diff --git a/locales/en.json b/locales/en.json index 81be8da6c..0f2ef7be8 100644 --- a/locales/en.json +++ b/locales/en.json @@ -125,8 +125,11 @@ "certmanager_attempt_to_renew_valid_cert": "The certificate for the domain '{domain}' is not about to expire! (You may use --force if you know what you're doing)", "certmanager_attempt_to_replace_valid_cert": "You are attempting to overwrite a good and valid certificate for domain {domain}! (Use --force to bypass)", "certmanager_cannot_read_cert": "Something wrong happened when trying to open current certificate for domain {domain} (file: {file}), reason: {reason}", + "certmanager_cert_install_failed": "Let's Encrypt certificate install failed for {domains}", + "certmanager_cert_install_failed_selfsigned": "Self-signed certificate install failed for {domains}", "certmanager_cert_install_success": "Let's Encrypt certificate now installed for the domain '{domain}'", "certmanager_cert_install_success_selfsigned": "Self-signed certificate now installed for the domain '{domain}'", + "certmanager_cert_renew_failed": "Let's Encrypt certificate renew failed for {domains}", "certmanager_cert_renew_success": "Let's Encrypt certificate renewed for the domain '{domain}'", "certmanager_cert_signing_failed": "Could not sign the new certificate", "certmanager_certificate_fetching_or_enabling_failed": "Trying to use the new certificate for {domain} did not work...", diff --git a/src/certificate.py b/src/certificate.py index 137a0aba0..3be821b0e 100644 --- a/src/certificate.py +++ b/src/certificate.py @@ -129,6 +129,7 @@ def certificate_install(domain_list, force=False, no_checks=False, self_signed=F def _certificate_install_selfsigned(domain_list, force=False): + failed_cert_install = [] for domain in domain_list: operation_logger = OperationLogger( @@ -223,9 +224,16 @@ def _certificate_install_selfsigned(domain_list, force=False): operation_logger.success() else: msg = f"Installation of self-signed certificate installation for {domain} failed !" + failed_cert_install.append(domain) logger.error(msg) operation_logger.error(msg) + if failed_cert_install: + raise YunohostError( + "certmanager_cert_install_failed_selfsigned", + domains=",".join(failed_cert_install) + ) + def _certificate_install_letsencrypt(domains, force=False, no_checks=False): from yunohost.domain import domain_list, _assert_domain_exists @@ -257,6 +265,7 @@ def _certificate_install_letsencrypt(domains, force=False, no_checks=False): ) # Actual install steps + failed_cert_install = [] for domain in domains: if not no_checks: @@ -285,11 +294,18 @@ def _certificate_install_letsencrypt(domains, force=False, no_checks=False): logger.error( f"Please consider checking the 'DNS records' (basic) and 'Web' categories of the diagnosis to check for possible issues that may prevent installing a Let's Encrypt certificate on domain {domain}." ) + failed_cert_install.append(domain) else: logger.success(m18n.n("certmanager_cert_install_success", domain=domain)) operation_logger.success() + if failed_cert_install: + raise YunohostError( + "certmanager_cert_install_failed", + domains=",".join(failed_cert_install) + ) + def certificate_renew(domains, force=False, no_checks=False, email=False): """ @@ -359,6 +375,7 @@ def certificate_renew(domains, force=False, no_checks=False, email=False): ) # Actual renew steps + failed_cert_install = [] for domain in domains: if not no_checks: @@ -400,6 +417,8 @@ def certificate_renew(domains, force=False, no_checks=False, email=False): logger.error(stack.getvalue()) logger.error(str(e)) + failed_cert_install.append(domain) + if email: logger.error("Sending email with details to root ...") _email_renewing_failed(domain, msg + "\n" + str(e), stack.getvalue()) @@ -407,6 +426,11 @@ def certificate_renew(domains, force=False, no_checks=False, email=False): logger.success(m18n.n("certmanager_cert_renew_success", domain=domain)) operation_logger.success() + if failed_cert_install: + raise YunohostError( + "certmanager_cert_renew_failed", + domains=",".join(failed_cert_install) + ) # # Back-end stuff #