forked from bsyk/cf-letsencrypt
-
Notifications
You must be signed in to change notification settings - Fork 15
/
run.py
89 lines (67 loc) · 2.46 KB
/
run.py
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
import yaml
import os
import sys
import time
import threading
from http.server import SimpleHTTPRequestHandler
import socketserver
from letsencrypt import main as cli
cwd = os.getcwd()
logs = cwd+"/logs"
conf = cwd+"/conf"
work = cwd+"/work"
host = cwd+"/host"
port = int(os.getenv('PORT', '5000'))
# Before we switch directories, set up our args using the domains.json settings file.
with open('domains.json') as data_file:
settings = yaml.safe_load(data_file)
print(settings)
# Format commands
args = ["certonly", "--non-interactive", "--text", "--debug", "--agree-tos", "--logs-dir", logs, "--work-dir", work, "--config-dir", conf, "--webroot", "-w", host]
# Are we testing - i.e. getting certs from staging?
if 'staging' in settings and settings['staging'] is True:
args.append("--staging")
args.append("--email")
args.append(settings['email'])
for entry in settings['domains']:
domain = entry['domain']
for host in entry['hosts']:
args.append("-d")
if host == '.':
fqdn = domain
else:
fqdn = host + '.' + domain
args.append(fqdn)
print("Args: ", args)
os.chdir('host')
Handler = SimpleHTTPRequestHandler
httpd = socketserver.TCPServer(("", port), Handler)
# Start a thread with the server
server_thread = threading.Thread(target=httpd.serve_forever)
# Exit the server thread when the main thread terminates
server_thread.daemon = True
server_thread.start()
print("Server loop listening on port ", port, ". Running in thread: ", server_thread.name)
print("Starting Let's Encrypt process...")
cli.main(args)
print("Done.")
print("Fetch the certs and logs via cf ssh ...")
print("You can get them with these commands: ")
host = settings['domains'][0]['hosts'][0]
domain = settings['domains'][0]['domain']
path = host + "." + domain
if host == '.':
path = domain
print("cf ssh letsencrypt -c 'cat ~/app/conf/live/" + path + "/cert.pem' > cert.pem")
print("cf ssh letsencrypt -c 'cat ~/app/conf/live/" + path + "/chain.pem' > chain.pem")
print("cf ssh letsencrypt -c 'cat ~/app/conf/live/" + path + "/fullchain.pem' > fullchain.pem")
print("cf ssh letsencrypt -c 'cat ~/app/conf/live/" + path + "/privkey.pem' > privkey.pem")
print("\n")
print("REMEMBER TO STOP THE SERVER WITH cf stop letsencrypt")
sys.stdout.flush()
# Sleep for a week
time.sleep(604800)
print("Done. Killing server...")
# If we kill the server and end, CF should restart us and we'll try to get certificates again
httpd.shutdown()
httpd.server_close()