From 9b4d28ec6471e6cc01914c3883010ba0bcbd8328 Mon Sep 17 00:00:00 2001 From: root Date: Sun, 7 Jun 2020 22:48:43 +0200 Subject: [PATCH] environment logic improvement --- v2.0/LetsEncrypt/App.cs | 276 ++++++++++++------------ v2.0/LetsEncrypt/Helpers/AppSettings.cs | 2 +- v2.0/LetsEncrypt/appsettings.json | 5 +- 3 files changed, 141 insertions(+), 142 deletions(-) diff --git a/v2.0/LetsEncrypt/App.cs b/v2.0/LetsEncrypt/App.cs index 2677be1..b26c86b 100644 --- a/v2.0/LetsEncrypt/App.cs +++ b/v2.0/LetsEncrypt/App.cs @@ -32,167 +32,167 @@ namespace LetsEncrypt } public void Run() { - - try - { - LetsEncrypt.Helpers.Environment env = _appSettings.environments.Where(x => x.name == _appSettings.active).FirstOrDefault(); - - Console.WriteLine(string.Format("Let's Encrypt C# .Net Core Client, environment: {0}", env.name)); + _appSettings.environments.Where(env => env.active).ToList().ForEach(env => { + try { + Console.WriteLine(string.Format("Let's Encrypt C# .Net Core Client, environment: {0}", env.name)); - //loop all customers - foreach(Customer customer in _appSettings.customers) { - try { - Console.WriteLine(string.Format("Managing customer: {0} - {1} {2}", customer.id, customer.name, customer.lastname)); + //loop all customers + foreach(Customer customer in _appSettings.customers) { + try { + Console.WriteLine(string.Format("Managing customer: {0} - {1} {2}", customer.id, customer.name, customer.lastname)); - //loop each customer website - foreach(Site site in customer.sites.Where(s => s.active)) { - Console.WriteLine(string.Format("Managing site: {0}", site.name)); + //loop each customer website + foreach(Site site in customer.sites.Where(s => s.active)) { + Console.WriteLine(string.Format("Managing site: {0}", site.name)); - try { - //define cache folder - string cache = Path.Combine(AppPath, env.cache, customer.id); - if(!Directory.Exists(cache)) { - Directory.CreateDirectory(cache); - } - - //1. Client initialization - Console.WriteLine("1. Client Initialization..."); - _letsEncryptService.Init(env.url, cache, site.name, customer.contacts).Wait(); - - - Console.WriteLine(string.Format("Terms of service: {0}", _letsEncryptService.GetTermsOfServiceUri())); - - //create folder for ssl - string ssl = Path.Combine(env.ssl, site.name); - if(!Directory.Exists(ssl)) { - Directory.CreateDirectory(ssl); - } - - // get cached certificate and check if it's valid - // if valid check if cert and key exists otherwise recreate - // else continue with new certificate request - CachedCertificateResult certRes = new CachedCertificateResult(); - if (_letsEncryptService.TryGetCachedCertificate(site.name, out certRes)) { - string cert = Path.Combine(ssl, site.name + ".crt"); - //if(!File.Exists(cert)) - File.WriteAllText(cert, certRes.Certificate); - - string key = Path.Combine(ssl, site.name + ".key"); - //if(!File.Exists(key)) { - using (StreamWriter writer = File.CreateText(key)) - _keyService.ExportPrivateKey(certRes.PrivateKey, writer); - //} - - Console.WriteLine("Certificate and Key exists and valid. Restored from cache."); - } - else { - //new nonce - _letsEncryptService.NewNonce().Wait(); - - //try to make new order - try { - //create new orders - Console.WriteLine("2. Client New Order..."); - Task> orders = _letsEncryptService.NewOrder(site.hosts, site.challenge); - orders.Wait(); - - switch(site.challenge) { - case "http-01": { - //ensure to enable static file discovery on server in .well-known/acme-challenge - //and listen on 80 port - - //check