Update app proxies when the VM host is updated

This commit is contained in:
Disassembler 2020-04-04 20:32:34 +02:00
parent 0ca993a9ed
commit 3b9cbe61b3
No known key found for this signature in database
GPG Key ID: 524BD33A0EE29499

View File

@ -49,9 +49,11 @@ def unregister_proxy(app):
def update_host(domain, port):
config.set_host('domain', domain)
config.set_host('port', port)
# Rebuild nginx config for the portal app. Web interface calls restart_nginx() in WSGI close handler
# Rebuild nginx config for the portal and existing apps. Web interface calls restart_nginx() in WSGI close handler
with open(os.path.join(paths.NGINX_DIR, 'default.conf'), 'w') as f:
f.write(templates.NGINX_DEFAULT.format(port=port, domain_esc=domain.replace('.', '\\.')))
for app in config.get_apps().keys():
register_proxy(app)
def reload_nginx():
subprocess.run(['/usr/sbin/nginx', '-s', 'reload'])
@ -106,10 +108,10 @@ def request_acme_cert():
subprocess.run(cmd, check=True)
# Otherwise just try to renew
else:
# Acme.sh returns code 2 on skipped renew
try:
subprocess.run(['/usr/bin/acme.sh', '--home', paths.ACME_DIR, '--renew', '-d', domain], check=True)
except subprocess.CalledProcessError as e:
# return code 2 means skipped renew, which is OK
if e.returncode != 2:
raise
# Install the issued certificate
@ -121,9 +123,9 @@ def install_manual_cert(public_file, private_file):
# Disable acme.sh cronjob
os.chmod(paths.ACME_CRON, 0o640)
# Copy certificate files
shutil.copyfile(public_file, crypto.CERT_PUB_FILE)
shutil.copyfile(private_file, crypto.CERT_KEY_FILE)
os.chmod(crypto.CERT_KEY_FILE, 0o600)
shutil.copyfile(public_file, paths.CERT_PUB_FILE)
shutil.copyfile(private_file, paths.CERT_KEY_FILE)
os.chmod(paths.CERT_KEY_FILE, 0o600)
# Reload nginx
reload_nginx()