Page MenuHomePhabricator
Paste P8176

acme-chief migrate script
ActivePublic
Actions

Authored by Vgutierrez on Mar 11 2019, 3:32 PM.
Tags
Referenced Files
F28379956: raw.txt
Mar 13 2019, 7:48 AM
F28368105: raw.txt
Mar 11 2019, 3:32 PM
Subscribers
None
import os
import shutil
import uuid
from acme_chief.acme_chief import CERTIFICATE_TYPES, KEY_TYPES, ACMEChief
CERTS_DIR = '/var/lib/acme-chief/certs'
LIVE_CERTS_DIR = '/var/lib/acme-chief/live_certs'
NEW_CERTS_DIR = '/var/lib/acme-chief/new_certs'
def main():
chief = ACMEChief()
for certname in chief.config.certificates:
for source_certs_dir in (LIVE_CERTS_DIR, NEW_CERTS_DIR):
cert_version = uuid.uuid4().hex
cert_path = os.path.join(CERTS_DIR, certname, cert_version)
print("Migrating cert {} from {} to {}".format(certname, source_certs_dir, cert_path))
files = []
for key_type_id in KEY_TYPES:
source_key_fname = '{}.{}.key'.format(certname, key_type_id)
source_key_path = os.path.join(source_certs_dir, source_key_fname)
destination_key_fname = '{}.key'.format(key_type_id)
destination_key_path = os.path.join(cert_path, destination_key_fname)
files.append((source_key_path, destination_key_path))
for cert_type_details in CERTIFICATE_TYPES.values():
source_fname = cert_type_details['file_name'].format(cert_id=certname, key_type_id=key_type_id)
source_path = os.path.join(source_certs_dir, source_fname)
destination_fname = source_fname.split('.')[1:]
destination_fname = '.'.join(destination_fname)
destination_path = os.path.join(cert_path, destination_fname)
files.append((source_path, destination_path))
symlink_creation = False
for (source, destination) in files:
if os.path.isfile(source):
os.makedirs(os.path.dirname(destination), mode=0o700, exist_ok=True)
shutil.copy2(source, destination)
if not symlink_creation:
symlink_creation = True
if symlink_creation:
if source_certs_dir == LIVE_CERTS_DIR:
symlink = 'live'
else:
symlink = 'new'
print("Creating symlink {} -> {}".format(os.path.join(CERTS_DIR, certname, symlink), cert_version))
os.symlink(cert_version, os.path.join(CERTS_DIR, certname, symlink), target_is_directory=True)
if __name__ == '__main__':
main()
Content licensed under Creative Commons Attribution-ShareAlike (CC BY-SA) 4.0 unless otherwise noted; code licensed under GNU General Public License (GPL) 2.0 or later and other open source licenses. By using this site, you agree to the Terms of Use, Privacy Policy, and Code of Conduct. · Wikimedia Foundation · Privacy Policy · Code of Conduct · Terms of Use · Disclaimer · CC-BY-SA · GPL