diff options
author | Sergey Poznyakoff <gray@gnu.org.ua> | 2019-08-21 09:48:09 +0300 |
---|---|---|
committer | Sergey Poznyakoff <gray@gnu.org.ua> | 2019-08-21 10:58:13 +0300 |
commit | 3610ab59b2085c5eda3933690a973bad1760d3d4 (patch) | |
tree | 4e6d004a352f51adfeb907bf58e7ba77aa662685 /acmeman | |
parent | 63a36d15df9eebf3389637f58414766498722788 (diff) | |
download | acmeman-3610ab59b2085c5eda3933690a973bad1760d3d4.tar.gz acmeman-3610ab59b2085c5eda3933690a973bad1760d3d4.tar.bz2 |
Use Config::Parser::Ini for configuration
Diffstat (limited to 'acmeman')
-rwxr-xr-x | acmeman | 181 |
1 files changed, 10 insertions, 171 deletions
@@ -2,7 +2,7 @@ #! -*-perl-*- eval 'exec perl -x -wS $0 ${1+"$@"}' if 0; -# Copyright (C) 2017, 2018 Sergey Poznyakoff <gray@gnu.org> +# Copyright (C) 2017-2019 Sergey Poznyakoff <gray@gnu.org> # # This program is free software; you can redistribute it and/or modify # it under the terms of the GNU General Public License as published by @@ -906,13 +906,6 @@ sub get_root_cert { sub initial_setup { get_root_cert('/etc/ssl/acme/lets-encrypt-x3-cross-signed.pem'); - unless ($config->isset(qw(core source))) { - require App::Acmeman::Source::Apache; - my $src = new App::Acmeman::Source::Apache; - $src->configure($config); - $config->set(qw(core source), $src) unless $config->success; - $config->clrerr; - } foreach my $src ($config->get(qw(core source))) { unless ($src->setup(dry_run => $dry_run, force => $force)) { @@ -956,7 +949,7 @@ sub myip { $ips = {}; my $addhost; - if ($config->isset(qw(core my-ip))) { + if ($config->is_set(qw(core my-ip))) { $addhost = 0; foreach my $ip ($config->get(qw(core my-ip))) { if ($ip eq '$hostip') { @@ -988,7 +981,7 @@ sub host_ns_ok { sub collect { my $aref = shift; - return unless $config->isset('domain'); + return unless $config->is_set('domain'); my $err; while (my ($k, $v) = each %{$config->get('domain')}) { my $dom; @@ -1056,171 +1049,21 @@ GetOptions("h" => sub { ++$debug if $dry_run; -sub cb_parse_bool { - my ($k, $vref) = @_; - my %bt = ( - 0 => 0, - off => 0, - false => 0, - no => 0, - 1 => 1, - on => 1, - true => 1, - yes => 1 - ); - my $res = $bt{lc($$vref)}; - if (defined($res)) { - $$vref = $res; - return undef; - } - return "not a boolean: $$vref"; -} - -my %syntax = ( - core => { - section => { - postrenew => { array => 1 }, - rootdir => { default => '/var/www/acme' }, - files => 1, - 'time-delta' => { default => 86400 }, - source => { default => [ 'apache' ], array => 1 }, - 'check-alt-names' => { default => 0, parser => \&cb_parse_bool }, - 'check-dns' => { default => 1, parser => \&cb_parse_bool }, - 'my-ip' => { array => 1 }, - 'key-size' => { re => '^\d+$', default => 4096 } - } - }, - files => { - section => { - '*' => { - section => { - type => { re => 'single|split', default => 'split' }, - 'certificate-file' => { mandatory => 1 }, - 'key-file' => 1, - 'ca-file' => 1, - argument => 1, - } - } - } - }, - domain => { - section => { - '*' => { - section => { - alt => { array => 1 }, - files => 1, - 'key-size' => { re => '^\d+$' }, - postrenew => 0 - } - } - } - } -); - -sub file_type_fixup { - my $err; - - $config->set(qw(core files default)) - unless $config->isset(qw(core files)); - - unless ($config->isset(qw(files))) { - if ($config->get(qw(core files)) ne 'default') { - error("section files." . $config->get(qw(core files))." not defined"); - ++$err; - } - } - - unless ($config->isset(qw(files default))) { - $config->set(qw(files default type), 'split'); - $config->set(qw(files default key-file), - '/etc/ssl/acme/$domain/privkey.pem'); - $config->set(qw(files default certificate-file), - '/etc/ssl/acme/$domain/cert.pem'); - $config->set(qw(files default ca-file), - '/etc/ssl/acme/$domain/ca.pem'); - } - - if ($config->isset(qw(files))) { - while (my ($k, $v) = each %{$config->get(qw(files))}) { - if ($v->{type} eq 'single') { - unless (exists($v->{'certificate-file'})) { - error("files.$k.certificate-file not defined"); - ++$err; - } else { - if (exists($v->{'key-file'})) { - error("files.$k.key-file ignored"); - } - if (exists($v->{'ca-file'})) { - error("files.$k.ca-file ignored"); - } - } - } else { - unless (exists($v->{'key-file'})) { - error("files.$k.key-file not defined"); - ++$err; - } - unless (exists($v->{'certificate-file'})) { - error("files.$k.ca-file not defined"); - ++$err; - } - } - } - } - - if (my $files = $config->get(qw(core files))) { - unless ($config->isset('files', $files)) { - error("files.$files is referenced from [core], but never declared"); - ++$err; - } - } - - exit(1) if $err; -} - my @domlist; @select{map { lc } @ARGV} = (1) x @ARGV; -$config = new App::Acmeman::Config($config_file, - syntax => \%syntax, - defaults => { - 'core.source' => 'apache', - 'core.key-size' => 4096 - }); - -if ($config->success) { - if (my @source = $config->get(qw(core source))) { - $config->unset(qw(core source)); - foreach my $s (@source) { - my ($name, @args) = quotewords('\s+', 0, $s); - my $pack = 'App::Acmeman::Source::' . ucfirst($name); - my $obj = eval "use $pack; new $pack(\@args);"; - if ($@) { - abend(EX_CONFIG, $@); - } - $obj->configure($config); - $config->set(qw(core source), $obj); - } - } - if ($time_delta) { - $config->set(qw(core time-delta), $time_delta); - } - if ($check_alt_names) { - $config->set(qw(core check-alt-names), $check_alt_names); - } - $config->finalize; -} +$config = new App::Acmeman::Config($config_file); -unless ($config->success) { - foreach my $err ($config->errors) { - error($err); - } - exit(1); +if ($time_delta) { + $config->set(qw(core time-delta), $time_delta); +} +if ($check_alt_names) { + $config->set(qw(core check-alt-names), $check_alt_names); } initial_setup if $setup; -file_type_fixup; #print Dumper([$config]);exit; collect \@domlist; @@ -1230,10 +1073,6 @@ coalesce \@domlist; # Check challenge root directory prep_dir($config->get(qw(core rootdir)).'/file'); -# # FIXME Check filename patterns -# abend(EX_CONFIG, "filename patterns not defined") -# unless (defined($filename_arg) && defined($filename_pattern{cert})); - $challenge = Protocol::ACME::Challenge::LocalFile->new({ www_root => $config->get(qw(core rootdir)) }); @@ -1253,7 +1092,7 @@ foreach my $vhost (@domlist) { } if ($renewed) { - if ($config->isset(qw(core postrenew))) { + if ($config->is_set(qw(core postrenew))) { foreach my $cmd ($config->get(qw(core postrenew))) { runcmd($cmd); } |