From 4ddc3aac369cb20ba672553748e04eb218c33b34 Mon Sep 17 00:00:00 2001 From: Alexandre Aubin Date: Tue, 8 Nov 2016 12:09:02 -0500 Subject: [PATCH] Display a warning message when letsencrypt is installed, suggesting commands to migrate --- locales/en.json | 3 ++- src/yunohost/certificate.py | 37 ++++++++++++++++++++++++++++++++++++- 2 files changed, 38 insertions(+), 2 deletions(-) diff --git a/locales/en.json b/locales/en.json index bdfd1b14a..1a93b72ff 100644 --- a/locales/en.json +++ b/locales/en.json @@ -251,5 +251,6 @@ "certmanager_no_A_dns_record" : "No DNS record of type A found for {domain:s}. You need to configure the DNS for your domain before installing a certificate !", "certmanager_cannot_read_cert": "Something wrong happened when trying to open current certificate for domain {domain:s} (file : {file:s}), reason: {reason:s}", "certmanager_cert_install_success" : "Successfully installed Let's Encrypt certificate for domain {domain:s} !", - "certmanager_cert_renew_success" : "Successfully renewed Let's Encrypt certificate for domain {domain:s} !" + "certmanager_cert_renew_success" : "Successfully renewed Let's Encrypt certificate for domain {domain:s} !", + "certmanager_old_letsencrypt_app_detected" : "Command aborted because the letsencrypt app is conflicting with the yunohost certificate management features." } diff --git a/src/yunohost/certificate.py b/src/yunohost/certificate.py index d2a67495a..f9f5784a0 100644 --- a/src/yunohost/certificate.py +++ b/src/yunohost/certificate.py @@ -40,7 +40,7 @@ from moulinette.utils.log import getActionLogger import yunohost.domain -from yunohost.app import app_ssowatconf +from yunohost.app import app_ssowatconf, app_list from yunohost.service import _run_service_command @@ -78,6 +78,9 @@ def certificate_status(auth, domain_list, full=False): full -- Display more info about the certificates """ + # Check if old letsencrypt_ynh is installed + _check_old_letsencrypt_app() + # If no domains given, consider all yunohost domains if domain_list == []: domain_list = yunohost.domain.domain_list(auth)['domains'] @@ -107,6 +110,7 @@ def certificate_status(auth, domain_list, full=False): def certificate_install(auth, domain_list, force=False, no_checks=False, self_signed=False): + """ Install a Let's Encrypt certificate for given domains (all by default) @@ -117,6 +121,11 @@ def certificate_install(auth, domain_list, force=False, no_checks=False, self_si before attempting the install self-signed -- Instal self-signed certificates instead of Let's Encrypt """ + + # Check if old letsencrypt_ynh is installed + _check_old_letsencrypt_app() + + if self_signed: certificate_install_selfsigned(domain_list, force) else: @@ -234,6 +243,9 @@ def certificate_renew(auth, domain_list, force=False, no_checks=False, email=Fal email -- Emails root if some renewing failed """ + # Check if old letsencrypt_ynh is installed + _check_old_letsencrypt_app() + # If no domains given, consider all yunohost domains with Let's Encrypt # certificates if domain_list == []: @@ -299,6 +311,29 @@ def certificate_renew(auth, domain_list, force=False, no_checks=False, email=Fal # Back-end stuff # ############################################################################### +def _check_old_letsencrypt_app(): + + installedAppIds = [ app["id"] for app in yunohost.app.app_list(installed=True)["apps"] ] + if ("letsencrypt" not in installedAppIds) : + return + + logger.warning(" ") + logger.warning("Yunohost detected that the 'letsencrypt' app is installed, ") + logger.warning("which conflits with the new certificate management features") + logger.warning("directly integrated in Yunohost. If you wish to use these ") + logger.warning("new features, please run the following commands to migrate ") + logger.warning("your installation :") + logger.warning(" ") + logger.warning(" yunohost app remove letsencrypt") + logger.warning(" yunohost domain cert-install") + logger.warning(" ") + logger.warning("N.B. : this will attempt to re-install certificates for ") + logger.warning("all domains with a Let's Encrypt certificate or self-signed") + logger.warning("certificate.") + logger.warning(" ") + + raise MoulinetteError(errno.EINVAL, m18n.n('certmanager_old_letsencrypt_app_detected')) + def _install_cron(): cron_job_file = "/etc/cron.weekly/yunohost-certificate-renew"