Spotter-Cluster/vmmgr
2
0
Fork 0
Code Issues 9 Pull Requests Actions Packages Projects Releases Wiki Activity

Update app proxies when the VM host is updated

Browse Source
This commit is contained in:
Disassembler 2020-04-04 20:32:34 +02:00
parent 0ca993a9ed
commit 3b9cbe61b3
No known key found for this signature in database
GPG Key ID: 524BD33A0EE29499
1 changed files with 7 additions and 5 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

12
usr/lib/python3.8/vmmgr/vmmgr.py
View File

@ -49,9 +49,11 @@ def unregister_proxy(app):
def update_host(domain, port): def update_host(domain, port):
config.set_host('domain', domain) config.set_host('domain', domain)
config.set_host('port', port) config.set_host('port', port)
# Rebuild nginx config for the portal app. Web interface calls restart_nginx() in WSGI close handler # Rebuild nginx config for the portal and existing apps. Web interface calls restart_nginx() in WSGI close handler
with open(os.path.join(paths.NGINX_DIR, 'default.conf'), 'w') as f: with open(os.path.join(paths.NGINX_DIR, 'default.conf'), 'w') as f:
f.write(templates.NGINX_DEFAULT.format(port=port, domain_esc=domain.replace('.', '\\.'))) f.write(templates.NGINX_DEFAULT.format(port=port, domain_esc=domain.replace('.', '\\.')))
for app in config.get_apps().keys():
register_proxy(app)
def reload_nginx(): def reload_nginx():
subprocess.run(['/usr/sbin/nginx', '-s', 'reload']) subprocess.run(['/usr/sbin/nginx', '-s', 'reload'])
@ -106,10 +108,10 @@ def request_acme_cert():
subprocess.run(cmd, check=True) subprocess.run(cmd, check=True)
# Otherwise just try to renew # Otherwise just try to renew
else: else:
# Acme.sh returns code 2 on skipped renew
try: try:
subprocess.run(['/usr/bin/acme.sh', '--home', paths.ACME_DIR, '--renew', '-d', domain], check=True) subprocess.run(['/usr/bin/acme.sh', '--home', paths.ACME_DIR, '--renew', '-d', domain], check=True)
except subprocess.CalledProcessError as e: except subprocess.CalledProcessError as e:
# return code 2 means skipped renew, which is OK
if e.returncode != 2: if e.returncode != 2:
raise raise
# Install the issued certificate # Install the issued certificate
@ -121,9 +123,9 @@ def install_manual_cert(public_file, private_file):
# Disable acme.sh cronjob # Disable acme.sh cronjob
os.chmod(paths.ACME_CRON, 0o640) os.chmod(paths.ACME_CRON, 0o640)
# Copy certificate files # Copy certificate files
shutil.copyfile(public_file, crypto.CERT_PUB_FILE) shutil.copyfile(public_file, paths.CERT_PUB_FILE)
shutil.copyfile(private_file, crypto.CERT_KEY_FILE) shutil.copyfile(private_file, paths.CERT_KEY_FILE)
os.chmod(crypto.CERT_KEY_FILE, 0o600) os.chmod(paths.CERT_KEY_FILE, 0o600)
# Reload nginx # Reload nginx
reload_nginx() reload_nginx()