outsource acmesh-command to reduce duplicate code

Signed-off-by: Michael Kaufmann <d00p@froxlor.org>
2019-02-17 19:43:12 +01:00
parent e962f76b32
commit f5127eccd1
1 changed files with 69 additions and 92 deletions
--- a/lib/Froxlor/Cron/Http/LetsEncrypt/AcmeSh.php
+++ b/lib/Froxlor/Cron/Http/LetsEncrypt/AcmeSh.php
@@ -29,6 +29,18 @@ class AcmeSh extends \Froxlor\Cron\FroxlorCron
 	private static $acmesh = "/root/.acme.sh/acme.sh";
 	/**
 	 *
 	 * @var \PDOStatement
 	 */
 	private static $updcert_stmt = null;
 	/**
 	 *
 	 * @var \PDOStatement
 	 */
 	private static $upddom_stmt = null;
 	public static function run()
 	{
 		self::checkInstall();
@@ -87,7 +99,7 @@ class AcmeSh extends \Froxlor\Cron\FroxlorCron
 				AND dom.`iswildcarddomain` = 0
 		");
-		$updcert_stmt = Database::prepare("
+		self::$updcert_stmt = Database::prepare("
 			REPLACE INTO
 				`" . TABLE_PANEL_DOMAIN_SSL_SETTINGS . "`
 			SET
@@ -102,7 +114,7 @@ class AcmeSh extends \Froxlor\Cron\FroxlorCron
 				`expirationdate` = :expirationdate
 		");
-		$upddom_stmt = Database::prepare("UPDATE `" . TABLE_PANEL_DOMAINS . "` SET `ssl_redirect` = '1' WHERE `id` = :domainid");
+		self::$upddom_stmt = Database::prepare("UPDATE `" . TABLE_PANEL_DOMAINS . "` SET `ssl_redirect` = '1' WHERE `id` = :domainid");
 		// flag for re-generation of vhost files
 		$changedetected = 0;
@@ -173,48 +185,7 @@ class AcmeSh extends \Froxlor\Cron\FroxlorCron
 					'adminsession' => 0
 				));
-				// Initialize Lescript with documentroot
+				self::runAcmeSh($certrow, $domains, $cert_mode, $cronlog, $changedetected);
 				$acmesh_cmd = self::$acmesh . " --auto-upgrade 0 --server " . self::$apiserver . " --" . $cert_mode . " -d " . implode(" -d ", $domains);
 				if ($cert_mode == 'issue') {
 					$acmesh_cmd .= " -w " . \Froxlor\Froxlor::getInstallDir();
 				}
 				if (Settings::Get('system.leecc') > 0) {
 					$acmesh_cmd .= " --keylength ec-" . Settings::Get('system.leecc');
 				}
 				FroxlorLogger::getInstanceOf()->logAction(\Froxlor\FroxlorLogger::CRON_ACTION, LOG_DEBUG, $acmesh_cmd);
 				$acme_result = \Froxlor\FileDir::safe_exec($acmesh_cmd);
 				$return = array();
 				self::readCertificateToVar(array_pop($domains), $return);
 				if (! empty($return['crt'])) {
 					$newcert = openssl_x509_parse($return['crt']);
 					// Store the new data
 					Database::pexecute($updcert_stmt, array(
 						'id' => $certrow['id'],
 						'domainid' => $certrow['domainid'],
 						'crt' => $return['crt'],
 						'key' => $return['key'],
 						'ca' => $return['chain'],
 						'chain' => $return['chain'],
 						'csr' => $return['csr'],
 						'fullchain' => $return['fullchain'],
 						'expirationdate' => date('Y-m-d H:i:s', $newcert['validTo_time_t'])
 					));
 					if ($certrow['ssl_redirect'] == 3) {
 						Settings::Set('system.le_froxlor_redirect', '1');
 					}
 					FroxlorLogger::getInstanceOf()->logAction(\Froxlor\FroxlorLogger::CRON_ACTION, LOG_INFO, "Updated Let's Encrypt certificate for " . $certrow['domain']);
