104 lines
2.5 KiB
Python
Executable file
104 lines
2.5 KiB
Python
Executable file
#!/usr/bin/env python3
|
|
|
|
import os as _os
|
|
import json as _json
|
|
import argparse as _argparse
|
|
|
|
|
|
def file_read(path):
|
|
handle = open(path, "r")
|
|
content = handle.read()
|
|
handle.close()
|
|
return content
|
|
|
|
|
|
def main():
|
|
## args
|
|
argument_parser = _argparse.ArgumentParser()
|
|
argument_parser.add_argument(
|
|
"-c",
|
|
"--conf-path",
|
|
type = str,
|
|
dest = "conf_path",
|
|
metavar = "<conf-path>",
|
|
default = "./tls-renew-conf.json",
|
|
)
|
|
argument_parser.add_argument(
|
|
type = str,
|
|
dest = "domain_base",
|
|
metavar = "<domain-base>",
|
|
)
|
|
argument_parser.add_argument(
|
|
type = str,
|
|
dest = "domain_path",
|
|
metavar = "<domain-path>",
|
|
)
|
|
argument_parser.add_argument(
|
|
"-t",
|
|
"--target-directory",
|
|
dest = "target_directory",
|
|
type = str,
|
|
metavar = "<target-directory>",
|
|
default = "/etc/ssl",
|
|
)
|
|
argument_parser.add_argument(
|
|
"-x",
|
|
"--challenge-prefix",
|
|
dest = "challenge_prefix",
|
|
type = str,
|
|
metavar = "<challenge-prefix>",
|
|
default = "_acme-challenge",
|
|
help = "which subdomain to use for ACME challanges",
|
|
)
|
|
argument_parser.add_argument(
|
|
"-w",
|
|
"--delay",
|
|
dest = "delay",
|
|
type = float,
|
|
default = 60.0,
|
|
metavar = "<delay>",
|
|
help = "seconds to wait at end of certbot auth hook",
|
|
)
|
|
args = argument_parser.parse_args()
|
|
|
|
|
|
## vars
|
|
conf = _json.loads(file_read(args.conf_path))
|
|
domain = (args.domain_base + args.domain.path)
|
|
|
|
## exec
|
|
command_hook_parts = [
|
|
("/usr/local/bin/inwx"),
|
|
("--username='%s'" % conf["inwx_account"]["username"]),
|
|
("--password='%s'" % conf["inwx_account"]["password"]),
|
|
("--challenge-prefix='%s'" % args.challenge_prefix),
|
|
("--delay=%.4f" % args.delay),
|
|
("save"),
|
|
(args.domain_base),
|
|
("_acme-challenge.%s" % args.domain.path),
|
|
("TXT"),
|
|
("'\${CERTBOT_VALIDATION}'"),
|
|
]
|
|
command_hook = " ".join(command_hook_parts)
|
|
|
|
command_certbot_parts = [
|
|
("certbot"),
|
|
("--email='%s'" % conf["acme_account"]["email"]),
|
|
("--work-dir='%s'" % conf["misc"]["working_directory"]),
|
|
("--preferred-challenges='dns'"),
|
|
("--non-interactive"),
|
|
("--key-path='%s'" % _os.path.join(args.target_directory, "private", "%s.pem" % domain)),
|
|
("--cert-path='%s'" % _os.path.join(args.target_directory, "certs", "%s.pem" % domain)),
|
|
("--chain-path='%s'" % _os.path.join(args.target_directory, "chains", "%s.pem" % domain)),
|
|
("--fullchain-path='%s'" % _os.path.join(args.target_directory, "fullchains", "%s.pem" % domain)),
|
|
("--domain='%s'" % domain),
|
|
("--manual-auth-hook='%s'" % command_hook),
|
|
("renew"),
|
|
]
|
|
command_certbot = " ".join(command_certbot_parts)
|
|
|
|
_os.system(command_certbot)
|
|
|
|
|
|
main()
|