diff --git a/data/actionsmap/yunohost.yml b/data/actionsmap/yunohost.yml index f76321c16..b7a87ea75 100644 --- a/data/actionsmap/yunohost.yml +++ b/data/actionsmap/yunohost.yml @@ -441,6 +441,21 @@ domain: - !!str ^[0-9]+$ - "pattern_positive_number" + ### domain_maindomain() + main-domain: + action_help: Check the current main domain, or change it + deprecated_alias: + - maindomain + api: + - GET /domains/main + - PUT /domains/main + arguments: + -n: + full: --new-main-domain + help: Change the current main domain + extra: + pattern: *pattern_domain + ### certificate_status() cert-status: action_help: List status of current certificates (all by default). @@ -1539,7 +1554,7 @@ tools: - PUT /domains/main arguments: -n: - full: --new-domain + full: --new-main-domain help: Change the current main domain extra: pattern: *pattern_domain diff --git a/locales/ar.json b/locales/ar.json index 46f9315af..fba086bc4 100644 --- a/locales/ar.json +++ b/locales/ar.json @@ -211,8 +211,8 @@ "mail_domain_unknown": "Unknown mail address domain '{domain:s}'", "mail_forward_remove_failed": "Unable to remove mail forward '{mail:s}'", "mailbox_used_space_dovecot_down": "Dovecot mailbox service need to be up, if you want to get mailbox used space", - "maindomain_change_failed": "Unable to change the main domain", - "maindomain_changed": "The main domain has been changed", + "main_domain_change_failed": "Unable to change the main domain", + "main_domain_changed": "The main domain has been changed", "migrate_tsig_end": "Migration to hmac-sha512 finished", "migrate_tsig_failed": "Migrating the dyndns domain {domain} to hmac-sha512 failed, rolling back. Error: {error_code} - {error}", "migrate_tsig_start": "Not secure enough key algorithm detected for TSIG signature of domain '{domain}', initiating migration to the more secure one hmac-sha512", @@ -404,7 +404,7 @@ "log_user_create": "إضافة المستخدم '{}'", "log_user_delete": "حذف المستخدم '{}'", "log_user_update": "تحديث معلومات المستخدم '{}'", - "log_tools_maindomain": "جعل '{}' كنطاق أساسي", + "log_domain_main_domain": "جعل '{}' كنطاق أساسي", "log_tools_upgrade": "تحديث حُزم ديبيان", "log_tools_shutdown": "إطفاء الخادم", "log_tools_reboot": "إعادة تشغيل الخادم", diff --git a/locales/ca.json b/locales/ca.json index 32bbfb50f..e171726b0 100644 --- a/locales/ca.json +++ b/locales/ca.json @@ -271,7 +271,7 @@ "log_user_create": "Afegeix l'usuari « {} »", "log_user_delete": "Elimina l'usuari « {} »", "log_user_update": "Actualitza la informació de l'usuari « {} »", - "log_tools_maindomain": "Fes de « {} » el domini principal", + "log_domain_main_domain": "Fes de « {} » el domini principal", "log_tools_migrations_migrate_forward": "Migrar", "log_tools_migrations_migrate_backward": "Migrar endarrera", "log_tools_postinstall": "Fer la post instal·lació del servidor YunoHost", @@ -289,8 +289,8 @@ "mail_forward_remove_failed": "No s'han pogut eliminar el reenviament de correu «{mail:s}»", "mailbox_used_space_dovecot_down": "S'ha d'engegar el servei de correu Dovecot, per poder obtenir l'espai utilitzat per la bústia de correu", "mail_unavailable": "Aquesta adreça de correu està reservada i ha de ser atribuïda automàticament el primer usuari", - "maindomain_change_failed": "No s'ha pogut canviar el domini principal", - "maindomain_changed": "S'ha canviat el domini principal", + "main_domain_change_failed": "No s'ha pogut canviar el domini principal", + "main_domain_changed": "S'ha canviat el domini principal", "migrate_tsig_end": "La migració cap a HMAC-SHA-512 s'ha acabat", "migrate_tsig_failed": "Ha fallat la migració del domini DynDNS «{domain}» cap a HMAC-SHA-512, anul·lant les modificacions. Error: {error_code}, {error}", "migrate_tsig_start": "L'algoritme de generació de claus no es prou segur per a la signatura TSIG del domini «{domain}», començant la migració cap a un de més segur HMAC-SHA-512", diff --git a/locales/de.json b/locales/de.json index 6699f508c..ec7233973 100644 --- a/locales/de.json +++ b/locales/de.json @@ -104,8 +104,8 @@ "mail_alias_remove_failed": "E-Mail