59 lines
1.4 KiB
Python
59 lines
1.4 KiB
Python
#!/usr/bin/env python3
|
|
|
|
from subprocess import Popen, TimeoutExpired
|
|
import os
|
|
|
|
|
|
OUTPUT_DIR = "/srv/acme/certs/"
|
|
CONF_DIR = "/srv/acme/conf/"
|
|
WEB_ROOT = "/srv/acme/webroot/"
|
|
|
|
|
|
def main():
|
|
for name in os.listdir(CONF_DIR):
|
|
domain_dir = os.path.join(CONF_DIR, name)
|
|
with open(os.path.join(domain_dir, "email")) as f:
|
|
email = f.read().strip()
|
|
with open(os.path.join(domain_dir, "aliases")) as f:
|
|
aliases = [i.strip() for i in f.read().strip().split()]
|
|
|
|
output_dir = os.path.join(OUTPUT_DIR, name)
|
|
os.makedirs(output_dir, exist_ok=True)
|
|
os.chdir(output_dir)
|
|
call_le(email, aliases)
|
|
|
|
|
|
def call_le(email, domain_names):
|
|
assert domain_names
|
|
|
|
le_call = ["simp_le",
|
|
"--email", email,
|
|
"-f", "account_key.json",
|
|
"-f", "fullchain.pem",
|
|
"-f", "key.pem",
|
|
"-f", "account_reg.json"]
|
|
|
|
for domain in domain_names:
|
|
le_call += ["-d", domain]
|
|
|
|
le_call += ["--default_root", WEB_ROOT]
|
|
|
|
p = Popen(le_call)
|
|
try:
|
|
p.wait(30)
|
|
except TimeoutExpired:
|
|
p.kill()
|
|
|
|
if p.returncode == 0:
|
|
print("renewed {}".format(domain_names[0]))
|
|
elif p.returncode == 1:
|
|
print("no renew needed for {}".format(domain_names[0]))
|
|
elif p.returncode == 2:
|
|
print("error updating {}1".format(domain_names[0]))
|
|
|
|
return p.returncode
|
|
|
|
|
|
if __name__ == '__main__':
|
|
main()
|