Better zone handling
This commit is contained in:
Curtis Castrapel
parent
e050177c08
commit
da99bcda68
|
|
@ -18,8 +18,12 @@ def get_all_zones():
|
||||||
acme_plugin = plugins.get("acme-issuer")
|
acme_plugin = plugins.get("acme-issuer")
|
||||||
|
|
||||||
for dns_provider in dns_providers:
|
for dns_provider in dns_providers:
|
||||||
zones = acme_plugin.get_all_zones(dns_provider)
|
try:
|
||||||
set_domains(dns_provider, zones)
|
zones = acme_plugin.get_all_zones(dns_provider)
|
||||||
|
set_domains(dns_provider, zones)
|
||||||
|
except Exception as e:
|
||||||
|
print("[+] Error with DNS Provider {}: {}".format(dns_provider.name, e))
|
||||||
|
set_domains(dns_provider, [])
|
||||||
|
|
||||||
status = SUCCESS_METRIC_STATUS
|
status = SUCCESS_METRIC_STATUS
|
||||||
|
|
||||||
|
|
|
||||||
|
|
@ -212,6 +212,8 @@ class AcmeHandler(object):
|
||||||
"""
|
"""
|
||||||
self.dns_providers_for_domain[domain] = []
|
self.dns_providers_for_domain[domain] = []
|
||||||
for dns_provider in self.all_dns_providers:
|
for dns_provider in self.all_dns_providers:
|
||||||
|
if not dns_provider.domains:
|
||||||
|
continue
|
||||||
for name in dns_provider.domains:
|
for name in dns_provider.domains:
|
||||||
if domain.endswith(name):
|
if domain.endswith(name):
|
||||||
self.dns_providers_for_domain[domain].append(dns_provider)
|
self.dns_providers_for_domain[domain].append(dns_provider)
|
||||||
|
|
|
||||||
|
|
@ -115,13 +115,16 @@ def sync_certificates(source, user):
|
||||||
certificates = s.get_certificates(source.options)
|
certificates = s.get_certificates(source.options)
|
||||||
|
|
||||||
for certificate in certificates:
|
for certificate in certificates:
|
||||||
|
exists = False
|
||||||
if certificate.get('name'):
|
if certificate.get('name'):
|
||||||
exists = [certificate_service.get_by_name(certificate['name'])]
|
result = certificate_service.get_by_name(certificate['name'])
|
||||||
|
if result:
|
||||||
|
exists = [result]
|
||||||
|
|
||||||
elif certificate.get('serial'):
|
if not exists and certificate.get('serial'):
|
||||||
exists = certificate_service.get_by_serial(certificate['serial'])
|
exists = certificate_service.get_by_serial(certificate['serial'])
|
||||||
|
|
||||||
else:
|
if not exists:
|
||||||
cert = parse_certificate(certificate['body'])
|
cert = parse_certificate(certificate['body'])
|
||||||
exists = certificate_service.get_by_serial(serial(cert))
|
exists = certificate_service.get_by_serial(serial(cert))
|
||||||
|
|
||||||
|
|
@ -129,7 +132,6 @@ def sync_certificates(source, user):
|
||||||
certificate['owner'] = user.email
|
certificate['owner'] = user.email
|
||||||
|
|
||||||
certificate['creator'] = user
|
certificate['creator'] = user
|
||||||
|
|
||||||
exists = [x for x in exists if x]
|
exists = [x for x in exists if x]
|
||||||
|
|
||||||
if not exists:
|
if not exists:
|
||||||
|
|
|
||||||
|
|
@ -129,7 +129,7 @@
|
||||||
</select>
|
</select>
|
||||||
</div>
|
</div>
|
||||||
</div>
|
</div>
|
||||||
<div class="form-group">
|
<div class="form-group" ng-hide="certificate.authority.plugin.slug == 'acme-issuer'">
|
||||||
<label class="control-label col-sm-2"
|
<label class="control-label col-sm-2"
|
||||||
uib-tooltip="If no date is selected Lemur attempts to issue a 2 year certificate">
|
uib-tooltip="If no date is selected Lemur attempts to issue a 2 year certificate">
|
||||||
Validity Range <span class="glyphicon glyphicon-question-sign"></span>
|
Validity Range <span class="glyphicon glyphicon-question-sign"></span>
|
||||||
|
|
@ -191,6 +191,15 @@
|
||||||
class="glyphicon glyphicon-remove"></i></button>
|
class="glyphicon glyphicon-remove"></i></button>
|
||||||
</div>
|
</div>
|
||||||
</div>
|
</div>
|
||||||
|
<div class="form-group" ng-show="certificate.authority.plugin.slug == 'acme-issuer'">
|
||||||
|
<label class="control-label col-sm-2">
|
||||||
|
Validity Range <span class="glyphicon glyphicon-question-sign"></span>
|
||||||
|
</label>
|
||||||
|
<div class="col-sm-10">
|
||||||
|
Certificates for LetsEncrypt expire 90 days after creation. Enable auto-rotate to have Lemur automatically
|
||||||
|
rotate the certificate and update your endpoints.
