From 71593775e2a88741804d56a7c4d6a37c45e5e3bd Mon Sep 17 00:00:00 2001 From: Nigel Kukard Date: Thu, 5 Jan 2017 09:08:49 +0000 Subject: [PATCH 1/3] Fixed syntax issue --- .gitlab-ci.yml | 22 +++++++++++----------- 1 file changed, 11 insertions(+), 11 deletions(-) diff --git a/.gitlab-ci.yml b/.gitlab-ci.yml index 5e3c281..fbda898 100644 --- a/.gitlab-ci.yml +++ b/.gitlab-ci.yml @@ -22,13 +22,13 @@ make-test: script: - export DEBIAN_FRONTEND=noninteractive - # Install IDMS Linux Enterprise + # Install IDMS Linux Enterprise + - apt-get update + - apt-get install -y wget + - echo "deb http://cdn.idms-linux.org/enterprise/ jessie enterprise" > /etc/apt/sources.list.d/idms-linux-enterprise.list + - wget -O "-" -q "https://cdn.idms-linux.org/enterprise/enterprise.asc" | apt-key add "-" + - apt-get update - - apt-get install -y wget - - echo "deb http://cdn.idms-linux.org/enterprise/ jessie enterprise" > /etc/apt/sources.list.d/idms-linux-enterprise.list - - wget -O- -q http://cdn.idms-linux.org/enterprise/enterprise.asc | apt-key add - - - - atp-get update - apt-get dist-upgrade -y - apt-get install -y make - apt-get install -y libdatetime-perl libdatetime-timezone-perl libcrypt-openssl-rsa-perl libcrypt-openssl-x509-perl libjson-perl libwww-perl libcrypt-openssl-pkcs10-perl @@ -43,12 +43,12 @@ make-install: script: - export DEBIAN_FRONTEND=noninteractive - # Install IDMS Linux Enterprise + # Install IDMS Linux Enterprise - apt-get update - - apt-get install -y wget - - echo "deb http://cdn.idms-linux.org/enterprise/ jessie enterprise" > /etc/apt/sources.list.d/idms-linux-enterprise.list - - wget -O- -q http://cdn.idms-linux.org/enterprise/enterprise.asc | apt-key add - - + - apt-get install -y wget + - echo "deb http://cdn.idms-linux.org/enterprise/ jessie enterprise" > /etc/apt/sources.list.d/idms-linux-enterprise.list + - wget -O "-" -q "https://cdn.idms-linux.org/enterprise/enterprise.asc" | apt-key add "-" + - apt-get update - apt-get dist-upgrade -y - apt-get install -y make -- GitLab From 40f4549a295d3204ae53a402ce78daf512be6039 Mon Sep 17 00:00:00 2001 From: Nigel Kukard Date: Thu, 5 Jan 2017 09:55:09 +0000 Subject: [PATCH 2/3] Resolved some issues with perl critic --- awit-certmaster | 19 ++++++++++++++----- 1 file changed, 14 insertions(+), 5 deletions(-) diff --git a/awit-certmaster b/awit-certmaster index 044ee41..0c80b87 100755 --- a/awit-certmaster +++ b/awit-certmaster @@ -114,7 +114,7 @@ sub accountInit # Make sure the dir exists... my $dir = "/etc/awit-certmaster"; if (! -d $dir) { - my @created = make_path($dir,{ 'mode' => 0700 }); + my @created = make_path($dir,{ 'mode' => oct(700) }); } # Check if the dir was created if (! -d $dir) { @@ -245,7 +245,9 @@ sub webserverCheckApache $self->logger("INFO","APACHE: Processing vhost '%s'",$vhostName); # Open config file + ## no critic (RequireBriefOpen) if (open(my $FH,'<',$vhost->{'config'})) { + ## use critic # Read in each line my @serverNames = (); while (my $line = <$FH>) { @@ -341,7 +343,9 @@ sub webserverCheckNginx $self->logger("INFO","NGINX: Processing vhost '%s'",$vhostName); # Open config file + ## no critic (RequireBriefOpen) if (open(my $FH,'<',$vhost->{'config'})) { + ## use critic # Read in each line my @serverNames = (); while (my $line = <$FH>) { @@ -869,7 +873,9 @@ sub _parse_x509_datetime +## no critic (ProhibitMultiplePackages) package AWIT::CertMaster::LetsEncrypt; +## use critic use strict; @@ -915,7 +921,7 @@ END { # CONSTANTS -sub NID_SUBJECT_ALT_NAME { 85; } +sub NID_SUBJECT_ALT_NAME { return 85; } @@ -1483,9 +1489,9 @@ sub leHandleChallenge $self->logger("INFO","LE: - Please add DNS entry: _acme-challenge.