2019-12-10 23:04:24 +05:00
|
|
|
#!/usr/local/CyberCP/bin/python
|
2019-12-04 14:40:59 +05:00
|
|
|
import os
|
|
|
|
|
import os.path
|
|
|
|
|
import sys
|
|
|
|
|
import django
|
|
|
|
|
|
|
|
|
|
sys.path.append('/usr/local/CyberCP')
|
|
|
|
|
os.environ.setdefault("DJANGO_SETTINGS_MODULE", "CyberCP.settings")
|
|
|
|
|
django.setup()
|
|
|
|
|
from plogical.CyberCPLogFileWriter import CyberCPLogFileWriter as logging
|
|
|
|
|
from websiteFunctions.models import Websites, ChildDomains
|
|
|
|
|
from os import path
|
|
|
|
|
from datetime import datetime
|
|
|
|
|
import OpenSSL
|
|
|
|
|
from plogical.virtualHostUtilities import virtualHostUtilities
|
|
|
|
|
|
|
|
|
|
class Renew:
|
|
|
|
|
def SSLObtainer(self):
|
|
|
|
|
try:
|
|
|
|
|
logging.writeToFile('Running SSL Renew Utility')
|
|
|
|
|
|
|
|
|
|
## For websites
|
|
|
|
|
|
|
|
|
|
for website in Websites.objects.all():
|
2020-01-30 21:38:39 +05:00
|
|
|
logging.writeToFile('Checking SSL for %s.' % (website.domain), 0)
|
2019-12-04 14:40:59 +05:00
|
|
|
filePath = '/etc/letsencrypt/live/%s/fullchain.pem' % (website.domain)
|
|
|
|
|
|
|
|
|
|
if path.exists(filePath):
|
2020-01-30 21:38:39 +05:00
|
|
|
logging.writeToFile('SSL exists for %s. Checking if SSL will expire in 15 days..' % (website.domain), 0)
|
2019-12-04 14:40:59 +05:00
|
|
|
x509 = OpenSSL.crypto.load_certificate(OpenSSL.crypto.FILETYPE_PEM,
|
|
|
|
|
open(filePath, 'r').read())
|
|
|
|
|
expireData = x509.get_notAfter().decode('ascii')
|
|
|
|
|
finalDate = datetime.strptime(expireData, '%Y%m%d%H%M%SZ')
|
|
|
|
|
now = datetime.now()
|
|
|
|
|
diff = finalDate - now
|
|
|
|
|
|
2023-03-16 09:47:11 +05:00
|
|
|
SSLProvider = x509.get_issuer().get_components()[1][1].decode('utf-8')
|
|
|
|
|
|
|
|
|
|
print(f"Provider: {x509.get_issuer().get_components()[1][1].decode('utf-8')}, Days : {diff.days}")
|
|
|
|
|
|
|
|
|
|
if int(diff.days) >= 15 and SSLProvider!='Denial':
|
2019-12-04 14:40:59 +05:00
|
|
|
logging.writeToFile(
|
2020-01-30 21:38:39 +05:00
|
|
|
'SSL exists for %s and is not ready to renew, skipping..' % (website.domain), 0)
|
2023-03-16 09:47:11 +05:00
|
|
|
elif SSLProvider == 'Denial':
|
2019-12-04 19:42:38 +05:00
|
|
|
logging.writeToFile(
|
2020-01-30 21:38:39 +05:00
|
|
|
'SSL exists for %s and ready to renew..' % (website.domain), 0)
|
2019-12-04 19:42:38 +05:00
|
|
|
logging.writeToFile(
|
2020-01-30 21:38:39 +05:00
|
|
|
'Renewing SSL for %s..' % (website.domain), 0)
|
2019-12-04 19:42:38 +05:00
|
|
|
|
|
|
|
|
virtualHostUtilities.issueSSL(website.domain, '/home/%s/public_html' % (website.domain),
|
|
|
|
|
website.adminEmail)
|
2023-03-16 09:47:11 +05:00
|
|
|
elif SSLProvider != "Let's Encrypt":
|
2020-02-07 17:13:58 +05:00
|
|
|
logging.writeToFile(
|
|
|
|
|
'Custom SSL exists for %s and ready to renew..' % (website.domain), 1)
|
2019-12-04 14:40:59 +05:00
|
|
|
else:
|
|
|
|
|
logging.writeToFile(
|
2020-01-30 21:38:39 +05:00
|
|
|
'SSL exists for %s and ready to renew..' % (website.domain), 0)
|
2019-12-04 14:40:59 +05:00
|
|
|
logging.writeToFile(
|
2020-01-30 21:38:39 +05:00
|
|
|
'Renewing SSL for %s..' % (website.domain), 0)
|
2019-12-04 14:40:59 +05:00
|
|
|
|
|
|
|
|
virtualHostUtilities.issueSSL(website.domain, '/home/%s/public_html' % (website.domain), website.adminEmail)
|
|
|
|
|
else:
|
|
|
|
|
logging.writeToFile(
|
2020-01-30 21:38:39 +05:00
|
|
|
'SSL does not exist for %s. Obtaining now..' % (website.domain), 0)
|
2019-12-04 14:40:59 +05:00
|
|
|
virtualHostUtilities.issueSSL(website.domain, '/home/%s/public_html' % (website.domain),
|
|
|
|
|
website.adminEmail)
|
|
|
|
|
|
|
|
|
|
## For child-domains
|
|
|
|
|
|
|
|
|
|
