From 873244e795356d77426cbff4224f7b8a55a6835f Mon Sep 17 00:00:00 2001
From: Marius Cramer <m.cramer@pixcept.de>
Date: Tue, 08 Dec 2015 10:42:51 -0500
Subject: [PATCH] - added letsencrypt arguments to exec call to avoid need of ini file - added cron for letsencrypt renewal
---
server/lib/classes/cron.d/900-letsencrypt.inc.php | 48 ++++++++++++++++++++++++++++++++++++++++++++++++
server/plugins-available/apache2_plugin.inc.php | 6 ++++--
server/plugins-available/nginx_plugin.inc.php | 6 ++++--
3 files changed, 56 insertions(+), 4 deletions(-)
diff --git a/server/lib/classes/cron.d/900-letsencrypt.inc.php b/server/lib/classes/cron.d/900-letsencrypt.inc.php
new file mode 100644
index 0000000..4ee72bd
--- /dev/null
+++ b/server/lib/classes/cron.d/900-letsencrypt.inc.php
@@ -0,0 +1,48 @@
+<?php
+
+/*
+Copyright (c) 2013, Marius Cramer, pixcept KG
+All rights reserved.
+
+Redistribution and use in source and binary forms, with or without modification,
+are permitted provided that the following conditions are met:
+
+ * Redistributions of source code must retain the above copyright notice,
+ this list of conditions and the following disclaimer.
+ * Redistributions in binary form must reproduce the above copyright notice,
+ this list of conditions and the following disclaimer in the documentation
+ and/or other materials provided with the distribution.
+ * Neither the name of ISPConfig nor the names of its contributors
+ may be used to endorse or promote products derived from this software without
+ specific prior written permission.
+
+THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS "AS IS" AND
+ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED
+WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE DISCLAIMED.
+IN NO EVENT SHALL THE COPYRIGHT OWNER OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT,
+INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING,
+BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE,
+DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY
+OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING
+NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE,
+EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
+*/
+
+class cronjob_letsencrypt extends cronjob {
+
+ // job schedule
+ protected $_schedule = '0 3 * * *';
+
+ public function onRunJob() {
+ global $app, $conf;
+
+ if(file_exists("/root/.local/share/letsencrypt/bin/letsencrypt-renewer")) {
+ exec('/root/.local/share/letsencrypt/bin/letsencrypt-renewer');
+ }
+
+ parent::onRunJob();
+ }
+
+}
+
+?>
diff --git a/server/plugins-available/apache2_plugin.inc.php b/server/plugins-available/apache2_plugin.inc.php
index 4e26c54..6daa542 100644
--- a/server/plugins-available/apache2_plugin.inc.php
+++ b/server/plugins-available/apache2_plugin.inc.php
@@ -1144,8 +1144,10 @@
$app->system->chown($webroot . "/.well-known/acme-challenge/", $data['new']['system_user']);
$app->system->chgrp($webroot . "/.well-known/acme-challenge/", $data['new']['system_group']);
$app->system->chmod($webroot . "/.well-known/acme-challenge", "g+s");
-
- $this->_exec("/root/.local/share/letsencrypt/bin/letsencrypt auth -a webroot --email postmaster@$domain --domains $lddomain --webroot-path $webroot");
+
+ if(file_exists("/root/.local/share/letsencrypt/bin/letsencrypt")) {
+ $this->_exec("/root/.local/share/letsencrypt/bin/letsencrypt auth --text --agree-tos --authenticator=webroot --server=https://acme-v01.api.letsencrypt.org/directory --rsa-key-size=4096 --webroot-path --email postmaster@$domain --domains $lddomain --webroot-path " . escapeshellarg($webroot));
+ }
};
//* check is been correctly created
diff --git a/server/plugins-available/nginx_plugin.inc.php b/server/plugins-available/nginx_plugin.inc.php
index 9c688d2..fbbf6c0 100644
--- a/server/plugins-available/nginx_plugin.inc.php
+++ b/server/plugins-available/nginx_plugin.inc.php
@@ -1181,8 +1181,10 @@
$app->system->chown($webroot . "/.well-known/acme-challenge/", $data['new']['system_user']);
$app->system->chgrp($webroot . "/.well-known/acme-challenge/", $data['new']['system_group']);
$app->system->chmod($webroot . "/.well-known/acme-challenge", "g+s");
-
- $this->_exec("/root/.local/share/letsencrypt/bin/letsencrypt auth -a webroot --email postmaster@$domain --domains $lddomain --webroot-path $webroot");
+
+ if(file_exists("/root/.local/share/letsencrypt/bin/letsencrypt")) {
+ $this->_exec("/root/.local/share/letsencrypt/bin/letsencrypt auth --text --agree-tos --authenticator=webroot --server=https://acme-v01.api.letsencrypt.org/directory --rsa-key-size=4096 --webroot-path --email postmaster@$domain --domains $lddomain --webroot-path " . escapeshellarg($webroot));
+ }
};
//* check is been correctly created
--
Gitblit v1.9.1