acme directory - string acme = Path.Combine(env.www, env.acme); - if(!Directory.Exists(acme)) { - throw new DirectoryNotFoundException(string.Format("Directory {0} wasn't created", acme)); - } - - foreach (FileInfo file in new DirectoryInfo(acme).GetFiles()) { - if(file.LastWriteTimeUtc < DateTime.UtcNow.AddMonths(-3)) - file.Delete(); - } - - - foreach (var result in orders.Result) - { - Console.WriteLine("Key: " + result.Key + System.Environment.NewLine + "Value: " + result.Value); - string[] splitToken = result.Value.Split('~'); - - string token = Path.Combine(acme, splitToken[0]); - File.WriteAllText(token, splitToken[1]); - } - - _terminalService.Exec("chgrp -R nginx /var/www"); - _terminalService.Exec("chmod -R g+rwx /var/www"); - - break; - } - - case "dns-01": { - //Manage DNS server MX record, depends from provider - - break; - } - - default: { - - break; - } - } - - //complete challanges - Console.WriteLine("3. Client Complete Challange..."); - _letsEncryptService.CompleteChallenges().Wait(); - Console.WriteLine("Challanges comleted."); - } - catch (Exception ex) { - Console.WriteLine(ex.Message.ToString()); - _letsEncryptService.GetOrder(site.hosts).Wait(); + try { + //define cache folder + string cache = Path.Combine(AppPath, env.cache, customer.id); + if(!Directory.Exists(cache)) { + Directory.CreateDirectory(cache); } + //1. Client initialization + Console.WriteLine("1. Client Initialization..."); + _letsEncryptService.Init(env.url, cache, site.name, customer.contacts).Wait(); - // Download new certificate - Console.WriteLine("4. Download certificate..."); - _letsEncryptService.GetCertificate(site.name).Wait(); - // Write to filesystem - certRes = new CachedCertificateResult(); + Console.WriteLine(string.Format("Terms of service: {0}", _letsEncryptService.GetTermsOfServiceUri())); + + //create folder for ssl + string ssl = Path.Combine(env.ssl, site.name); + if(!Directory.Exists(ssl)) { + Directory.CreateDirectory(ssl); + } + + // get cached certificate and check if it's valid + // if valid check if cert and key exists otherwise recreate + // else continue with new certificate request + CachedCertificateResult certRes = new CachedCertificateResult(); if (_letsEncryptService.TryGetCachedCertificate(site.name, out certRes)) { string cert = Path.Combine(ssl, site.name + ".crt"); - File.WriteAllText(cert, certRes.Certificate); + //if(!File.Exists(cert)) + File.WriteAllText(cert, certRes.Certificate); string key = Path.Combine(ssl, site.name + ".key"); - using (StreamWriter writer = File.CreateText(key)) - _keyService.ExportPrivateKey(certRes.PrivateKey, writer); + //if(!File.Exists(key)) { + using (StreamWriter writer = File.CreateText(key)) + _keyService.ExportPrivateKey(certRes.PrivateKey, writer); + //} - Console.WriteLine("Certificate saved."); + Console.WriteLine("Certificate and Key exists and valid. Restored from cache."); } else { - Console.WriteLine("Unable to get new cached certificate."); + //new nonce + _letsEncryptService.NewNonce().Wait(); + + //try to make new order + try { + //create new orders + Console.WriteLine("2. Client New Order..."); + Task> orders = _letsEncryptService.NewOrder(site.hosts, site.challenge); + orders.Wait(); + + switch(site.challenge) { + case "http-01": { + //ensure to enable static file discovery on server in .well-known/acme-challenge + //and listen on 80 port + + //check acme directory + string acme = Path.Combine(env.www, env.acme); + if(!Directory.Exists(acme)) { + throw new