars`
			`conf = _json.loads(file_read(args.conf_path))`
			`domain = (args.domain_base + args.domain.path)`

			`## exec`
			`command_hook_parts = [`
			`("/usr/local/bin/inwx"),`
			`("--username='%s'" % conf["inwx_account"]["username"]),`
			`("--password='%s'" % conf["inwx_account"]["password"]),`
			`("--challenge-prefix='%s'" % args.challenge_prefix),`
			`("--delay=%.4f" % args.delay),`
			`("save"),`
			`(args.domain_base),`
			`("_acme-challenge.%s" % args.domain.path),`
			`("TXT"),`
			`("'\${CERTBOT_VALIDATION}'"),`
			`]`
			`command_hook = " ".join(command_hook_parts)`

			`command_certbot_parts = [`
			`("certbot"),`
			`("--email='%s'" % conf["acme_account"]["email"]),`
			`("--work-dir='%s'" % conf["misc"]["working_directory"]),`
			`("--preferred-challenges='dns'"),`
			`("--non-interactive"),`
			`("--key-path='%s'" % _os.path.join(args.target_directory, "private", "%s.pem" % domain)),`
			`("--cert-path='%s'" % _os.path.join(args.target_directory, "certs", "%s.pem" % domain)),`
			`("--chain-path='%s'" % _os.path.join(args.target_directory, "chains", "%s.pem" % domain)),`
			`("--fullchain-path='%s'" % _os.path.join(args.target_directory, "fullchains", "%s.pem" % domain)),`
			`("--domain='%s'" % domain),`
			`("--manual-auth-hook='%s'" % command_hook),`
			`("renew"),`
			`]`
			`command_certbot = " ".join(command_certbot_parts)`

			`_os.system(command_certbot)`


			`main()`