__maison/certbot/cert.py

#!/usr/bin/env python3

import sys, os, platform, subprocess, re, argparse

# only support linux / Debian, Ubuntu / nginx, apache2
platform_system_support = ['Linux']
platform_version_support = ['DEBIAN', 'UBUNTU']
server_support = ['NGINX', "APACHE2"]

re_domain = r'^(?=.{1,253}$)(?!.*\.\..*)(?!\..*)([a-zA-Z0-9-]{,63}\.){,127}[a-zA-Z0-9-]{1,63}$'

def check_server_version() -> str:

	a = subprocess.call("sudo apache2 -v", shell=True)
	if not a:
		return "APACHE2"

	n = subprocess.call("sudo nginx -v", shell=True)
	if not n:
		return "NGINX"

	return None

def check_distribution_version() -> str:

	dist = platform.version().lower()

	if 'debian' in dist:
		return "DEBIAN"

	if 'ubuntu' in dist:
		return "UBUNTU"

	return None

def sanity_check_system():

	# check platform
	if platform.system() not in platform_system_support:
		sys.exit(f"Platform {platform.system()} not supported. Aborting...")

	dist = check_distribution_version()
	if not dist:
		sys.exit("OS distribution not supported. Aborting...")

	sv = check_server_version()
	if not sv:
		sys.exit("Server distribution not supported. Aborting...")

	if dist in platform_version_support and sv == "APACHE2":
		# check apache2 (ubuntu or debian)
		u = os.path.exists('/etc/apache2/sites-available/')
		if not u:
			sys.exit(f"Apache2 ({dist}) not installed on your system. Aborting...")

	if dist in platform_version_support and sv in server_support:
		# check apache2 (ubuntu or debian)
		u = os.path.exists(f'/etc/{sv.lower()}/sites-available/')
		if not u:
			sys.exit(f"{sv} ({dist}) not installed on your system. Aborting...")

	return sv, dist

def cert_add(domains, sv: str, dist: str):

	dms = []
	for d in domains:
		if re.match(re_domain, d) is None:
			print("Invalid domain name: " + d + " -> pass")
			continue
		dms.append(d)

	if sv == "APACHE2":
		certbot_args = ['sudo', 'certbot', '--apache', 'certonly', '-d']

	if sv == "NGINX":
		certbot_args = ['sudo', 'certbot', '--nginx', 'certonly', '-d']

	certbot_args.extend(dms)

	subprocess.call(certbot_args)

def cert_remove(domain):
	subprocess.call(['sudo', 'cerbot', 'delete', '--cert-name', domain])

if __name__ == "__main__":

	p = argparse.ArgumentParser(description='cerbot helper')
	p.add_argument('domain', metavar="domain", help="vhost domain(s)", nargs="+")
	g = p.add_mutually_exclusive_group()
	g.add_argument('-a', '--add', action='store_true', help="adds cert for given domain(s)")
	g.add_argument('-r', '--remove', action='store_true', help="removes cert for given domain(s)")

	args = p.parse_args()

	sv, dist = sanity_check_system()

	if args.add:
		cert_add(args.domain, sv, dist)
	elif args.remove:
		cert_remove(args.domain)

	print('done.')
cert.py 2018-11-30 09:14:29 +01:00			`#!/usr/bin/env python3`

			`import sys, os, platform, subprocess, re, argparse`

cert.py 2022-03-19 13:50:22 +01:00			`# only support linux / Debian, Ubuntu / nginx, apache2`
			`platform_system_support = ['Linux']`
			`platform_version_support = ['DEBIAN', 'UBUNTU']`
			`server_support = ['NGINX', "APACHE2"]`

cert.py 2018-11-30 09:14:29 +01:00			`re_domain = r'^(?=.{1,253}$)(?!.\.\..)(?!\..*)([a-zA-Z0-9-]{,63}\.){,127}[a-zA-Z0-9-]{1,63}$'`

cert.py 2022-03-19 13:50:22 +01:00			`def check_server_version() -> str:`

			`a = subprocess.call("sudo apache2 -v", shell=True)`
			`if not a:`
			`return "APACHE2"`