Alias '{mail:s}' konnte nicht entfernt werden", "mail_domain_unknown": "Unbekannte Mail Domain '{domain:s}'", "mail_forward_remove_failed": "Mailweiterleitung '{mail:s}' konnte nicht entfernt werden", - "maindomain_change_failed": "Die Hauptdomain konnte nicht geändert werden", - "maindomain_changed": "Die Hauptdomain wurde geändert", + "main_domain_change_failed": "Die Hauptdomain konnte nicht geändert werden", + "main_domain_changed": "Die Hauptdomain wurde geändert", "monitor_disabled": "Das Servermonitoring wurde erfolgreich deaktiviert", "monitor_enabled": "Das Servermonitoring wurde aktiviert", "monitor_glances_con_failed": "Verbindung mit Glances nicht möglich", diff --git a/locales/en.json b/locales/en.json index 27f25e095..4c97c7411 100644 --- a/locales/en.json +++ b/locales/en.json @@ -158,12 +158,13 @@ "diagnosis_no_apps": "No such installed app", "dpkg_is_broken": "You cannot do this right now because dpkg/APT (the system package managers) seems to be in a broken state… You can try to solve this issue by connecting through SSH and running `sudo dpkg --configure -a`.", "dpkg_lock_not_available": "This command can't be ran right now because another program seems to be using the lock of dpkg (the system package manager)", - "domain_cannot_remove_main": "Cannot remove main domain. Set one first", + "domain_cannot_remove_main": "You cannot remove '{domain:s}' since it's the main domain, you need first to set another domain as the main domain using 'yunohost domain main-domain -n ', here is the list of candidate domains: {other_domains:s}", + "domain_cannot_remove_main_add_new_one": "You cannot remove '{domain:s}' since it's the main domain and your only domain, you need to first add another domain using 'yunohost domain add ', then set is as the main domain using 'yunohost domain main-domain -n ' and then you can remove the domain '{domain:s}' using 'yunohost domain remove {domain:s}'.'", "domain_cert_gen_failed": "Could not generate certificate", "domain_created": "Domain created", - "domain_creation_failed": "Could not create domain {domain}: {error}", + "domain_creation_failed": "Unable to create domain {domain}: {error}", "domain_deleted": "Domain deleted", - "domain_deletion_failed": "Could not delete domain {domain}: {error}", + "domain_deletion_failed": "Unable to delete domain {domain}: {error}", "domain_dns_conf_is_just_a_recommendation": "This command shows you the *recommended* configuration. It does not actually set up the DNS configuration for you. It is your responsability to configure your DNS zone in your registrar according to this recommendation.", "domain_dyndns_already_subscribed": "You have already subscribed to a DynDNS domain", "domain_dyndns_root_unknown": "Unknown DynDNS root domain", @@ -283,7 +284,7 @@ "log_user_update": "Update user info of '{}'", "log_user_permission_update": "Update accesses for permission '{}'", "log_user_permission_reset": "Reset permission '{}'", - "log_tools_maindomain": "Make '{}' the main domain", + "log_domain_main_domain": "Make '{}' as main domain", "log_tools_migrations_migrate_forward": "Migrate forward", "log_tools_postinstall": "Postinstall your YunoHost server", "log_tools_upgrade": "Upgrade system packages", @@ -298,8 +299,8 @@ "mailbox_disabled": "E-mail turned off for user {user:s}", "mailbox_used_space_dovecot_down": "The Dovecot mailbox service needs to be up, if you want to fetch used mailbox space", "mail_unavailable": "This e-mail address is reserved and shall be automatically allocated to the very first user", - "maindomain_change_failed": "Could not change the main domain", - "maindomain_changed": "The main domain now changed", + "main_domain_change_failed": "Unable to change the main domain", + "main_domain_changed": "The main domain has been changed", "migrate_tsig_end": "Migration to HMAC-SHA-512 finished", "migrate_tsig_failed": "Could not migrate the DynDNS domain '{domain}' to HMAC-SHA-512, rolling back. Error: {error_code}, {error}", "migrate_tsig_start": "Insufficiently secure key algorithm