|
||||||
|
</div>
|
||||||
|
</div>
|
||||||
<div class="form-group">
|
<div class="form-group">
|
||||||
<label class="control-label col-sm-2">Auto Rotate</label>
|
<label class="control-label col-sm-2">Auto Rotate</label>
|
||||||
<div class="col-sm-10">
|
<div class="col-sm-10">
|
||||||
|
|
|
||||||
|
|
@ -15,14 +15,14 @@ asyncpool==1.0
|
||||||
babel==2.6.0 # via sphinx
|
babel==2.6.0 # via sphinx
|
||||||
bcrypt==3.1.4
|
bcrypt==3.1.4
|
||||||
blinker==1.4
|
blinker==1.4
|
||||||
boto3==1.7.75
|
boto3==1.7.78
|
||||||
botocore==1.10.75
|
botocore==1.10.78
|
||||||
certifi==2018.8.13
|
certifi==2018.8.13
|
||||||
cffi==1.11.5
|
cffi==1.11.5
|
||||||
chardet==3.0.4
|
chardet==3.0.4
|
||||||
click==6.7
|
click==6.7
|
||||||
cloudflare==2.1.0
|
cloudflare==2.1.0
|
||||||
cryptography==2.3
|
cryptography==2.3.1
|
||||||
dnspython3==1.15.0
|
dnspython3==1.15.0
|
||||||
dnspython==1.15.0
|
dnspython==1.15.0
|
||||||
docutils==0.14
|
docutils==0.14
|
||||||
|
|
@ -49,7 +49,7 @@ jsonlines==1.2.0
|
||||||
lockfile==0.12.2
|
lockfile==0.12.2
|
||||||
mako==1.0.7
|
mako==1.0.7
|
||||||
markupsafe==1.0
|
markupsafe==1.0
|
||||||
marshmallow-sqlalchemy==0.14.0
|
marshmallow-sqlalchemy==0.14.1
|
||||||
marshmallow==2.15.4
|
marshmallow==2.15.4
|
||||||
mock==2.0.0
|
mock==2.0.0
|
||||||
ndg-httpsclient==0.5.1
|
ndg-httpsclient==0.5.1
|
||||||
|
|
|
||||||
|
|
@ -8,16 +8,16 @@ asn1crypto==0.24.0 # via cryptography
|
||||||
atomicwrites==1.1.5 # via pytest
|
atomicwrites==1.1.5 # via pytest
|
||||||
attrs==18.1.0 # via pytest
|
attrs==18.1.0 # via pytest
|
||||||
aws-xray-sdk==0.95 # via moto
|
aws-xray-sdk==0.95 # via moto
|
||||||
boto3==1.7.75 # via moto
|
boto3==1.7.78 # via moto
|
||||||
boto==2.49.0 # via moto
|
boto==2.49.0 # via moto
|
||||||
botocore==1.10.75 # via boto3, moto, s3transfer
|
botocore==1.10.78 # via boto3, moto, s3transfer
|
||||||
certifi==2018.8.13 # via requests
|
certifi==2018.8.13 # via requests
|
||||||
cffi==1.11.5 # via cryptography
|
cffi==1.11.5 # via cryptography
|
||||||
chardet==3.0.4 # via requests
|
chardet==3.0.4 # via requests
|
||||||
click==6.7 # via flask
|
click==6.7 # via flask
|
||||||
cookies==2.2.1 # via moto, responses
|
cookies==2.2.1 # via moto, responses
|
||||||
coverage==4.5.1
|
coverage==4.5.1
|
||||||
cryptography==2.3 # via moto
|
cryptography==2.3.1 # via moto
|
||||||
docker-pycreds==0.3.0 # via docker
|
docker-pycreds==0.3.0 # via docker
|
||||||
docker==3.5.0 # via moto
|
docker==3.5.0 # via moto
|
||||||
docutils==0.14 # via botocore
|
docutils==0.14 # via botocore
|
||||||
|
|
@ -59,7 +59,7 @@ s3transfer==0.1.13 # via boto3
|
||||||
six==1.11.0 # via cryptography, docker, docker-pycreds, faker, freezegun, mock, more-itertools, moto, pytest, python-dateutil, python-jose, requests-mock, responses, websocket-client
|
six==1.11.0 # via cryptography, docker, docker-pycreds, faker, freezegun, mock, more-itertools, moto, pytest, python-dateutil, python-jose, requests-mock, responses, websocket-client
|
||||||
text-unidecode==1.2 # via faker
|
text-unidecode==1.2 # via faker
|
||||||
urllib3==1.23 # via requests
|
urllib3==1.23 # via requests
|
||||||
websocket-client==0.48.0 # via docker
|
websocket-client==0.49.0 # via docker
|
||||||
werkzeug==0.14.1 # via flask, moto, pytest-flask
|
werkzeug==0.14.1 # via flask, moto, pytest-flask
|
||||||
wrapt==1.10.11 # via aws-xray-sdk
|
wrapt==1.10.11 # via aws-xray-sdk
|
||||||
xmltodict==0.11.0 # via moto
|
xmltodict==0.11.0 # via moto
|
||||||
|
|
|
||||||
|
|
@ -13,14 +13,14 @@ asn1crypto==0.24.0 # via cryptography
|
||||||
asyncpool==1.0
|
asyncpool==1.0
|
||||||
bcrypt==3.1.4 # via flask-bcrypt, paramiko
|
bcrypt==3.1.4 # via flask-bcrypt, paramiko
|
||||||
blinker==1.4 # via flask-mail, flask-principal, raven
|
blinker==1.4 # via flask-mail, flask-principal, raven
|
||||||
boto3==1.7.75
|
boto3==1.7.78
|
||||||
botocore==1.10.75 # via boto3, s3transfer
|
botocore==1.10.78 # via boto3, s3transfer
|
||||||
certifi==2018.8.13
|
certifi==2018.8.13
|
||||||
cffi==1.11.5 # via bcrypt, cryptography, pynacl
|
cffi==1.11.5 # via bcrypt, cryptography, pynacl
|
||||||
chardet==3.0.4 # via requests
|
chardet==3.0.4 # via requests
|
||||||
click==6.7 # via flask
|
click==6.7 # via flask
|
||||||
cloudflare==2.1.0
|
cloudflare==2.1.0
|
||||||
cryptography==2.3
|
cryptography==2.3.1
|
||||||
dnspython3==1.15.0
|
dnspython3==1.15.0
|
||||||
dnspython==1.15.0 # via dnspython3
|
dnspython==1.15.0 # via dnspython3
|
||||||
docutils==0.14 # via botocore
|
docutils==0.14 # via botocore
|
||||||
|
|
@ -46,7 +46,7 @@ jsonlines==1.2.0 # via cloudflare
|
||||||
lockfile==0.12.2
|
lockfile==0.12.2
|
||||||
mako==1.0.7 # via alembic
|
mako==1.0.7 # via alembic
|
||||||
markupsafe==1.0 # via jinja2, mako
|
markupsafe==1.0 # via jinja2, mako
|
||||||
marshmallow-sqlalchemy==0.14.0
|
marshmallow-sqlalchemy==0.14.1
|
||||||
marshmallow==2.15.4
|
marshmallow==2.15.4
|
||||||
mock==2.0.0 # via acme
|
mock==2.0.0 # via acme
|
||||||
ndg-httpsclient==0.5.1
|
ndg-httpsclient==0.5.1
|
||||||
|
|
|
||||||
Loading…
Reference in New Issue