diff options
author | John Estabrook <jestabro@vyos.io> | 2020-03-02 21:29:07 -0600 |
---|---|---|
committer | John Estabrook <jestabro@vyos.io> | 2020-03-24 15:34:05 -0500 |
commit | 11b0c06e47d7b520860944d56f2f76c58177073a (patch) | |
tree | 847ffcff680aa0bc017092dd6cd950a56b20c7d0 /src/conf_mode | |
parent | 64fbf0865eb47271e27a7e737f5ba2e6bd541292 (diff) | |
download | vyos-1x-11b0c06e47d7b520860944d56f2f76c58177073a.tar.gz vyos-1x-11b0c06e47d7b520860944d56f2f76c58177073a.zip |
service https: T2157: Organize server block directives as 'virtual host'
Diffstat (limited to 'src/conf_mode')
-rwxr-xr-x | src/conf_mode/https.py | 27 |
1 files changed, 14 insertions, 13 deletions
diff --git a/src/conf_mode/https.py b/src/conf_mode/https.py index fcbc3d384..a0fe9cf2f 100755 --- a/src/conf_mode/https.py +++ b/src/conf_mode/https.py @@ -18,6 +18,7 @@ import sys import os +from copy import deepcopy import jinja2 @@ -111,22 +112,22 @@ def get_config(): else: conf.set_level('service https') - if conf.exists('listen-address'): - for addr in conf.list_nodes('listen-address'): - server_block = {'address' : addr} - server_block['port'] = '443' - server_block['name'] = ['_'] - if conf.exists('listen-address {0} listen-port'.format(addr)): - port = conf.return_value('listen-address {0} listen-port'.format(addr)) + if not conf.exists('virtual-host'): + server_block_list.append(default_server_block) + else: + for vhost in conf.list_nodes('virtual-host'): + server_block = deepcopy(default_server_block) + if conf.exists(f'virtual-host {vhost} listen-address'): + addr = conf.return_value(f'virtual-host {vhost} listen-address') + server_block['address'] = addr + if conf.exists(f'virtual-host {vhost} listen-port'): + port = conf.return_value(f'virtual-host {vhost} listen-port') server_block['port'] = port - if conf.exists('listen-address {0} server-name'.format(addr)): - names = conf.return_values('listen-address {0} server-name'.format(addr)) + if conf.exists(f'virtual-host {vhost} server-name'): + names = conf.return_values(f'virtual-host {vhost} server-name') server_block['name'] = names[:] server_block_list.append(server_block) - if not server_block_list: - server_block_list.append(default_server_block) - vyos_cert_data = {} if conf.exists('certificates system-generated-certificate'): vyos_cert_data = vyos.defaults.vyos_cert_data @@ -170,7 +171,7 @@ def verify(https): for sb in https['server_block_list']: if sb['certbot']: return None - raise ConfigError("At least one 'listen-address x.x.x.x server-name' " + raise ConfigError("At least one 'virtual-host <id> server-name' " "matching the 'certbot domain-name' is required.") return None |