From 11b0c06e47d7b520860944d56f2f76c58177073a Mon Sep 17 00:00:00 2001 From: John Estabrook Date: Mon, 2 Mar 2020 21:29:07 -0600 Subject: service https: T2157: Organize server block directives as 'virtual host' --- src/conf_mode/https.py | 27 ++++++++++++++------------- 1 file changed, 14 insertions(+), 13 deletions(-) (limited to 'src/conf_mode') diff --git a/src/conf_mode/https.py b/src/conf_mode/https.py index fcbc3d384..a0fe9cf2f 100755 --- a/src/conf_mode/https.py +++ b/src/conf_mode/https.py @@ -18,6 +18,7 @@ import sys import os +from copy import deepcopy import jinja2 @@ -111,22 +112,22 @@ def get_config(): else: conf.set_level('service https') - if conf.exists('listen-address'): - for addr in conf.list_nodes('listen-address'): - server_block = {'address' : addr} - server_block['port'] = '443' - server_block['name'] = ['_'] - if conf.exists('listen-address {0} listen-port'.format(addr)): - port = conf.return_value('listen-address {0} listen-port'.format(addr)) + if not conf.exists('virtual-host'): + server_block_list.append(default_server_block) + else: + for vhost in conf.list_nodes('virtual-host'): + server_block = deepcopy(default_server_block) + if conf.exists(f'virtual-host {vhost} listen-address'): + addr = conf.return_value(f'virtual-host {vhost} listen-address') + server_block['address'] = addr + if conf.exists(f'virtual-host {vhost} listen-port'): + port = conf.return_value(f'virtual-host {vhost} listen-port') server_block['port'] = port - if conf.exists('listen-address {0} server-name'.format(addr)): - names = conf.return_values('listen-address {0} server-name'.format(addr)) + if conf.exists(f'virtual-host {vhost} server-name'): + names = conf.return_values(f'virtual-host {vhost} server-name') server_block['name'] = names[:] server_block_list.append(server_block) - if not server_block_list: - server_block_list.append(default_server_block) - vyos_cert_data = {} if conf.exists('certificates system-generated-certificate'): vyos_cert_data = vyos.defaults.vyos_cert_data @@ -170,7 +171,7 @@ def verify(https): for sb in https['server_block_list']: if sb['certbot']: return None - raise ConfigError("At least one 'listen-address x.x.x.x server-name' " + raise ConfigError("At least one 'virtual-host server-name' " "matching the 'certbot domain-name' is required.") return None -- cgit v1.2.3