mirror of
https://github.com/bunkerity/bunkerweb
synced 2026-05-24 09:28:37 +00:00
Refactor certificate removal logic and add option to clear old let's encrypt certificates
This commit is contained in:
Théophile Diot
parent
6dd8d2c0cd
commit
1a2f23c5ac
2 changed files with 18 additions and 7 deletions
|
|
@ -168,13 +168,15 @@ try:
|
|||
LOGGER.info(f"Certificate generation succeeded for domain(s) : {domains}")
|
||||
|
||||
# Remove old certificates
|
||||
for elem in chain(DATA_PATH.glob("archive/*"), DATA_PATH.glob("live/*"), DATA_PATH.glob("renewal/*")):
|
||||
if elem.name.replace(".conf", "") not in generated_domains:
|
||||
LOGGER.debug(f"Removing old certificate {elem}")
|
||||
if elem.is_dir():
|
||||
rmtree(elem, ignore_errors=True)
|
||||
else:
|
||||
elem.unlink(missing_ok=True)
|
||||
if getenv("LETS_ENCRYPT_CLEAR_OLD_CERTS", "no") == "yes":
|
||||
LOGGER.info("Clear old certificates is activated, removing old / no longer used certificates...")
|
||||
for elem in chain(DATA_PATH.glob("archive/*"), DATA_PATH.glob("live/*"), DATA_PATH.glob("renewal/*")):
|
||||
if elem.name.replace(".conf", "") not in generated_domains:
|
||||
LOGGER.warning(f"Removing old certificate {elem}")
|
||||
if elem.is_dir():
|
||||
rmtree(elem, ignore_errors=True)
|
||||
else:
|
||||
elem.unlink(missing_ok=True)
|
||||
|
||||
# Save Let's Encrypt data to db cache
|
||||
if DATA_PATH.is_dir() and list(DATA_PATH.iterdir()):
|
||||
|
|
|
|||
|
|
@ -31,6 +31,15 @@
|
|||
"label": "Use Let's Encrypt Staging",
|
||||
"regex": "^(yes|no)$",
|
||||
"type": "check"
|
||||
},
|
||||
"LETS_ENCRYPT_CLEAR_OLD_CERTS": {
|
||||
"context": "global",
|
||||
"default": "no",
|
||||
"help": "Clear old certificates when renewing.",
|
||||
"id": "lets-encrypt-clear-old-certs",
|
||||
"label": "Clear old certificates when they are no longer needed",
|
||||
"regex": "^(yes|no)$",
|
||||
"type": "check"
|
||||
}
|
||||
},
|
||||
"jobs": [
|
||||
|
|
|
|||
Loading…
Reference in a new issue