mirror of
https://github.com/mail-in-a-box/mailinabox.git
synced 2024-11-26 02:57:04 +00:00
merge functions get_web_domains and get_default_www_redirects
This commit is contained in:
parent
be9efe0273
commit
808522d895
@ -326,12 +326,12 @@ def ssl_get_csr(domain):
|
|||||||
@app.route('/ssl/install', methods=['POST'])
|
@app.route('/ssl/install', methods=['POST'])
|
||||||
@authorized_personnel_only
|
@authorized_personnel_only
|
||||||
def ssl_install_cert():
|
def ssl_install_cert():
|
||||||
from web_update import get_web_domains, get_default_www_redirects
|
from web_update import get_web_domains
|
||||||
from ssl_certificates import install_cert
|
from ssl_certificates import install_cert
|
||||||
domain = request.form.get('domain')
|
domain = request.form.get('domain')
|
||||||
ssl_cert = request.form.get('cert')
|
ssl_cert = request.form.get('cert')
|
||||||
ssl_chain = request.form.get('chain')
|
ssl_chain = request.form.get('chain')
|
||||||
if domain not in get_web_domains(env) + get_default_www_redirects(env):
|
if domain not in get_web_domains(env):
|
||||||
return "Invalid domain name."
|
return "Invalid domain name."
|
||||||
return install_cert(domain, ssl_cert, ssl_chain, env)
|
return install_cert(domain, ssl_cert, ssl_chain, env)
|
||||||
|
|
||||||
|
@ -57,8 +57,8 @@ def do_dns_update(env, force=False):
|
|||||||
|
|
||||||
# Custom records to add to zones.
|
# Custom records to add to zones.
|
||||||
additional_records = list(get_custom_dns_config(env))
|
additional_records = list(get_custom_dns_config(env))
|
||||||
from web_update import get_default_www_redirects
|
from web_update import get_web_domains
|
||||||
www_redirect_domains = get_default_www_redirects(env)
|
www_redirect_domains = set(get_web_domains(env)) - set(get_web_domains(env, include_www_redirects=False))
|
||||||
|
|
||||||
# Write zone files.
|
# Write zone files.
|
||||||
os.makedirs('/etc/nsd/zones', exist_ok=True)
|
os.makedirs('/etc/nsd/zones', exist_ok=True)
|
||||||
@ -907,8 +907,8 @@ def build_recommended_dns(env):
|
|||||||
domains = get_dns_domains(env)
|
domains = get_dns_domains(env)
|
||||||
zonefiles = get_dns_zones(env)
|
zonefiles = get_dns_zones(env)
|
||||||
additional_records = list(get_custom_dns_config(env))
|
additional_records = list(get_custom_dns_config(env))
|
||||||
from web_update import get_default_www_redirects
|
from web_update import get_web_domains
|
||||||
www_redirect_domains = get_default_www_redirects(env)
|
www_redirect_domains = set(get_web_domains(env)) - set(get_web_domains(env, include_www_redirects=False))
|
||||||
for domain, zonefile in zonefiles:
|
for domain, zonefile in zonefiles:
|
||||||
records = build_zone(domain, domains, additional_records, www_redirect_domains, env)
|
records = build_zone(domain, domains, additional_records, www_redirect_domains, env)
|
||||||
|
|
||||||
|
@ -11,7 +11,7 @@ import dateutil.parser, dateutil.tz
|
|||||||
import idna
|
import idna
|
||||||
|
|
||||||
from dns_update import get_dns_zones, build_tlsa_record, get_custom_dns_config, get_secondary_dns, get_custom_dns_record
|
from dns_update import get_dns_zones, build_tlsa_record, get_custom_dns_config, get_secondary_dns, get_custom_dns_record
|
||||||
from web_update import get_web_domains, get_default_www_redirects, get_domains_with_a_records
|
from web_update import get_web_domains, get_domains_with_a_records
|
||||||
from ssl_certificates import get_ssl_certificates, get_domain_ssl_files, check_certificate
|
from ssl_certificates import get_ssl_certificates, get_domain_ssl_files, check_certificate
|
||||||
from mailconfig import get_mail_domains, get_mail_aliases
|
from mailconfig import get_mail_domains, get_mail_aliases
|
||||||
|
|
||||||
@ -240,7 +240,7 @@ def run_domain_checks(rounded_time, env, output, pool):
|
|||||||
dns_domains = set(dns_zonefiles)
|
dns_domains = set(dns_zonefiles)