 					$changedetected = 1;
 				} else {
 					FroxlorLogger::getInstanceOf()->logAction(\Froxlor\FroxlorLogger::CRON_ACTION, LOG_ERR, "Could not get Let's Encrypt certificate for " . $certrow['domain'] . ":\n" . implode("\n", $acme_result));
 				}
 			}
 		}
@@ -263,7 +234,24 @@ class AcmeSh extends \Froxlor\Cron\FroxlorCron
 					}
 				}
-				// Initialize Lescript with documentroot
+				self::runAcmeSh($certrow, $domains, $cert_mode, $cronlog, $changedetected);
 			} else {
 				$cronlog->logAction(\Froxlor\FroxlorLogger::CRON_ACTION, LOG_WARNING, "Skipping Let's Encrypt generation for " . $certrow['domain'] . " due to an enabled ssl_redirect");
 			}
 		}
 		// If we have a change in a certificate, we need to update the webserver - configs
 		// This is easiest done by just creating a new task ;)
 		if ($changedetected) {
 			\Froxlor\System\Cronjob::inserttask(1);
 		}
 		FroxlorLogger::getInstanceOf()->logAction(\Froxlor\FroxlorLogger::CRON_ACTION, LOG_INFO, "Let's Encrypt certificates have been updated");
 	}
 	private static function runAcmeSh($certrow = array(), $domains = array(), $cert_mode = 'issue', &$cronlog = null, &$changedetected = 0)
 	{
 		if (! empty($domains)) {
 			$acmesh_cmd = self::$acmesh . " --auto-upgrade 0 --server " . self::$apiserver . " --" . $cert_mode . " -d " . implode(" -d ", $domains);
 			if ($cert_mode == 'issue') {
@@ -286,7 +274,7 @@ class AcmeSh extends \Froxlor\Cron\FroxlorCron
 				$newcert = openssl_x509_parse($return['crt']);
 				// Store the new data
-					Database::pexecute($updcert_stmt, array(
+				Database::pexecute(self::$updcert_stmt, array(
 					'id' => $certrow['id'],
 					'domainid' => $certrow['domainid'],
 					'crt' => $return['crt'],
@@ -299,7 +287,7 @@ class AcmeSh extends \Froxlor\Cron\FroxlorCron
 				));
 				if ($certrow['ssl_redirect'] == 3) {
-						Database::pexecute($upddom_stmt, array(
+					Database::pexecute(self::$upddom_stmt, array(
 						'domainid' => $certrow['domainid']
 					));
 				}
@@ -309,20 +297,9 @@ class AcmeSh extends \Froxlor\Cron\FroxlorCron
 			} else {
 				$cronlog->logAction(\Froxlor\FroxlorLogger::CRON_ACTION, LOG_ERR, "Could not get Let's Encrypt certificate for " . $certrow['domain'] . ":\n" . implode("\n", $acme_result));
 			}
 			} else {
 				$cronlog->logAction(\Froxlor\FroxlorLogger::CRON_ACTION, LOG_WARNING, "Skipping Let's Encrypt generation for " . $certrow['domain'] . " due to an enabled ssl_redirect");
 		}
 	}
 		// If we have a change in a certificate, we need to update the webserver - configs
 		// This is easiest done by just creating a new task ;)
 		if ($changedetected) {
 			\Froxlor\System\Cronjob::inserttask(1);
 		}
 		FroxlorLogger::getInstanceOf()->logAction(\Froxlor\FroxlorLogger::CRON_ACTION, LOG_INFO, "Let's Encrypt certificates have been updated");
 	}
 	private static function readCertificateToVar($domain, &$return)
 	{
 		$certificate_folder = dirname(self::$acmesh) . "/" . $domain;