summaryrefslogtreecommitdiff
path: root/src/conf_mode
diff options
context:
space:
mode:
authorJohn Estabrook <jestabro@vyos.io>2020-03-02 21:29:07 -0600
committerJohn Estabrook <jestabro@vyos.io>2020-03-24 15:34:05 -0500
commit11b0c06e47d7b520860944d56f2f76c58177073a (patch)
tree847ffcff680aa0bc017092dd6cd950a56b20c7d0 /src/conf_mode
parent64fbf0865eb47271e27a7e737f5ba2e6bd541292 (diff)
downloadvyos-1x-11b0c06e47d7b520860944d56f2f76c58177073a.tar.gz
vyos-1x-11b0c06e47d7b520860944d56f2f76c58177073a.zip
service https: T2157: Organize server block directives as 'virtual host'
Diffstat (limited to 'src/conf_mode')
-rwxr-xr-xsrc/conf_mode/https.py27
1 files changed, 14 insertions, 13 deletions
diff --git a/src/conf_mode/https.py b/src/conf_mode/https.py
index fcbc3d384..a0fe9cf2f 100755
--- a/src/conf_mode/https.py
+++ b/src/conf_mode/https.py
@@ -18,6 +18,7 @@
import sys
import os
+from copy import deepcopy
import jinja2
@@ -111,22 +112,22 @@ def get_config():
else:
conf.set_level('service https')
- if conf.exists('listen-address'):
- for addr in conf.list_nodes('listen-address'):
- server_block = {'address' : addr}
- server_block['port'] = '443'
- server_block['name'] = ['_']
- if conf.exists('listen-address {0} listen-port'.format(addr)):
- port = conf.return_value('listen-address {0} listen-port'.format(addr))
+ if not conf.exists('virtual-host'):
+ server_block_list.append(default_server_block)
+ else:
+ for vhost in conf.list_nodes('virtual-host'):
+ server_block = deepcopy(default_server_block)
+ if conf.exists(f'virtual-host {vhost} listen-address'):
+ addr = conf.return_value(f'virtual-host {vhost} listen-address')
+ server_block['address'] = addr
+ if conf.exists(f'virtual-host {vhost} listen-port'):
+ port = conf.return_value(f'virtual-host {vhost} listen-port')
server_block['port'] = port
- if conf.exists('listen-address {0} server-name'.format(addr)):
- names = conf.return_values('listen-address {0} server-name'.format(addr))
+ if conf.exists(f'virtual-host {vhost} server-name'):
+ names = conf.return_values(f'virtual-host {vhost} server-name')
server_block['name'] = names[:]
server_block_list.append(server_block)
- if not server_block_list:
- server_block_list.append(default_server_block)
-
vyos_cert_data = {}
if conf.exists('certificates system-generated-certificate'):
vyos_cert_data = vyos.defaults.vyos_cert_data
@@ -170,7 +171,7 @@ def verify(https):
for sb in https['server_block_list']:
if sb['certbot']:
return None
- raise ConfigError("At least one 'listen-address x.x.x.x server-name' "
+ raise ConfigError("At least one 'virtual-host <id> server-name' "
"matching the 'certbot domain-name' is required.")
return None