|
||||||
|
|
||||||
# Get the list of domains we serve HTTPS for.
|
# Get the list of domains we serve HTTPS for.
|
||||||
web_domains = set(get_web_domains(env) + get_default_www_redirects(env))
|
web_domains = set(get_web_domains(env))
|
||||||
|
|
||||||
domains_to_check = mail_domains | dns_domains | web_domains
|
domains_to_check = mail_domains | dns_domains | web_domains
|
||||||
|
|
||||||
|
@ -254,10 +254,8 @@ def fix_boto():
|
|||||||
|
|
||||||
|
|
||||||
if __name__ == "__main__":
|
if __name__ == "__main__":
|
||||||
from dns_update import get_dns_domains
|
from web_update import get_web_domains
|
||||||
from web_update import get_web_domains, get_default_www_redirects
|
|
||||||
env = load_environment()
|
env = load_environment()
|
||||||
domains = get_dns_domains(env) | set(get_web_domains(env) + get_default_www_redirects(env))
|
domains = get_web_domains(env)
|
||||||
domains = sort_domains(domains, env)
|
|
||||||
for domain in domains:
|
for domain in domains:
|
||||||
print(domain)
|
print(domain)
|
||||||
|
@ -9,20 +9,29 @@ from dns_update import get_custom_dns_config, get_dns_zones
|
|||||||
from ssl_certificates import get_ssl_certificates, get_domain_ssl_files, check_certificate
|
from ssl_certificates import get_ssl_certificates, get_domain_ssl_files, check_certificate
|
||||||
from utils import shell, safe_domain_name, sort_domains
|
from utils import shell, safe_domain_name, sort_domains
|
||||||
|
|
||||||
def get_web_domains(env):
|
def get_web_domains(env, include_www_redirects=True):
|
||||||
# What domains should we serve websites for?
|
# What domains should we serve HTTP(S) for?
|
||||||
domains = set()
|
domains = set()
|
||||||
|
|
||||||
# At the least it's the PRIMARY_HOSTNAME so we can serve webmail
|
# Serve web for all mail domains so that we might at least
|
||||||
# as well as Z-Push for Exchange ActiveSync.
|
|
||||||
domains.add(env['PRIMARY_HOSTNAME'])
|
|
||||||
|
|
||||||
# Also serve web for all mail domains so that we might at least
|
|
||||||
# provide auto-discover of email settings, and also a static website
|
# provide auto-discover of email settings, and also a static website
|
||||||
# if the user wants to make one. These will require an SSL cert.
|
# if the user wants to make one.
|
||||||
|
domains |= get_mail_domains(env)
|
||||||
|
|
||||||
|
if include_www_redirects:
|
||||||
|
# Add 'www.' subdomains that we want to provide default redirects
|
||||||
|
# to the main domain for. We'll add 'www.' to any DNS zones, i.e.
|
||||||
|
# the topmost of each domain we serve.
|
||||||
|
domains |= set('www.' + zone for zone, zonefile in get_dns_zones(env))
|
||||||
|
|
||||||
# ...Unless the domain has an A/AAAA record that maps it to a different
|
# ...Unless the domain has an A/AAAA record that maps it to a different
|
||||||
# IP address than this box. Remove those domains from our list.
|
# IP address than this box. Remove those domains from our list.
|
||||||
domains |= (get_mail_domains(env) - get_domains_with_a_records(env))
|
domains -= get_domains_with_a_records(env)