			`n = subprocess.call("sudo nginx -v", shell=True)`
			`if not n:`
			`return "NGINX"`

			`return None`

			`def check_distribution_version() -> str:`

			`dist = platform.version().lower()`

			`if 'debian' in dist:`
			`return "DEBIAN"`

			`if 'ubuntu' in dist:`
			`return "UBUNTU"`

			`return None`

cert.py 2018-11-30 09:14:29 +01:00			`def sanity_check_system():`

cert.py 2022-03-19 13:50:22 +01:00			`# check platform`
			`if platform.system() not in platform_system_support:`
			`sys.exit(f"Platform {platform.system()} not supported. Aborting...")`

			`dist = check_distribution_version()`
			`if not dist:`
			`sys.exit("OS distribution not supported. Aborting...")`

			`sv = check_server_version()`
			`if not sv:`
			`sys.exit("Server distribution not supported. Aborting...")`

			`if dist in platform_version_support and sv == "APACHE2":`
			`# check apache2 (ubuntu or debian)`
			`u = os.path.exists('/etc/apache2/sites-available/')`
			`if not u:`
			`sys.exit(f"Apache2 ({dist}) not installed on your system. Aborting...")`

			`if dist in platform_version_support and sv in server_support:`
			`# check apache2 (ubuntu or debian)`
			`u = os.path.exists(f'/etc/{sv.lower()}/sites-available/')`
			`if not u:`
			`sys.exit(f"{sv} ({dist}) not installed on your system. Aborting...")`

			`return sv, dist`

			`def cert_add(domains, sv: str, dist: str):`
cert.py 2018-11-30 09:14:29 +01:00
			`dms = []`
			`for d in domains:`
			`if re.match(re_domain, d) is None:`
			`print("Invalid domain name: " + d + " -> pass")`
			`continue`
			`dms.append(d)`

cert.py 2022-03-19 13:50:22 +01:00			`if sv == "APACHE2":`
			`certbot_args = ['sudo', 'certbot', '--apache', 'certonly', '-d']`

			`if sv == "NGINX":`
			`certbot_args = ['sudo', 'certbot', '--nginx', 'certonly', '-d']`

cert.py 2018-11-30 09:14:29 +01:00			`certbot_args.extend(dms)`

			`subprocess.call(certbot_args)`

			`def cert_remove(domain):`
cert.py 2022-03-19 13:50:22 +01:00			`subprocess.call(['sudo', 'cerbot', 'delete', '--cert-name', domain])`
cert.py 2018-11-30 09:14:29 +01:00
			`if __name__ == "__main__":`

cert.py debug 2018-12-06 10:56:04 +01:00			`p = argparse.ArgumentParser(description='cerbot helper')`
			`p.add_argument('domain', metavar="domain", help="vhost domain(s)", nargs="+")`
			`g = p.add_mutually_exclusive_group()`
			`g.add_argument('-a', '--add', action='store_true', help="adds cert for given domain(s)")`
			`g.add_argument('-r', '--remove', action='store_true', help="removes cert for given domain(s)")`
cert.py 2018-11-30 09:14:29 +01:00
cert.py debug 2018-12-06 10:56:04 +01:00			`args = p.parse_args()`
cert.py 2018-11-30 09:14:29 +01:00
cert.py 2022-03-19 13:50:22 +01:00			`sv, dist = sanity_check_system()`
cert.py 2018-11-30 09:14:29 +01:00
			`if args.add:`
cert.py 2022-03-19 13:50:22 +01:00			`cert_add(args.domain, sv, dist)`
cert.py 2018-11-30 09:14:29 +01:00			`elif args.remove:`
			`cert_remove(args.domain)`

			`print('done.')`