ptrcnull/nyacme
1
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity

feat: switch to Pathlib

Browse source
This commit is contained in:
ptrcnull 2024-04-07 11:22:50 +02:00
parent 2fcde66ef1
commit 3559c81560
1 changed files with 16 additions and 14 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

30
nyacme/__main__.py
View file

@ -4,6 +4,7 @@ import subprocess
import logging import logging
import shutil import shutil
from datetime import datetime from datetime import datetime
from pathlib import Path
from .config import read_config from .config import read_config
@ -21,6 +22,7 @@ def main() -> None:
args = parser.parse_args() args = parser.parse_args()
config = read_config(args.config) config = read_config(args.config)
output_dir = Path(args.output)
acquired = False acquired = False
@ -31,8 +33,8 @@ def main() -> None:
uacme_domains = [ domain[2:], domain ] uacme_domains = [ domain[2:], domain ]
domain = domain[2:] domain = domain[2:]
cert_path = f'{args.output}/{domain}/cert.pem' cert_path = output_dir / domain / 'cert.pem'
if os.path.exists(cert_path): if cert_path.is_file():
out = subprocess.run([ 'openssl', 'x509', '-enddate', '-noout', '-in', cert_path ], stdout=subprocess.PIPE, check=True).stdout.decode('utf-8').strip() out = subprocess.run([ 'openssl', 'x509', '-enddate', '-noout', '-in', cert_path ], stdout=subprocess.PIPE, check=True).stdout.decode('utf-8').strip()
date = datetime.strptime(out, 'notAfter=%b %d %H:%M:%S %Y %Z') date = datetime.strptime(out, 'notAfter=%b %d %H:%M:%S %Y %Z')
# if more than 1 month, skip # if more than 1 month, skip
@ -62,23 +64,23 @@ def main() -> None:
if res.returncode == 0: if res.returncode == 0:
acquired = True acquired = True
private_key = os.path.join(args.output, f'private/{domain}/key.pem') private_key = output_dir / 'private' / domain / 'key.pem'
domain_key = os.path.join(args.output, f'{domain}/cert.pem.key') domain_key = output_dir / domain / 'cert.pem.key'
domain_pem = os.path.join(args.output, f'{domain}/cert.pem') domain_pem = output_dir / domain / 'cert.pem'
os.unlink(domain_key) domain_key.unlink(missing_ok=True)
os.link(private_key, domain_key) private_key.hardlink_to(domain_key)
# TODO: add user/group to config # TODO: add user/group to config
shutil.chown(domain_key, 'acme', 'acme') shutil.chown(domain_key, 'acme', 'acme')
os.chmod(domain_key, 0o440) domain_key.chmod(0o440)
all_pem = os.path.join(args.output, f'all/{domain}.pem') all_pem = output_dir / 'all' / f'{domain}.pem'
all_key = os.path.join(args.output, f'all/{domain}.pem.key') all_key = output_dir / 'all' / f'{domain}.pem.key'
os.unlink(all_pem) all_pem.unlink(missing_ok=True)
os.link(domain_pem, all_pem) domain_pem.hardlink_to(all_pem)
os.unlink(all_key) all_key.unlink(missing_ok=True)
os.link(domain_key, all_key) domain_key.hardlink_to(all_key)
if acquired: if acquired:
for cmd in config.post_acquire: for cmd in config.post_acquire: