Translate to python3
[letsencrypt-hitch-plugin] / hitch.py
1 """Hitch plugin."""
2 import logging
3 import os
4 import re
5 import subprocess
6
7 import zope.component
8
9 from zope.interface import implementer, provider
10
11 from letsencrypt import errors
12 from letsencrypt import interfaces
13 from letsencrypt.plugins import common
14
15
16 logger = logging.getLogger(__name__)
17
18
19 @implementer(interfaces.IInstaller)
20 @provider(interfaces.IPluginFactory)
21 class Installer(common.Plugin):
22     """Hitch installer."""
23
24     description = "Hitch Installer"
25     hidden = True
26
27     def prepare(self):
28         with open("/etc/hitch/hitch.conf") as config_file:
29             self.config = config_file.readlines()
30
31     def more_info(self):
32         return "Installer for Hitch TLS wrapper."
33
34     def get_all_names(self):
35         raise errors.PluginError("not implemented")
36
37     def deploy_cert(self, domain, cert_path, key_path,
38                     chain_path=None, fullchain_path=None):
39         # Concatenate private key and certificate together into one file.
40         with open(key_path) as key_file:
41             pem = key_file.read()
42
43         # Add the full chain if we have it; else just the certificate.
44         if fullchain_path is not None:
45             with open(fullchain_path) as cert_file:
46                 pem += cert_file.read()
47         else:
48             with open(cert_path) as cert_file:
49                 pem += cert_file.read()
50
51         # Add DH params if we have them (needed for PFS).
52         try:
53             with open("/etc/hitch/dh-param.pem") as dh_param_file:
54                 pem += dh_param_file.read()
55         except:
56             pass
57
58         # Actually write the full file.
59         filename = os.path.join(os.path.dirname(cert_path), "all.pem")
60         fd = os.open(filename, os.O_WRONLY | os.O_CREAT | os.O_TRUNC, 0o600)
61         with os.fdopen(fd, 'w') as pem_file:
62             pem_file.write(pem)
63
64         # Now go check the config file to see if this file is already there.
65         found = False
66         last_pem_line = None
67         for line_num in range(len(self.config)):
68             m = re.match("^\s*pem-file\s*=\s*\"([^\"]+)\"", self.config[line_num])
69             if m:
70                 last_pem_line = line_num
71                 if m.groups()[0] == filename:
72                     found = True
73
74         # If it's not already there, add it after the last line.
75         if not found:
76             if last_pem_line is None:
77                 last_pem_line = len(self.config) - 1
78             config_line = "pem-file = \"%s\"  # Added by Let's Encrypt installer.\n" % filename
79             self.config.insert(last_pem_line + 1, config_line)
80
81         pass  # pragma: no cover
82
83     def enhance(self, domain, enhancement, options=None):
84         raise errors.PluginError("not implemented")
85
86     def supported_enhancements(self):
87         return []
88
89     def get_all_certs_keys(self):
90         raise errors.PluginError("not implemented")
91         return []
92
93     def save(self, title=None, temporary=False):
94         if temporary:
95             raise errors.PluginError("temporary is not implemented")
96
97         with open("/etc/hitch/hitch.conf", "w") as config_file:
98             config_file.writelines(self.config)
99
100     def rollback_checkpoints(self, rollback=1):
101         raise errors.PluginError("not implemented")
102
103     def recovery_routine(self):
104         raise errors.PluginError("not implemented")
105
106     def view_config_changes(self):
107         raise errors.PluginError("not implemented")
108
109     def config_test(self):
110         raise errors.PluginError("not implemented")
111
112     def restart(self):
113         subprocess.call(["systemctl", "reload", "hitch.service"])