YunoHost/yunohost
1
0
Fork 0
mirror of https://github.com/YunoHost/yunohost.git synced 2024-09-03 20:06:10 +02:00
Code Issues Projects Releases Packages Wiki Activity

domain: add install_letsencrypt_cert option to domain_add

Browse source
This commit is contained in:
axolotle 2024-08-27 16:46:02 +02:00
parent 2916824b4c
commit edfebfbd2e
2 changed files with 28 additions and 4 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

3
share/actionsmap.yml
View file

@ -495,6 +495,9 @@ domain:
help: If adding a DynDNS domain, subscribe to the DynDNS service with a password, used to later delete the domain help: If adding a DynDNS domain, subscribe to the DynDNS service with a password, used to later delete the domain
extra: extra:
pattern: *pattern_password pattern: *pattern_password
--install-letsencrypt-cert:
help: If adding a subdomain of an already added domain, try to install a Let's Encrypt certificate
action: store_true
### domain_remove() ### domain_remove()
remove: remove:

25
src/domain.py
View file

@ -245,7 +245,11 @@ def _get_parent_domain_of(domain, return_self=False, topest=False):
@is_unit_operation(exclude=["dyndns_recovery_password"]) @is_unit_operation(exclude=["dyndns_recovery_password"])
def domain_add( def domain_add(
operation_logger, domain, dyndns_recovery_password=None, ignore_dyndns=False operation_logger,
domain,
dyndns_recovery_password=None,
ignore_dyndns=False,
install_letsencrypt_cert=False,
): ):
""" """
Create a custom domain Create a custom domain
@ -255,12 +259,17 @@ def domain_add(
dyndns -- Subscribe to DynDNS dyndns -- Subscribe to DynDNS
dyndns_recovery_password -- Password used to later unsubscribe from DynDNS dyndns_recovery_password -- Password used to later unsubscribe from DynDNS
ignore_dyndns -- If we want to just add the DynDNS domain to the list, without subscribing ignore_dyndns -- If we want to just add the DynDNS domain to the list, without subscribing
install_letsencrypt_cert -- If adding a subdomain of an already added domain, try to install a Let's Encrypt certificate
""" """
from yunohost.hook import hook_callback from yunohost.hook import hook_callback
from yunohost.app import app_ssowatconf from yunohost.app import app_ssowatconf
from yunohost.utils.ldap import _get_ldap_interface from yunohost.utils.ldap import _get_ldap_interface
from yunohost.utils.password import assert_password_is_strong_enough from yunohost.utils.password import assert_password_is_strong_enough
from yunohost.certificate import _certificate_install_selfsigned from yunohost.certificate import (
_certificate_install_selfsigned,
_certificate_install_letsencrypt,
certificate_status,
)
from yunohost.utils.dns import is_yunohost_dyndns_domain from yunohost.utils.dns import is_yunohost_dyndns_domain
if dyndns_recovery_password: if dyndns_recovery_password:
@ -302,6 +311,18 @@ def domain_add(
domain=domain, recovery_password=dyndns_recovery_password domain=domain, recovery_password=dyndns_recovery_password
) )
parent_domain = _get_parent_domain_of(domain) # FIXME: topest?
can_install_letsencrypt = (
parent_domain
and certificate_status(parent_domain, full=True)["ready_for_letsencrypt_cert"]
)
# FIXME: warn and fallback to selfsigned if `install_letsencrypt_cert` and not `can_install_letsencrypt`?
if install_letsencrypt_cert and can_install_letsencrypt:
# FIXME try and fallback to selfsigned?
_certificate_install_letsencrypt([domain])
else:
_certificate_install_selfsigned([domain], True) _certificate_install_selfsigned([domain], True)
try: try: