summaryrefslogtreecommitdiff
path: root/src/conf_mode/https.py
diff options
context:
space:
mode:
authorChristian Poessinger <christian@poessinger.com>2021-12-06 20:57:20 +0100
committerChristian Poessinger <christian@poessinger.com>2021-12-06 20:57:20 +0100
commit955f260ce682d64d27b3b11e618b1ae0176e4b91 (patch)
treeae835bd23113b0fadfb96ba41bfd4d8a1149d049 /src/conf_mode/https.py
parent93b7c5f60ebe4d29ecde33db03b0eec8495ff104 (diff)
downloadvyos-1x-955f260ce682d64d27b3b11e618b1ae0176e4b91.tar.gz
vyos-1x-955f260ce682d64d27b3b11e618b1ae0176e4b91.zip
https: T4055: add vrf support
Diffstat (limited to 'src/conf_mode/https.py')
-rwxr-xr-xsrc/conf_mode/https.py8
1 files changed, 7 insertions, 1 deletions
diff --git a/src/conf_mode/https.py b/src/conf_mode/https.py
index 86c6cd1b9..cd5073aa2 100755
--- a/src/conf_mode/https.py
+++ b/src/conf_mode/https.py
@@ -23,6 +23,7 @@ import vyos.defaults
import vyos.certbot_util
from vyos.config import Config
+from vyos.configverify import verify_vrf
from vyos import ConfigError
from vyos.pki import wrap_certificate
from vyos.pki import wrap_private_key
@@ -34,6 +35,7 @@ from vyos import airbag
airbag.enable()
config_file = '/etc/nginx/sites-available/default'
+systemd_override = r'/etc/systemd/system/nginx.service.d/override.conf'
cert_dir = '/etc/ssl/certs'
key_dir = '/etc/ssl/private'
certbot_dir = vyos.defaults.directories['certbot']
@@ -103,6 +105,8 @@ def verify(https):
if not domains_found:
raise ConfigError("At least one 'virtual-host <id> server-name' "
"matching the 'certbot domain-name' is required.")
+
+ verify_vrf(https)
return None
def generate(https):
@@ -208,10 +212,12 @@ def generate(https):
}
render(config_file, 'https/nginx.default.tmpl', data)
-
+ render(systemd_override, 'https/override.conf.tmpl', https)
return None
def apply(https):
+ # Reload systemd manager configuration
+ call('systemctl daemon-reload')
if https is not None:
call('systemctl restart nginx.service')
else: