diff --git a/install/install.py b/install/install.py index 374d67e21..6f1f15399 100755 --- a/install/install.py +++ b/install/install.py @@ -693,6 +693,9 @@ class preFlightsChecks: command = 'chmod 755 /etc/pure-ftpd/' subprocess.call(command, shell=True) + command = 'chmod +x /usr/local/CyberCP/plogical/renew.py' + preFlightsChecks.call(command, self.distro, command, command, 1, 0, os.EX_OSERR) + def install_unzip(self): self.stdOut("Install unzip") try: @@ -1690,6 +1693,7 @@ imap_folder_list_limit = 0 cronFile.writelines("0 * * * * root /usr/local/CyberCP/postfixSenderPolicy/client.py hourlyCleanup" + "\n") cronFile.writelines("0 0 1 * * root /usr/local/CyberCP/postfixSenderPolicy/client.py monthlyCleanup" + "\n") cronFile.writelines("0 2 * * * root /usr/local/CyberCP/plogical/upgradeCritical.py" + "\n") + cronFile.writelines("/usr/local/CyberCP/bin/python2 /usr/local/CyberCP/plogical/renew.py\n") cronFile.close() command = 'chmod +x /usr/local/CyberCP/plogical/findBWUsage.py' @@ -2182,6 +2186,10 @@ milter_default_action = accept command = 'wget -O - https://get.acme.sh | sh' subprocess.call(command, shell=True) + command = '/root/.acme.sh/acme.sh --upgrade --auto-upgrade' + preFlightsChecks.call(command, self.distro, command, command, 1, 0, os.EX_OSERR) + + def main(): parser = argparse.ArgumentParser(description='CyberPanel Installer') diff --git a/plogical/renew.py b/plogical/renew.py new file mode 100644 index 000000000..2a6ab45da --- /dev/null +++ b/plogical/renew.py @@ -0,0 +1,92 @@ +#!/usr/local/CyberCP/bin/python2 +import os +import os.path +import sys +import django + +sys.path.append('/usr/local/CyberCP') +os.environ.setdefault("DJANGO_SETTINGS_MODULE", "CyberCP.settings") +django.setup() +from plogical.CyberCPLogFileWriter import CyberCPLogFileWriter as logging +from websiteFunctions.models import Websites, ChildDomains +from os import path +from datetime import datetime +import OpenSSL +from plogical.virtualHostUtilities import virtualHostUtilities + +class Renew: + def SSLObtainer(self): + try: + logging.writeToFile('Running SSL Renew Utility') + + ## For websites + + for website in Websites.objects.all(): + logging.writeToFile('Checking SSL for %s.' % (website.domain)) + filePath = '/etc/letsencrypt/live/%s/fullchain.pem' % (website.domain) + + if path.exists(filePath): + logging.writeToFile('SSL exists for %s. Checking if SSL will expire in 15 days..' % (website.domain)) + x509 = OpenSSL.crypto.load_certificate(OpenSSL.crypto.FILETYPE_PEM, + open(filePath, 'r').read()) + expireData = x509.get_notAfter().decode('ascii') + finalDate = datetime.strptime(expireData, '%Y%m%d%H%M%SZ') + now = datetime.now() + diff = finalDate - now + + if int(diff.days) >= 15: + logging.writeToFile( + 'SSL exists for %s and is not ready to renew, skipping..' % (website.domain)) + else: + logging.writeToFile( + 'SSL exists for %s and ready to renew..' % (website.domain)) + logging.writeToFile( + 'Renewing SSL for %s..' % (website.domain)) + + virtualHostUtilities.issueSSL(website.domain, '/home/%s/public_html' % (website.domain), website.adminEmail) + else: + logging.writeToFile( + 'SSL does not exist for %s. Obtaining now..' % (website.domain)) + virtualHostUtilities.issueSSL(website.domain, '/home/%s/public_html' % (website.domain), + website.adminEmail) + + ## For child-domains + + for website in ChildDomains.objects.all(): + logging.writeToFile('Checking SSL for %s.' % (website.domain)) + filePath = '/etc/letsencrypt/live/%s/fullchain.pem' % (website.domain) + + if path.exists(filePath): + logging.writeToFile( + 'SSL exists for %s. Checking if SSL will expire in 15 days..' % (website.domain)) + x509 = OpenSSL.crypto.load_certificate(OpenSSL.crypto.FILETYPE_PEM, + open(filePath, 'r').read()) + expireData = x509.get_notAfter().decode('ascii') + finalDate = datetime.strptime(expireData, '%Y%m%d%H%M%SZ') + now = datetime.now() + diff = finalDate - now + + if int(diff.days) >= 15: + logging.writeToFile( + 'SSL exists for %s and is not ready to renew, skipping..' % (website.domain)) + else: + logging.writeToFile( + 'SSL exists for %s and ready to renew..' % (website.domain)) + logging.writeToFile( + 'Renewing SSL for %s..' % (website.domain)) + + virtualHostUtilities.issueSSL(website.domain, website.path, + website.master.adminEmail) + else: + logging.writeToFile( + 'SSL does not exist for %s. Obtaining now..' % (website.domain)) + virtualHostUtilities.issueSSL(website.domain, website.path, + website.master.adminEmail) + + except BaseException, msg: + logging.writeToFile(str(msg) + '. Renew.SSLObtainer') + + +if __name__ == "__main__": + sslOB = Renew() + sslOB.SSLObtainer() \ No newline at end of file diff --git a/plogical/upgrade.py b/plogical/upgrade.py index d0a678cbc..e108f120b 100755 --- a/plogical/upgrade.py +++ b/plogical/upgrade.py @@ -1687,11 +1687,19 @@ CSRF_COOKIE_SECURE = True command = 'chmod 644 /etc/postfix/dynamicmaps.cf' subprocess.call(command, shell=True) + command = 'chmod +x /usr/local/CyberCP/plogical/renew.py' + Upgrade.executioner(command, command, 0) + Upgrade.stdOut("Permissions updated.") except BaseException, msg: Upgrade.stdOut(str(msg) + " [installLSCPD]") + @staticmethod + def AutoUpgradeAcme(): + command = '/root/.acme.sh/acme.sh --upgrade --auto-upgrade' + Upgrade.executioner(command, command, 0) + @staticmethod def installPHP73(): try: @@ -1942,6 +1950,13 @@ failovermethod=priority writeToFile.writelines(cronJob) writeToFile.close() + + if data.find('renew.py') == -1: + writeToFile = open(cronTab, 'a') + writeToFile.writelines("/usr/local/CyberCP/bin/python2 /usr/local/CyberCP/plogical/renew.py\n") + writeToFile.close() + + @staticmethod def p3(): @@ -2097,6 +2112,7 @@ failovermethod=priority Upgrade.executioner(command, 'fix csf if there', 0) command = 'systemctl start cpssh' Upgrade.executioner(command, 'fix csf if there', 0) + Upgrade.AutoUpgradeAcme() Upgrade.stdOut("Upgrade Completed.") diff --git a/websiteFunctions/templates/websiteFunctions/launchChild.html b/websiteFunctions/templates/websiteFunctions/launchChild.html index 8015d430d..12ef9ea45 100755 --- a/websiteFunctions/templates/websiteFunctions/launchChild.html +++ b/websiteFunctions/templates/websiteFunctions/launchChild.html @@ -76,6 +76,14 @@
+ {% if viewSSL == 1 %} +
+
+

Certificate from {{ authority }}

+

Your SSL will expire in {{ days }} days.

+
+
+ {% endif %}

{% trans "Disk Usage" %} diff --git a/websiteFunctions/templates/websiteFunctions/website.html b/websiteFunctions/templates/websiteFunctions/website.html index abd8ad9bc..a7331afe0 100755 --- a/websiteFunctions/templates/websiteFunctions/website.html +++ b/websiteFunctions/templates/websiteFunctions/website.html @@ -26,12 +26,14 @@

{% trans "Resource Usage" %} - {% trans "Clone/Staging" %} - {% trans "Set up SSH Access" %} + {% trans "Clone/Staging" %} + {% trans "Set up SSH Access" %}

-
@@ -72,6 +74,14 @@
+ {% if viewSSL == 1 %} +
+
+

Certificate from {{ authority }}

+

Your SSL will expire in {{ days }} days.

+
+
+ {% endif %}

{% trans "Disk Usage" %} diff --git a/websiteFunctions/website.py b/websiteFunctions/website.py index 52095acdd..66b501344 100755 --- a/websiteFunctions/website.py +++ b/websiteFunctions/website.py @@ -712,8 +712,6 @@ class WebsiteManager: execPath = execPath + " findDomainBW --virtualHostName " + self.domain + " --bandwidth " + str( website.package.bandwidth) - logging.CyberCPLogFileWriter.writeToFile(execPath) - output = ProcessUtilities.outputExecutioner(execPath) bwData = output.split(",") except BaseException, msg: @@ -746,6 +744,25 @@ class WebsiteManager: else: Data['email'] = 0 + ## Getting SSL Information + try: + import OpenSSL + from datetime import datetime + filePath = '/etc/letsencrypt/live/%s/fullchain.pem' % (self.domain) + x509 = OpenSSL.crypto.load_certificate(OpenSSL.crypto.FILETYPE_PEM, + open(filePath, 'r').read()) + expireData = x509.get_notAfter().decode('ascii') + finalDate = datetime.strptime(expireData, '%Y%m%d%H%M%SZ') + + now = datetime.now() + diff = finalDate - now + Data['viewSSL'] = 1 + Data['days'] = str(diff.days) + Data['authority'] = x509.get_issuer().get_components()[1][1] + except BaseException, msg: + Data['viewSSL'] = 0 + logging.CyberCPLogFileWriter.writeToFile(str(msg)) + servicePath = '/home/cyberpanel/pureftpd' if os.path.exists(servicePath): Data['ftp'] = 1 @@ -829,6 +846,26 @@ class WebsiteManager: else: Data['ftp'] = 0 + ## Getting SSL Information + try: + import OpenSSL + from datetime import datetime + filePath = '/etc/letsencrypt/live/%s/fullchain.pem' % (self.domain) + x509 = OpenSSL.crypto.load_certificate(OpenSSL.crypto.FILETYPE_PEM, + open(filePath, 'r').read()) + expireData = x509.get_notAfter().decode('ascii') + finalDate = datetime.strptime(expireData, '%Y%m%d%H%M%SZ') + + now = datetime.now() + diff = finalDate - now + Data['viewSSL'] = 1 + Data['days'] = str(diff.days) + Data['authority'] = x509.get_issuer().get_components()[1][1] + except BaseException, msg: + Data['viewSSL'] = 0 + logging.CyberCPLogFileWriter.writeToFile(str(msg)) + + return render(request, 'websiteFunctions/launchChild.html', Data) else: return render(request, 'websiteFunctions/launchChild.html',