for website in ChildDomains.objects.all():
|
2020-01-30 21:38:39 +05:00
|
|
|
logging.writeToFile('Checking SSL for %s.' % (website.domain), 0)
|
2019-12-04 14:40:59 +05:00
|
|
|
filePath = '/etc/letsencrypt/live/%s/fullchain.pem' % (website.domain)
|
|
|
|
|
|
|
|
|
|
if path.exists(filePath):
|
|
|
|
|
logging.writeToFile(
|
2020-01-30 21:38:39 +05:00
|
|
|
'SSL exists for %s. Checking if SSL will expire in 15 days..' % (website.domain), 0)
|
2019-12-04 14:40:59 +05:00
|
|
|
x509 = OpenSSL.crypto.load_certificate(OpenSSL.crypto.FILETYPE_PEM,
|
|
|
|
|
open(filePath, 'r').read())
|
|
|
|
|
expireData = x509.get_notAfter().decode('ascii')
|
|
|
|
|
finalDate = datetime.strptime(expireData, '%Y%m%d%H%M%SZ')
|
|
|
|
|
now = datetime.now()
|
|
|
|
|
diff = finalDate - now
|
|
|
|
|
|
2023-03-17 13:58:10 +05:00
|
|
|
SSLProvider = x509.get_issuer().get_components()[1][1]
|
|
|
|
|
|
|
|
|
|
print(f"Provider: {x509.get_issuer().get_components()[1][1].decode('utf-8')}, Days : {diff.days}")
|
|
|
|
|
|
|
|
|
|
if int(diff.days) >= 15 and SSLProvider != 'Denial':
|
2019-12-04 14:40:59 +05:00
|
|
|
logging.writeToFile(
|
2020-01-30 21:38:39 +05:00
|
|
|
'SSL exists for %s and is not ready to renew, skipping..' % (website.domain), 0)
|
2023-03-17 13:58:10 +05:00
|
|
|
elif SSLProvider == 'Denial':
|
2019-12-04 19:42:38 +05:00
|
|
|
logging.writeToFile(
|
2020-01-30 21:38:39 +05:00
|
|
|
'SSL exists for %s and ready to renew..' % (website.domain), 0)
|
2019-12-04 19:42:38 +05:00
|
|
|
logging.writeToFile(
|
2020-01-30 21:38:39 +05:00
|
|
|
'Renewing SSL for %s..' % (website.domain), 0)
|
2019-12-04 19:42:38 +05:00
|
|
|
|
|
|
|
|
virtualHostUtilities.issueSSL(website.domain, website.path,
|
|
|
|
|
website.master.adminEmail)
|
2023-03-17 13:58:10 +05:00
|
|
|
elif SSLProvider != "Let's Encrypt":
|
|
|
|
|
logging.writeToFile(
|
|
|
|
|
'Custom SSL exists for %s and ready to renew..' % (website.domain), 1)
|
2019-12-04 14:40:59 +05:00
|
|
|
else:
|
|
|
|
|
logging.writeToFile(
|
2020-01-30 21:38:39 +05:00
|
|
|
'SSL exists for %s and ready to renew..' % (website.domain), 0)
|
2019-12-04 14:40:59 +05:00
|
|
|
logging.writeToFile(
|
2020-01-30 21:38:39 +05:00
|
|
|
'Renewing SSL for %s..' % (website.domain), 0)
|
2019-12-04 14:40:59 +05:00
|
|
|
|
|
|
|
|
virtualHostUtilities.issueSSL(website.domain, website.path,
|
|
|
|
|
website.master.adminEmail)
|
|
|
|
|
else:
|
|
|
|
|
logging.writeToFile(
|
2020-01-30 21:38:39 +05:00
|
|
|
'SSL does not exist for %s. Obtaining now..' % (website.domain), 0)
|
2019-12-04 14:40:59 +05:00
|
|
|
virtualHostUtilities.issueSSL(website.domain, website.path,
|
|
|
|
|
website.master.adminEmail)
|
2023-03-16 09:47:11 +05:00
|
|
|
|
2022-09-26 23:02:31 +05:00
|
|
|
self.file = logging.writeToFile('Restarting mail services for them to see new SSL.', 0)
|
|
|
|
|
|
|
|
|
|
from plogical.processUtilities import ProcessUtilities
|
|
|
|
|
command = 'postmap -F hash:/etc/postfix/vmail_ssl.map'
|
|
|
|
|
ProcessUtilities.normalExecutioner(command)
|
|
|
|
|
|
|
|
|
|
command = 'systemctl restart postfix'
|
|
|
|
|
ProcessUtilities.normalExecutioner(command)
|
|
|
|
|
|
|
|
|
|
command = 'systemctl restart dovecot'
|
|
|
|
|
ProcessUtilities.normalExecutioner(command)
|
2019-12-04 14:40:59 +05:00
|
|
|
|
2023-04-17 16:03:07 +05:00
|
|
|
command = 'systemctl restart lscpd'
|
|
|
|
|
ProcessUtilities.normalExecutioner(command)
|
|
|
|
|
|
2019-12-10 15:09:10 +05:00
|
|
|
except BaseException as msg:
|
2019-12-04 14:40:59 +05:00
|
|
|
logging.writeToFile(str(msg) + '. Renew.SSLObtainer')
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
if __name__ == "__main__":
|
|
|
|
|
sslOB = Renew()
|
|
|
|
|
sslOB.SSLObtainer()
|