detected for TSIG signature of the domain '{domain}', initiating migration to the more secure HMAC-SHA-512", diff --git a/locales/es.json b/locales/es.json index d216b8a9a..fe3e99dbf 100644 --- a/locales/es.json +++ b/locales/es.json @@ -121,8 +121,8 @@ "mail_alias_remove_failed": "No se pudo eliminar el alias de correo «{mail:s}»", "mail_domain_unknown": "Dirección de correo no válida para el dominio «{domain:s}». Use un dominio administrado por este servidor.", "mail_forward_remove_failed": "No se pudo eliminar el reenvío de correo «{mail:s}»", - "maindomain_change_failed": "No se pudo cambiar el dominio principal", - "maindomain_changed": "El dominio principal ha cambiado", + "main_domain_change_failed": "No se pudo cambiar el dominio principal", + "main_domain_changed": "El dominio principal ha cambiado", "monitor_disabled": "La monitorización del servidor está ahora desactivada", "monitor_enabled": "La monitorización del servidor está ahora activada", "monitor_glances_con_failed": "No se pudo conectar al servidor de Glances", diff --git a/locales/fr.json b/locales/fr.json index 15f82baf1..563c09a1f 100644 --- a/locales/fr.json +++ b/locales/fr.json @@ -122,8 +122,8 @@ "mail_alias_remove_failed": "Impossible de supprimer l’alias de courriel '{mail:s}'", "mail_domain_unknown": "Le domaine '{domain:s}' de cette adress de courriel n'est pas valide. Merci d'utiliser un domain administré par ce serveur.", "mail_forward_remove_failed": "Impossible de supprimer le courriel de transfert '{mail:s}'", - "maindomain_change_failed": "Impossible de modifier le domaine principal", - "maindomain_changed": "Le domaine principal modifié", + "main_domain_change_failed": "Impossible de modifier le domaine principal", + "main_domain_changed": "Le domaine principal modifié", "monitor_disabled": "Surveillance du serveur est maintenant arrêté", "monitor_enabled": "La supervision du serveur est maintenant allumée", "monitor_glances_con_failed": "Impossible de se connecter au serveur Glances", @@ -454,7 +454,7 @@ "log_user_create": "Ajouter l’utilisateur '{}'", "log_user_delete": "Supprimer l’utilisateur '{}'", "log_user_update": "Mettre à jour les informations de l’utilisateur '{}'", - "log_tools_maindomain": "Faire de '{}' le domaine principal", + "log_domain_main_domain": "Faire de '{}' le domaine principal", "log_tools_migrations_migrate_forward": "Migrer vers", "log_tools_migrations_migrate_backward": "Revenir en arrière", "log_tools_postinstall": "Faire la post-installation de votre serveur YunoHost", diff --git a/locales/it.json b/locales/it.json index 2c194d5a6..22cf9e2b0 100644 --- a/locales/it.json +++ b/locales/it.json @@ -136,8 +136,8 @@ "mail_domain_unknown": "Dominio d'indirizzo mail '{domain:s}' sconosciuto", "mail_forward_remove_failed": "Impossibile rimuovere la mail inoltrata '{mail:s}'", "mailbox_used_space_dovecot_down": "Il servizio di posta elettronica Dovecot deve essere attivato se vuoi riportare lo spazio usato dalla posta elettronica", - "maindomain_change_failed": "Impossibile cambiare il dominio principale", - "maindomain_changed": "Il dominio principale è stato cambiato", + "main_domain_change_failed": "Impossibile cambiare il dominio principale", + "main_domain_changed": "Il dominio principale è stato cambiato", "monitor_disabled": "Il monitoraggio del sistema è stato disattivato", "monitor_enabled": "Il monitoraggio del sistema è stato attivato", "monitor_glances_con_failed": "Impossibile collegarsi al server Glances", @@ -402,7 +402,7 @@ "log_user_create": "Aggiungi l'utente '{}'", "log_user_delete": "Elimina l'utente '{}'", "log_user_update": "Aggiornate le informazioni dell'utente '{}'", - "log_tools_maindomain": "Rendi '{}' dominio principale", + "log_domain_main_domain": "Rendi '{}' dominio principale", "log_tools_migrations_migrate_forward": "Migra avanti", "log_tools_migrations_migrate_backward": "Migra indietro", "log_tools_postinstall": "Postinstallazione del tuo server YunoHost", diff --git a/locales/oc.json b/locales/oc.json index 320a18341..49063e829 100644 --- a/locales/oc.json +++ b/locales/oc.json @@ -180,8 +180,8 @@ "invalid_url_format": "Format d’URL pas valid", "ldap_initialized": "L’annuari LDAP es inicializat", "license_undefined": "indefinida", - "maindomain_change_failed": "Modificacion impossibla del domeni màger", - "maindomain_changed": "Lo domeni màger es estat modificat", + "main_domain_change_failed": "Modificacion impossibla del domeni màger", + "main_domain_changed": "Lo domeni màger es estat modificat", "migrate_tsig_end": "La migracion cap a hmac-sha512 es acabada", "migrate_tsig_wait_2": "2 minutas…", "migrate_tsig_wait_3": "1 minuta…", @@ -440,7 +440,7 @@ "log_user_create": "Ajustar l’utilizaire « {} »", "log_user_delete": "Levar l’utilizaire « {} »", "log_user_update": "Actualizar las informacions a l’utilizaire « {} »", - "log_tools_maindomain": "Far venir « {} » lo domeni màger", + "log_domain_main_domain": "Far venir « {} » lo domeni màger", "log_tools_migrations_migrate_forward": "Migrar", "log_tools_migrations_migrate_backward": "Tornar en arrièr", "log_tools_postinstall": "Realizar la post installacion del servidor YunoHost", diff --git a/locales/pt.json b/locales/pt.json index b8c9d2eb3..a23265ab4 100644 --- a/locales/pt.json +++ b/locales/pt.json @@ -74,8 +74,8 @@ "mail_alias_remove_failed": "Não foi possível remover a etiqueta de correio '{mail:s}'", "mail_domain_unknown": "Domínio de endereço de correio '{domain:s}' inválido. Por favor, usa um domínio administrado per esse servidor.", "mail_forward_remove_failed": "Não foi possível remover o reencaminhamento de correio '{mail:s}'", - "maindomain_change_failed": "Incapaz alterar o domínio raiz", - "maindomain_changed": "Domínio raiz alterado com êxito", + "main_domain_change_failed": "Incapaz alterar o domínio raiz", + "main_domain_changed": "Domínio raiz alterado com êxito", "monitor_disabled": "Monitorização do servidor parada com êxito", "monitor_enabled": "Monitorização do servidor ativada com êxito", "monitor_glances_con_failed": "Não foi possível ligar ao servidor Glances", diff --git a/src/yunohost/domain.py b/src/yunohost/domain.py index 3f906748b..8f8a68812 100644 --- a/src/yunohost/domain.py +++ b/src/yunohost/domain.py @@ -34,6 +34,7 @@ from moulinette.utils.log import getActionLogger import yunohost.certificate +from yunohost.app import app_ssowatconf from yunohost.regenconf import regen_conf from yunohost.utils.network import get_public_ip from yunohost.log import is_unit_operation @@ -154,7 +155,14 @@ def domain_remove(operation_logger, domain, force=False): # Check domain is not the main domain if domain == _get_maindomain(): - raise YunohostError('domain_cannot_remove_main') + other_domains = domain_list()["domains"] + other_domains.remove(domain) + + if other_domains: + raise YunohostError('domain_cannot_remove_main', + domain=domain, other_domains="\n * " + ("\n * ".join(other_domains))) + else: + raise YunohostError('domain_cannot_remove_main_add_new_one', domain=domain) # Check if apps are installed on the domain for app in os.listdir('/etc/yunohost/apps/'): @@ -233,6 +241,63 @@ def domain_dns_conf(domain, ttl=None): return result +@is_unit_operation() +def domain_main_domain(operation_logger, new_main_domain=None): + """ + Check the current main domain, or change it + + Keyword argument: + new_main_domain -- The new domain to be set as the main domain + + """ + from yunohost.tools import _set_hostname + + # If no new domain specified, we return the current main domain + if not new_main_domain: + return {'current_main_domain': _get_maindomain()} + + # Check domain exists + if new_main_domain not in domain_list()['domains']: + raise YunohostError('domain_unknown') + + operation_logger.related_to.append(('domain', new_main_domain)) + operation_logger.start() + + # Apply changes to ssl certs + ssl_key = "/etc/ssl/private/yunohost_key.pem" + ssl_crt = "/etc/ssl/private/yunohost_crt.pem" + new_ssl_key = "/etc/yunohost/certs/%s/key.pem" % new_main_domain + new_ssl_crt = "/etc/yunohost/certs/%s/crt.pem" % new_main_domain + + try: + if os.path.exists(ssl_key) or