MAKS-IT/maksit-certs-ui
1
0
Fork 0
mirror of https://github.com/MAKS-IT-COM/maksit-certs-ui.git synced 2025-12-31 04:00:03 +01:00
Code Issues Actions Packages Projects Releases Wiki Activity

environment logic improvement

Browse Source
This commit is contained in:
root 2020-06-07 22:48:43 +02:00
parent 60965753f0
commit 9b4d28ec64
3 changed files with 141 additions and 142 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

276
v2.0/LetsEncrypt/App.cs
View File

@ -32,167 +32,167 @@ namespace LetsEncrypt
}
public void Run() {
try
{
LetsEncrypt.Helpers.Environment env = _appSettings.environments.Where(x => x.name == _appSettings.active).FirstOrDefault();
Console.WriteLine(string.Format("Let's Encrypt C# .Net Core Client, environment: {0}", env.name));
_appSettings.environments.Where(env => env.active).ToList().ForEach(env => {
try {
Console.WriteLine(string.Format("Let's Encrypt C# .Net Core Client, environment: {0}", env.name));
//loop all customers
foreach(Customer customer in _appSettings.customers) {
try {
Console.WriteLine(string.Format("Managing customer: {0} - {1} {2}", customer.id, customer.name, customer.lastname));
//loop all customers
foreach(Customer customer in _appSettings.customers) {
try {
Console.WriteLine(string.Format("Managing customer: {0} - {1} {2}", customer.id, customer.name, customer.lastname));
//loop each customer website
foreach(Site site in customer.sites.Where(s => s.active)) {
Console.WriteLine(string.Format("Managing site: {0}", site.name));
//loop each customer website
foreach(Site site in customer.sites.Where(s => s.active)) {
Console.WriteLine(string.Format("Managing site: {0}", site.name));
try {
//define cache folder
string cache = Path.Combine(AppPath, env.cache, customer.id);
if(!Directory.Exists(cache)) {
Directory.CreateDirectory(cache);
}
//1. Client initialization
Console.WriteLine("1. Client Initialization...");
_letsEncryptService.Init(env.url, cache, site.name, customer.contacts).Wait();
Console.WriteLine(string.Format("Terms of service: {0}", _letsEncryptService.GetTermsOfServiceUri()));
//create folder for ssl
string ssl = Path.Combine(env.ssl, site.name);
if(!Directory.Exists(ssl)) {
Directory.CreateDirectory(ssl);
}
// get cached certificate and check if it's valid
// if valid check if cert and key exists otherwise recreate
// else continue with new certificate request
CachedCertificateResult certRes = new CachedCertificateResult();
if (_letsEncryptService.TryGetCachedCertificate(site.name, out certRes)) {
string cert = Path.Combine(ssl, site.name + ".crt");
//if(!File.Exists(cert))
File.WriteAllText(cert, certRes.Certificate);
string key = Path.Combine(ssl, site.name + ".key");
//if(!File.Exists(key)) {
using (StreamWriter writer = File.CreateText(key))
_keyService.ExportPrivateKey(certRes.PrivateKey, writer);
//}
Console.WriteLine("Certificate and Key exists and valid. Restored from cache.");
}
else {
//new nonce
_letsEncryptService.NewNonce().Wait();
//try to make new order
try {
//create new orders
Console.WriteLine("2. Client New Order...");
Task<Dictionary<string, string>> orders = _letsEncryptService.NewOrder(site.hosts, site.challenge);
orders.Wait();
switch(site.challenge) {
case "http-01": {
//ensure to enable static file discovery on server in .well-known/acme-challenge
//and listen on 80 port
//check acme directory
string acme = Path.Combine(env.www, env.acme);
if(!Directory.Exists(acme)) {
throw new DirectoryNotFoundException(string.Format("Directory {0} wasn't created", acme));
}
foreach (FileInfo file in new DirectoryInfo(acme).GetFiles()) {
if(file.LastWriteTimeUtc < DateTime.UtcNow.AddMonths(-3))
file.Delete();
}
foreach (var result in orders.Result)
{
Console.WriteLine("Key: " + result.Key + System.Environment.NewLine + "Value: " + result.Value);
string[] splitToken = result.Value.Split('~');
string token = Path.Combine(acme, splitToken[0]);
File.WriteAllText(token, splitToken[1]);
}
_terminalService.Exec("chgrp -R nginx /var/www");
_terminalService.Exec("chmod -R g+rwx /var/www");
break;
}
case "dns-01": {
//Manage DNS server MX record, depends from provider
break;
}
default: {
break;
}
}
//complete challanges
Console.WriteLine("3. Client Complete Challange...");
_letsEncryptService.CompleteChallenges().Wait();
Console.WriteLine("Challanges comleted.");
}
catch (Exception ex) {
Console.WriteLine(ex.Message.ToString());
_letsEncryptService.GetOrder(site.hosts).Wait();
try {
//define cache folder
string cache = Path.Combine(AppPath, env.cache, customer.id);
if(!Directory.Exists(cache)) {
Directory.CreateDirectory(cache);
}
//1. Client initialization
Console.WriteLine("1. Client Initialization...");
_letsEncryptService.Init(env.url, cache, site.name, customer.contacts).Wait();
// Download new certificate
Console.WriteLine("4. Download certificate...");
