forked from certbot/certbot
-
Notifications
You must be signed in to change notification settings - Fork 0
/
Copy pathletsencrypt.py
executable file
·121 lines (109 loc) · 4.16 KB
/
letsencrypt.py
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
#!/usr/bin/env python
# This file parses the command line and calls the appropriate functions
import getopt
import os
import sys
from letsencrypt.client import client
from letsencrypt.client import display
from letsencrypt.client.CONFIG import ACME_SERVER
def main():
# Check to make sure user is root
if not os.geteuid() == 0:
sys.exit("\nOnly root can run letsencrypt.\n")
# Parse options
try:
opts, args = getopt.getopt(sys.argv[1:], "", ["text", "test",
"view-checkpoints",
"privkey=", "csr=",
"server=", "rollback=",
"revoke", "agree-eula",
"redirect",
"no-redirect",
"help"])
except getopt.GetoptError as err:
# print help info and exit
print str(err)
usage()
sys.exit(2)
server = None
csr = None
privkey = None
curses = True
names = args
flag_revoke = False
redirect = None
eula = False
for o, a in opts:
if o == "--text":
curses = False
elif o == "--csr":
csr = a
elif o == "--privkey":
privkey = a
elif o == "--server":
server = a
elif o == "--rollback":
from letsencrypt.client import configurator, logger
logger.setLogger(logger.FileLogger(sys.stdout))
logger.setLogLevel(logger.INFO)
config = configurator.Configurator()
config.rollback_checkpoints(a)
config.restart()
sys.exit(0)
elif o == "--view-checkpoints":
from letsencrypt.client import configurator, logger
logger.setLogger(logger.FileLogger(sys.stdout))
logger.setLogLevel(logger.INFO)
config = configurator.Configurator()
config.display_checkpoints()
sys.exit(0)
elif o == "--revoke":
# Do Stuff
flag_revoke = True
elif o == "--redirect":
redirect = True
elif o == "--no-redirect":
redirect = False
elif o == "--agree-eula":
eula = True
elif o == "--help":
print_options()
elif o == "--test":
#put any temporary tests in here
continue
if curses:
display.setDisplay(display.NcursesDisplay())
else:
display.setDisplay(display.FileDisplay(sys.stdout))
if not server:
server = ACME_SERVER
c = client.Client(server, csr, privkey, curses)
if flag_revoke:
c.list_certs_keys()
else:
c.authenticate(args, redirect, eula)
def usage():
s = "Available options: --text, --privkey=, --csr=, --server=, "
s += "--rollback=, --view-checkpoints, --revoke, --agree-eula, --redirect,"
s += " --no-redirect, --help"
print str
def print_options():
print "\nsudo ./letsencrypt.py (default authentication mode using pythondialog)"
options = [ "privkey= (specify privatekey file to use to generate the certificate)",
"csr= (Use a specific CSR. If this is specified, privkey " +
"must also be specified with the correct private key for the CSR)",
"server (list the ACME CA server address)",
"revoke (revoke a certificate)",
"view-checkpoints (Used to view available checkpoints and " +
"see what configuration changes have been made)",
"rollback=X (Revert the configuration X number of checkpoints)",
"redirect (Automatically redirect all HTTP traffic to " +
"HTTPS for the newly authenticated vhost)",
"no-redirect (Skip the HTTPS redirect question, " +
"allowing both HTTP and HTTPS)",
"agree-eula (Skip the end user agreement screen)" ]
for o in options:
print " --%s" % o
sys.exit(0)
if __name__ == "__main__":
main()