%s IN TXT '%s'",$domain,$dnsKey); - print STDERR "Press when its added..."; +# print STDERR "Press when its added..."; - my $something = ; +# my $something = ; # @@ -1525,7 +1531,7 @@ sub leHandleChallenge # Make sure the dir exists... umask(0022); if (! -d $dir) { - my @created = make_path($dir,{ 'mode' => 0755 }); + my @created = make_path($dir,{ 'mode' => oct(755) }); } # Check if the dir was created if (! -d $dir) { @@ -1734,7 +1740,10 @@ sub _leDirectoryLinks +## no critic (ProhibitMultiplePackages) package main; +## use critic + use strict; use warnings; -- GitLab From 36d517e31263d0497c559babdcd58a5e0f8321b6 Mon Sep 17 00:00:00 2001 From: Nigel Kukard Date: Thu, 5 Jan 2017 13:38:13 +0000 Subject: [PATCH 3/3] Added quiet support --- awit-certmaster | 65 ++++++++++++++++++++++++++++++++++++++++--------- 1 file changed, 54 insertions(+), 11 deletions(-) diff --git a/awit-certmaster b/awit-certmaster index 0c80b87..7d59ef9 100755 --- a/awit-certmaster +++ b/awit-certmaster @@ -87,6 +87,7 @@ BEGIN { decode_base64 encode_base64 ); + use POSIX qw(floor ceil); use Sys::Hostname; } @@ -410,7 +411,32 @@ sub logger my ($self,$level,$arg1,@args) = @_; - printf(STDERR '%-7s: '.$arg1."\n",$level,@args); + # Create the log line + my $logLine = sprintf('%-7s: '.$arg1."\n",$level,@args); + + # If we're being quiet save it + if ($self->{'quiet'}) { + push(@{$self->{'_logs'}},$logLine); + } else { + # If not output to console + print(STDERR $logLine); + } + + return; +} + + + +# Function to output logs of warning or higher if we were quiet +sub logger_end +{ + my $self = shift; + + + # If we're being quiet here is where we should output the logs if there were warnings + if ($self->{'quiet'} && grep({/^WARNING/},@{$self->{'_logs'}})) { + print(STDERR @{$self->{'_logs'}}); + } return; } @@ -454,6 +480,11 @@ sub _init $self->{'only_vhosts'} = $opts->{'only_vhosts'}; $self->{'use_dns'} = $opts->{'use_dns'}; + # Only output to console if we have a warning or higher + $self->{'quiet'} = $opts->{'quiet'}; + + # Initialize our log array, just incase we're operating quietly + $self->{'_logs'} = []; return $self; } @@ -512,8 +543,8 @@ sub _webserverCheckCertificates my $remainingTime = $parsedCert->{'notafter'}->epoch() - $now->epoch(); my $daysToExpire = $remainingTime / 86400; # Check remaining time - if ($daysToExpire < 30) { - $self->logger("WARNING","WEBSERVER: - Certificate for vhost '%s' expires in under 30 days, adding to regeneration list",$vhostName); + if ($daysToExpire < 15) { + $self->logger("WARNING","WEBSERVER: - Certificate for vhost '%s' expires in under 15 days, adding to regeneration list",$vhostName); next; } @@ -534,8 +565,8 @@ sub _webserverCheckCertificates next if (@missingDomains); # Output a notice if the cert will be re-applied for in the next 3 days - if ($daysToExpire < 34) { - $self->logger("NOTICE","WEBSERVER: - Certificate for vhost '%s' expires soon, it will be renewed in %s days",$vhostName,$daysToExpire); + if ($daysToExpire < 30) { + $self->logger("NOTICE","WEBSERVER: - Certificate for vhost '%s' expires soon, it will be renewed in %s days",$vhostName,ceil($daysToExpire - 15)); } SKIP: @@ -1754,11 +1785,7 @@ use Getopt::Long; my $NAME = "AWIT-CertMaster"; -our $VERSION = "1.1.2"; - - - -print(STDERR "$NAME v$VERSION - Copyright (c) 2016-2017, AllWorldIT\n\n"); +our $VERSION = "1.1.4"; @@ -1792,6 +1819,12 @@ C provides the below commandline options... =cut +=head2 --quiet + + Operate in quiet mode and only output logs if there was an warning or worse error. + +=cut + =head1 CERT OPTIONS @@ -1843,6 +1876,7 @@ GetOptions(\%optctl, "version", "nginx", "apache", + "quiet", "check-only", "force=s@", @@ -1852,6 +1886,13 @@ GetOptions(\%optctl, "use-dns=s@", ) or exit 1; + +# Display copyright +if (!defined($optctl{'quiet'})) { + print(STDERR "$NAME v$VERSION - Copyright (c) 2016-2017, AllWorldIT\n\n"); +} + + # Check for help if (defined($optctl{'help'})) { displayHelp(); @@ -1873,6 +1914,7 @@ my $cm = AWIT::CertMaster::LetsEncrypt->new({ 'live' => $optctl{'live'}, 'only_vhosts' => $optctl{'only'}, 'use_dns' => $optctl{'use-dns'}, + 'quiet' => $optctl{'quiet'}, }); @@ -1887,7 +1929,7 @@ if ($optctl{'nginx'}) { exit 1; } - +$cm->logger_end(); exit 0; @@ -1913,6 +1955,7 @@ sub displayHelp --version Display version. --nginx Process Nginx vhosts. --apache Process Apache vhosts. + --quiet Only output if warnings are detected. Certificate Functions: -- GitLab