_letsEncryptService.GetCertificate(site.name).Wait();
// Write to filesystem
certRes = new CachedCertificateResult();
Console.WriteLine(string.Format("Terms of service: {0}", _letsEncryptService.GetTermsOfServiceUri()));
//create folder for ssl
string ssl = Path.Combine(env.ssl, site.name);
if(!Directory.Exists(ssl)) {
Directory.CreateDirectory(ssl);
}
// get cached certificate and check if it's valid
// if valid check if cert and key exists otherwise recreate
// else continue with new certificate request
CachedCertificateResult certRes = new CachedCertificateResult();
if (_letsEncryptService.TryGetCachedCertificate(site.name, out certRes)) {
string cert = Path.Combine(ssl, site.name + ".crt");
File.WriteAllText(cert, certRes.Certificate);
//if(!File.Exists(cert))
File.WriteAllText(cert, certRes.Certificate);
string key = Path.Combine(ssl, site.name + ".key");
using (StreamWriter writer = File.CreateText(key))
_keyService.ExportPrivateKey(certRes.PrivateKey, writer);
//if(!File.Exists(key)) {
using (StreamWriter writer = File.CreateText(key))
_keyService.ExportPrivateKey(certRes.PrivateKey, writer);
//}
Console.WriteLine("Certificate saved.");
Console.WriteLine("Certificate and Key exists and valid. Restored from cache.");
}
else {
Console.WriteLine("Unable to get new cached certificate.");
//new nonce
_letsEncryptService.NewNonce().Wait();
//try to make new order
try {
//create new orders
Console.WriteLine("2. Client New Order...");
Task<Dictionary<string, string>> orders = _letsEncryptService.NewOrder(site.hosts, site.challenge);
orders.Wait();
switch(site.challenge) {
case "http-01": {
//ensure to enable static file discovery on server in .well-known/acme-challenge
//and listen on 80 port
//check acme directory
string acme = Path.Combine(env.www, env.acme);
if(!Directory.Exists(acme)) {
throw new DirectoryNotFoundException(string.Format("Directory {0} wasn't created", acme));
}
foreach (FileInfo file in new DirectoryInfo(acme).GetFiles()) {
if(file.LastWriteTimeUtc < DateTime.UtcNow.AddMonths(-3))
file.Delete();
}
foreach (var result in orders.Result)
{
Console.WriteLine("Key: " + result.Key + System.Environment.NewLine + "Value: " + result.Value);
string[] splitToken = result.Value.Split('~');
string token = Path.Combine(acme, splitToken[0]);
File.WriteAllText(token, splitToken[1]);
}
_terminalService.Exec("chgrp -R nginx /var/www");
_terminalService.Exec("chmod -R g+rwx /var/www");
break;
}
case "dns-01": {
//Manage DNS server MX record, depends from provider
break;
}
default: {
break;
}
}
//complete challanges
Console.WriteLine("3. Client Complete Challange...");
_letsEncryptService.CompleteChallenges().Wait();
Console.WriteLine("Challanges comleted.");
}
catch (Exception ex) {
Console.WriteLine(ex.Message.ToString());
_letsEncryptService.GetOrder(site.hosts).Wait();
}
// Download new certificate
Console.WriteLine("4. Download certificate...");
_letsEncryptService.GetCertificate(site.name).Wait();
// Write to filesystem
certRes = new CachedCertificateResult();
if (_letsEncryptService.TryGetCachedCertificate(site.name, out certRes)) {
string cert = Path.Combine(ssl, site.name + ".crt");
File.WriteAllText(cert, certRes.Certificate);
string key = Path.Combine(ssl, site.name + ".key");
using (StreamWriter writer = File.CreateText(key))
_keyService.ExportPrivateKey(certRes.PrivateKey, writer);
Console.WriteLine("Certificate saved.");
}
else {
Console.WriteLine("Unable to get new cached certificate.");
}
}
}
}
catch (Exception ex) {
Console.WriteLine(ex.Message.ToString());
catch (Exception ex) {
Console.WriteLine(ex.Message.ToString());
}
}
}
catch (Exception ex) {
Console.WriteLine(ex.Message.ToString());
}
}
catch (Exception ex) {
Console.WriteLine(ex.Message.ToString());
}
if(env.name == "ProductionV2") {
_terminalService.Exec("systemctl restart nginx");
}
}
catch (Exception ex) {
Console.WriteLine(ex.Message.ToString());
}
});
_terminalService.Exec("systemctl restart nginx");
}
catch (Exception ex) {
Console.WriteLine(ex.Message.ToString());
}
}
}
}

2
v2.0/LetsEncrypt/Helpers/AppSettings.cs
View File

@ -1,12 +1,12 @@
namespace LetsEncrypt.Helpers
{
public class AppSettings {
public string active { get; set; }
public Environment [] environments { get; set; }
public Customer [] customers { get; set;}
}
public class Environment {
public bool active { get; set; }
public string name { get; set; }
public string url { get; set; }
public string cache { get; set; }

5
v2.0/LetsEncrypt/appsettings.json
View File

@ -1,10 +1,8 @@
{
"AppSettings": {
"active": "StagingV2",
"environments": [
{
"active": true,
"name": "StagingV2",
"url": "https://acme-staging-v02.api.letsencrypt.org/directory",
@ -14,6 +12,7 @@
"ssl": "/home/maksym/source/temp"
},
{
"active": false,
"name": "ProductionV2",
"url": "https://acme-v02.api.letsencrypt.org/directory",