os.path.lexists(ssl_key): + os.remove(ssl_key) + if os.path.exists(ssl_crt) or os.path.lexists(ssl_crt): + os.remove(ssl_crt) + + os.symlink(new_ssl_key, ssl_key) + os.symlink(new_ssl_crt, ssl_crt) + + _set_maindomain(new_main_domain) + except Exception as e: + logger.warning("%s" % e, exc_info=1) + raise YunohostError('main_domain_change_failed') + + _set_hostname(new_main_domain) + + # Generate SSOwat configuration file + app_ssowatconf() + + # Regen configurations + try: + with open('/etc/yunohost/installed', 'r'): + regen_conf() + except IOError: + pass + + logger.success(m18n.n('main_domain_changed')) + + def domain_cert_status(domain_list, full=False): return yunohost.certificate.certificate_status(domain_list, full) diff --git a/src/yunohost/tools.py b/src/yunohost/tools.py index f4bb83c15..6842f0f68 100644 --- a/src/yunohost/tools.py +++ b/src/yunohost/tools.py @@ -39,7 +39,7 @@ from moulinette.utils.log import getActionLogger from moulinette.utils.process import check_output, call_async_output from moulinette.utils.filesystem import read_json, write_to_json, read_yaml, write_to_yaml from yunohost.app import app_fetchlist, app_info, app_upgrade, app_ssowatconf, app_list, _install_appslist_fetch_cron -from yunohost.domain import domain_add, domain_list, _get_maindomain, _set_maindomain +from yunohost.domain import domain_add, domain_list from yunohost.dyndns import _dyndns_available, _dyndns_provides from yunohost.firewall import firewall_upnp from yunohost.service import service_status, service_start, service_enable @@ -164,60 +164,10 @@ def tools_adminpw(new_password, check_strength=True): logger.success(m18n.n('admin_password_changed')) -@is_unit_operation() -def tools_maindomain(operation_logger, new_domain=None): - """ - Check the current main domain, or change it - - Keyword argument: - new_domain -- The new domain to be set as the main domain - - """ - - # If no new domain specified, we return the current main domain - if not new_domain: - return {'current_main_domain': _get_maindomain()} - - # Check domain exists - if new_domain not in domain_list()['domains']: - raise YunohostError('domain_unknown') - - operation_logger.related_to.append(('domain', new_domain)) - operation_logger.start() - - # Apply changes to ssl certs - ssl_key = "/etc/ssl/private/yunohost_key.pem" - ssl_crt = "/etc/ssl/private/yunohost_crt.pem" - new_ssl_key = "/etc/yunohost/certs/%s/key.pem" % new_domain - new_ssl_crt = "/etc/yunohost/certs/%s/crt.pem" % new_domain - - try: - if os.path.exists(ssl_key) or os.path.lexists(ssl_key): - os.remove(ssl_key) - if os.path.exists(ssl_crt) or os.path.lexists(ssl_crt): - os.remove(ssl_crt) - - os.symlink(new_ssl_key, ssl_key) - os.symlink(new_ssl_crt, ssl_crt) - - _set_maindomain(new_domain) - except Exception as e: - logger.warning("%s" % e, exc_info=1) - raise YunohostError('maindomain_change_failed') - - _set_hostname(new_domain) - - # Generate SSOwat configuration file - app_ssowatconf() - - # Regen configurations - try: - with open('/etc/yunohost/installed', 'r'): - regen_conf() - except IOError: - pass - - logger.success(m18n.n('maindomain_changed')) +def tools_maindomain(new_main_domain=None): + from yunohost.domain import domain_main_domain + logger.warning(m18n.g("deprecated_command_alias", prog="yunohost", old="tools maindomain", new="domain main-domain")) + return domain_main_domain(new_main_domain=new_main_domain) def _set_hostname(hostname, pretty_hostname=None): @@ -281,6 +231,7 @@ def tools_postinstall(operation_logger, domain, password, ignore_dyndns=False, """ from yunohost.utils.password import assert_password_is_strong_enough + from yunohost.domain import domain_main_domain dyndns_provider = "dyndns.yunohost.org" @@ -395,7 +346,7 @@ def tools_postinstall(operation_logger, domain, password, ignore_dyndns=False, # New domain config regen_conf(['nsswitch'], force=True) domain_add(domain, dyndns) - tools_maindomain(domain) + domain_main_domain(domain) # Change LDAP admin password tools_adminpw(password, check_strength=not force_password)