mirror of
https://github.com/YunoHost/yunohost.git
synced 2024-09-03 20:06:10 +02:00
Fix acme challenge code snippet detection for this domain
This commit is contained in:
parent
17d3ec5ad3
commit
c1262ab9a9
2 changed files with 9 additions and 7 deletions
|
@ -110,7 +110,7 @@
|
|||
"backup_unable_to_organize_files": "Could not use the quick method to organize files in the archive",
|
||||
"backup_with_no_backup_script_for_app": "The app '{app:s}' has no backup script. Ignoring.",
|
||||
"backup_with_no_restore_script_for_app": "The '{app:s}' has no restoration script, you will not be able to automatically restore the backup of this app.",
|
||||
"certmanager_acme_not_configured_for_domain": "Certificate for the domain '{domain:s}' does not appear to be correctly installed. Please run 'cert-install' for this domain first.",
|
||||
"certmanager_acme_not_configured_for_domain": "The ACME challenge cannot be ran for this domain right now because you are missing a code snippet in nginx conf... Please make sure that your nginx configuration is up to date using `yunohost tools regen-conf nginx --dry-run --with-diff`.",
|
||||
"certmanager_attempt_to_renew_nonLE_cert": "The certificate for the domain '{domain:s}' is not issued by Let's Encrypt. Cannot renew it automatically!",
|
||||
"certmanager_attempt_to_renew_valid_cert": "The certificate for the domain '{domain:s}' is not about to expire! (You may use --force if you know what you're doing)",
|
||||
"certmanager_attempt_to_replace_valid_cert": "You are attempting to overwrite a good and valid certificate for domain {domain:s}! (Use --force to bypass)",
|
||||
|
|
|
@ -38,6 +38,7 @@ from yunohost.vendor.acme_tiny.acme_tiny import get_crt as sign_certificate
|
|||
|
||||
from yunohost.utils.error import YunohostError
|
||||
from moulinette.utils.log import getActionLogger
|
||||
from moulinette.utils.filesystem import read_file
|
||||
|
||||
from yunohost.utils.network import get_public_ip
|
||||
|
||||
|
@ -468,14 +469,15 @@ Subject: %s
|
|||
|
||||
|
||||
def _check_acme_challenge_configuration(domain):
|
||||
# Check nginx conf file exists
|
||||
nginx_conf_folder = "/etc/nginx/conf.d/%s.d" % domain
|
||||
nginx_conf_file = "%s/000-acmechallenge.conf" % nginx_conf_folder
|
||||
|
||||
if not os.path.exists(nginx_conf_file):
|
||||
return False
|
||||
else:
|
||||
domain_conf = "/etc/nginx/conf.d/%s.conf" % domain
|
||||
if "include /etc/nginx/conf.d/acme-challenge.conf.inc" in read_file(domain_conf):
|
||||
return True
|
||||
else:
|
||||
# This is for legacy setups which haven't updated their domain conf to
|
||||
# the new conf that include the acme snippet...
|
||||
legacy_acme_conf = "/etc/nginx/conf.d/%s.d/000-acmechallenge.conf" % domain
|
||||
return os.path.exists(legacy_acme_conf)
|
||||
|
||||
|
||||
def _fetch_and_enable_new_certificate(domain, staging=False, no_checks=False):
|
||||
|
|
Loading…
Add table
Reference in a new issue