jcam22

letsencrypt.cgi

Jan 16th, 2016
221
Never
Not a member of Pastebin yet? Sign Up, it unlocks many cool features!
  1. #!/usr/bin/perl
  2. # Request and install a cert and key from Let's Encrypt
  3.  
  4. require './virtual-server-lib.pl';
  5. &ReadParse();
  6. &error_setup($text{'letsencrypt_err'});
  7. $d = &get_domain($in{'dom'});
  8. &can_edit_domain($d) && &can_edit_ssl() || &error($text{'edit_ecannot'});
  9.  
  10. if ($in{'dname_def'}) {
  11. $dname = $d->{'dom'};
  12. }
  13. else {
  14. $dname = lc(&parse_domain_name($in{'dname'}));
  15. $err = &valid_domain_name($dname);
  16. &error($err) if ($err);
  17. }
  18.  
  19. &ui_print_unbuffered_header(&domain_in($d), $text{'letsencrypt_title'}, "");
  20.  
  21. &$first_print($text{'letsencrypt_doing'});
  22. &foreign_require("webmin");
  23. $phd = &public_html_dir($d);
  24. if (&get_webmin_version() >= 1.782) {
  25. @dnames = ( $dname, "www.".$dname );
  26. ($ok, $cert, $key, $chain) =
  27. &webmin::request_letsencrypt_cert(\@dnames, $phd);
  28. }
  29. else {
  30. ($ok, $cert, $key, $chain) =
  31. &webmin::request_letsencrypt_cert($dname, $phd);
  32. }
  33. if (!$ok) {
  34. &$second_print(&text('letsencrypt_failed',
  35. "<pre>".&html_escape($cert)."</pre>"));
  36. }
  37. else {
  38. &$second_print($text{'letsencrypt_done'});
  39.  
  40. # Worked .. copy to the domain
  41. &obtain_lock_ssl($d);
  42. &$first_print($text{'newkey_apache'});
  43.  
  44. # Copy and save the cert
  45. $d->{'ssl_cert'} ||= &default_certificate_file($d, 'cert');
  46. $cert_text = &read_file_contents($cert);
  47. &lock_file($d->{'ssl_cert'});
  48. &unlink_file($d->{'ssl_cert'});
  49. &open_tempfile_as_domain_user($d, CERT, ">$d->{'ssl_cert'}");
  50. &print_tempfile(CERT, $cert_text);
  51. &close_tempfile_as_domain_user($d, CERT);
  52. &set_certificate_permissions($d, $d->{'ssl_cert'});
  53. &unlock_file($d->{'ssl_cert'});
  54. &save_website_ssl_file($d, "cert", $d->{'ssl_cert'});
  55.  
  56. # And the key
  57. $d->{'ssl_key'} ||= &default_certificate_file($d, 'key');
  58. $key_text = &read_file_contents($key);
  59. &lock_file($d->{'ssl_key'});
  60. &unlink_file($d->{'ssl_key'});
  61. &open_tempfile_as_domain_user($d, CERT, ">$d->{'ssl_key'}");
  62. &print_tempfile(CERT, $key_text);
  63. &close_tempfile_as_domain_user($d, CERT);
  64. &set_certificate_permissions($d, $d->{'ssl_key'});
  65. &unlock_file($d->{'ssl_key'});
  66. &save_website_ssl_file($d, "key", $d->{'ssl_key'});
  67.  
  68. # Let's encrypt certs have no passphrase
  69. $d->{'ssl_pass'} = undef;
  70. &save_domain_passphrase($d);
  71.  
  72. # And the chained file
  73. if ($chain) {
  74. $chainfile = &default_certificate_file($d, 'ca');
  75. $chain_text = &read_file_contents($chain);
  76. &lock_file($chainfile);
  77. &unlink_file_as_domain_user($d, $chainfile);
  78. &open_tempfile_as_domain_user($d, CERT, ">$chainfile");
  79. &print_tempfile(CERT, $chain_text);
  80. &close_tempfile_as_domain_user($d, CERT);
  81. &set_permissions_as_domain_user($d, 0755, $chainfile);
  82. &unlock_file($chainfile);
  83. $err = &save_website_ssl_file($d, 'ca', $chainfile);
  84. }
  85.  
  86. &save_domain($d);
  87.  
  88. # Apply any per-domain cert to Dovecot and Postfix
  89. if ($d->{'virt'}) {
  90. &sync_dovecot_ssl_cert($d, 1);
  91. &sync_postfix_ssl_cert($d, 1);
  92. }
  93.  
  94. # For domains that were using the SSL cert on this domain originally but
  95. # can no longer due to the cert hostname changing, break the linkage
  96. &break_invalid_ssl_linkages($d);
  97.  
  98. # Copy SSL directives to domains using same cert
  99. foreach $od (&get_domain_by("ssl_same", $d->{'id'})) {
  100. next if (!&domain_has_ssl($od));
  101. $od->{'ssl_cert'} = $d->{'ssl_cert'};
  102. $od->{'ssl_key'} = $d->{'ssl_key'};
  103. $od->{'ssl_newkey'} = $d->{'ssl_newkey'};
  104. $od->{'ssl_csr'} = $d->{'ssl_csr'};
  105. $od->{'ssl_pass'} = $d->{'ssl_pass'};
  106. &save_domain_passphrase($od);
  107. &save_domain($od);
  108. }
  109.  
  110. &release_lock_ssl();
  111. &$second_print($text{'setup_done'});
  112.  
  113. &run_post_actions();
  114. &webmin_log("letsencrypt", "domain", $d->{'dom'}, $d);
  115. }
  116.  
  117. &ui_print_footer(&domain_footer_link($d),
  118. "", $text{'index_return'});
RAW Paste Data