DirectoryNotFoundException(string.Format("Directory {0} wasn't created", acme)); + } + + foreach (FileInfo file in new DirectoryInfo(acme).GetFiles()) { + if(file.LastWriteTimeUtc < DateTime.UtcNow.AddMonths(-3)) + file.Delete(); + } + + + foreach (var result in orders.Result) + { + Console.WriteLine("Key: " + result.Key + System.Environment.NewLine + "Value: " + result.Value); + string[] splitToken = result.Value.Split('~'); + + string token = Path.Combine(acme, splitToken[0]); + File.WriteAllText(token, splitToken[1]); + } + + _terminalService.Exec("chgrp -R nginx /var/www"); + _terminalService.Exec("chmod -R g+rwx /var/www"); + + break; + } + + case "dns-01": { + //Manage DNS server MX record, depends from provider + + break; + } + + default: { + + break; + } + } + + //complete challanges + Console.WriteLine("3. Client Complete Challange..."); + _letsEncryptService.CompleteChallenges().Wait(); + Console.WriteLine("Challanges comleted."); + } + catch (Exception ex) { + Console.WriteLine(ex.Message.ToString()); + _letsEncryptService.GetOrder(site.hosts).Wait(); + } + + + // Download new certificate + Console.WriteLine("4. Download certificate..."); + _letsEncryptService.GetCertificate(site.name).Wait(); + + // Write to filesystem + certRes = new CachedCertificateResult(); + if (_letsEncryptService.TryGetCachedCertificate(site.name, out certRes)) { + string cert = Path.Combine(ssl, site.name + ".crt"); + File.WriteAllText(cert, certRes.Certificate); + + string key = Path.Combine(ssl, site.name + ".key"); + using (StreamWriter writer = File.CreateText(key)) + _keyService.ExportPrivateKey(certRes.PrivateKey, writer); + + Console.WriteLine("Certificate saved."); + } + else { + Console.WriteLine("Unable to get new cached certificate."); + } + + } } - - - } - catch (Exception ex) { - Console.WriteLine(ex.Message.ToString()); + catch (Exception ex) { + Console.WriteLine(ex.Message.ToString()); + } } } + catch (Exception ex) { + Console.WriteLine(ex.Message.ToString()); + } } - catch (Exception ex) { - Console.WriteLine(ex.Message.ToString()); - } + + if(env.name == "ProductionV2") { + _terminalService.Exec("systemctl restart nginx"); + } } + catch (Exception ex) { + Console.WriteLine(ex.Message.ToString()); + } + }); + - - _terminalService.Exec("systemctl restart nginx"); - - } - catch (Exception ex) { - Console.WriteLine(ex.Message.ToString()); - } } } } diff --git a/v2.0/LetsEncrypt/Helpers/AppSettings.cs b/v2.0/LetsEncrypt/Helpers/AppSettings.cs index bf2e554..7a03167 100644 --- a/v2.0/LetsEncrypt/Helpers/AppSettings.cs +++ b/v2.0/LetsEncrypt/Helpers/AppSettings.cs @@ -1,12 +1,12 @@ namespace LetsEncrypt.Helpers { public class AppSettings { - public string active { get; set; } public Environment [] environments { get; set; } public Customer [] customers { get; set;} } public class Environment { + public bool active { get; set; } public string name { get; set; } public string url { get; set; } public string cache { get; set; } diff --git a/v2.0/LetsEncrypt/appsettings.json b/v2.0/LetsEncrypt/appsettings.json index 0841af9..945cc3a 100644 --- a/v2.0/LetsEncrypt/appsettings.json +++ b/v2.0/LetsEncrypt/appsettings.json @@ -1,10 +1,8 @@ { "AppSettings": { - - "active": "StagingV2", - "environments": [ { + "active": true, "name": "StagingV2", "url": "https://acme-staging-v02.api.letsencrypt.org/directory", @@ -14,6 +12,7 @@ "ssl": "/home/maksym/source/temp" }, { + "active": false, "name": "ProductionV2", "url": "https://acme-v02.api.letsencrypt.org/directory",