cert: raise errors for cert install/renew

locales/en.json

@@ -125,8 +125,11 @@
     "certmanager_attempt_to_renew_valid_cert": "The certificate for the domain '{domain}' is not about to expire! (You may use --force if you know what you're doing)",
     "certmanager_attempt_to_replace_valid_cert": "You are attempting to overwrite a good and valid certificate for domain {domain}! (Use --force to bypass)",
     "certmanager_cannot_read_cert": "Something wrong happened when trying to open current certificate for domain {domain} (file: {file}), reason: {reason}",
+    "certmanager_cert_install_failed": "Let's Encrypt certificate install failed for {domains}",
+    "certmanager_cert_install_failed_selfsigned": "Self-signed certificate install failed for {domains}",
     "certmanager_cert_install_success": "Let's Encrypt certificate now installed for the domain '{domain}'",
     "certmanager_cert_install_success_selfsigned": "Self-signed certificate now installed for the domain '{domain}'",
+    "certmanager_cert_renew_failed": "Let's Encrypt certificate renew failed for {domains}",
     "certmanager_cert_renew_success": "Let's Encrypt certificate renewed for the domain '{domain}'",
     "certmanager_cert_signing_failed": "Could not sign the new certificate",
     "certmanager_certificate_fetching_or_enabling_failed": "Trying to use the new certificate for {domain} did not work...",

src/certificate.py

@@ -129,6 +129,7 @@ def certificate_install(domain_list, force=False, no_checks=False, self_signed=F
 
 def _certificate_install_selfsigned(domain_list, force=False):
 
+    failed_cert_install = []
     for domain in domain_list:
 
         operation_logger = OperationLogger(
@@ -223,9 +224,16 @@ def _certificate_install_selfsigned(domain_list, force=False):
             operation_logger.success()
         else:
             msg = f"Installation of self-signed certificate installation for {domain} failed !"
+            failed_cert_install.append(domain)
             logger.error(msg)
             operation_logger.error(msg)
 
+    if failed_cert_install:
+        raise YunohostError(
+            "certmanager_cert_install_failed_selfsigned",
+            domains=",".join(failed_cert_install)
+        )
+
 
 def _certificate_install_letsencrypt(domains, force=False, no_checks=False):
     from yunohost.domain import domain_list, _assert_domain_exists
@@ -257,6 +265,7 @@ def _certificate_install_letsencrypt(domains, force=False, no_checks=False):
                 )
 
     # Actual install steps
+    failed_cert_install = []
     for domain in domains:
 
         if not no_checks:
@@ -285,11 +294,18 @@ def _certificate_install_letsencrypt(domains, force=False, no_checks=False):
                 logger.error(
                     f"Please consider checking the 'DNS records' (basic) and 'Web' categories of the diagnosis to check for possible issues that may prevent installing a Let's Encrypt certificate on domain {domain}."
                 )
+            failed_cert_install.append(domain)
         else:
             logger.success(m18n.n("certmanager_cert_install_success", domain=domain))
 
             operation_logger.success()
 
+    if failed_cert_install:
+        raise YunohostError(
+            "certmanager_cert_install_failed",
+            domains=",".join(failed_cert_install)
+        )
+
 
 def certificate_renew(domains, force=False, no_checks=False, email=False):
     """
@@ -359,6 +375,7 @@ def certificate_renew(domains, force=False, no_checks=False, email=False):
                 )
 
     # Actual renew steps
+    failed_cert_install = []
     for domain in domains:
 
         if not no_checks:
@@ -400,6 +417,8 @@ def certificate_renew(domains, force=False, no_checks=False, email=False):
             logger.error(stack.getvalue())
             logger.error(str(e))
 
+            failed_cert_install.append(domain)
+
             if email:
                 logger.error("Sending email with details to root ...")
                 _email_renewing_failed(domain, msg + "\n" + str(e), stack.getvalue())
@@ -407,6 +426,11 @@ def certificate_renew(domains, force=False, no_checks=False, email=False):
             logger.success(m18n.n("certmanager_cert_renew_success", domain=domain))
             operation_logger.success()
 
+    if failed_cert_install:
+        raise YunohostError(
+            "certmanager_cert_renew_failed",
+            domains=",".join(failed_cert_install)
+        )
 
 #
 # Back-end stuff                                                            #