|
||||||
|
|
||||||
|
# Ensure the PRIMARY_HOSTNAME is in the list so we can serve webmail
|
||||||
|
# as well as Z-Push for Exchange ActiveSync. This can't be removed
|
||||||
|
# by a custom A/AAAA record and is never a 'www.' redirect.
|
||||||
|
domains.add(env['PRIMARY_HOSTNAME'])
|
||||||
|
|
||||||
# Sort the list so the nginx conf gets written in a stable order.
|
# Sort the list so the nginx conf gets written in a stable order.
|
||||||
domains = sort_domains(domains, env)
|
domains = sort_domains(domains, env)
|
||||||
@ -51,15 +60,6 @@ def get_web_domains_with_root_overrides(env):
|
|||||||
root_overrides[domain] = (type, value)
|
root_overrides[domain] = (type, value)
|
||||||
return root_overrides
|
return root_overrides
|
||||||
|
|
||||||
|
|
||||||
def get_default_www_redirects(env):
|
|
||||||
# Returns a list of www subdomains that we want to provide default redirects
|
|
||||||
# for, i.e. any www's that aren't domains the user has actually configured
|
|
||||||
# to serve for real. Which would be unusual.
|
|
||||||
web_domains = set(get_web_domains(env))
|
|
||||||
www_domains = set('www.' + zone for zone, zonefile in get_dns_zones(env))
|
|
||||||
return sort_domains(www_domains - web_domains - get_domains_with_a_records(env), env)
|
|
||||||
|
|
||||||
def do_web_update(env):
|
def do_web_update(env):
|
||||||
# Pre-load what SSL certificates we will use for each domain.
|
# Pre-load what SSL certificates we will use for each domain.
|
||||||
ssl_certificates = get_ssl_certificates(env)
|
ssl_certificates = get_ssl_certificates(env)
|
||||||
@ -78,15 +78,19 @@ def do_web_update(env):
|
|||||||
|
|
||||||
# Add configuration all other web domains.
|
# Add configuration all other web domains.
|
||||||
has_root_proxy_or_redirect = get_web_domains_with_root_overrides(env)
|
has_root_proxy_or_redirect = get_web_domains_with_root_overrides(env)
|
||||||
|
web_domains_not_redirect = get_web_domains(env, include_www_redirects=False)
|
||||||
for domain in get_web_domains(env):
|
for domain in get_web_domains(env):
|
||||||
if domain == env['PRIMARY_HOSTNAME']: continue # handled above
|
if domain == env['PRIMARY_HOSTNAME']:
|
||||||
|
# PRIMARY_HOSTNAME is handled above.
|
||||||
|
continue
|
||||||
|
if domain in web_domains_not_redirect:
|
||||||
|
# This is a regular domain.
|
||||||
if domain not in has_root_proxy_or_redirect:
|
if domain not in has_root_proxy_or_redirect:
|
||||||
nginx_conf += make_domain_config(domain, [template0, template1], ssl_certificates, env)
|
nginx_conf += make_domain_config(domain, [template0, template1], ssl_certificates, env)
|
||||||
else:
|
else:
|
||||||
nginx_conf += make_domain_config(domain, [template0], ssl_certificates, env)
|
nginx_conf += make_domain_config(domain, [template0], ssl_certificates, env)
|
||||||
|
else:
|
||||||
# Add default www redirects.
|
# Add default 'www.' redirect.
|
||||||
for domain in get_default_www_redirects(env):
|
|
||||||
nginx_conf += make_domain_config(domain, [template0, template3], ssl_certificates, env)
|
nginx_conf += make_domain_config(domain, [template0, template3], ssl_certificates, env)
|
||||||
|
|
||||||
# Did the file change? If not, don't bother writing & restarting nginx.
|
# Did the file change? If not, don't bother writing & restarting nginx.
|
||||||
@ -187,7 +191,8 @@ def get_web_root(domain, env, test_exists=True):
|
|||||||
return root
|
return root
|
||||||
|
|
||||||
def get_web_domains_info(env):
|
def get_web_domains_info(env):
|
||||||
has_root_proxy_or_redirect = get_web_domains_with_root_overrides(env)
|
www_redirects = set(get_web_domains(env)) - set(get_web_domains(env, include_www_redirects=False))
|
||||||
|
has_root_proxy_or_redirect = set(get_web_domains_with_root_overrides(env))
|
||||||
|
|
||||||
# for the SSL config panel, get cert status
|
# for the SSL config panel, get cert status
|
||||||
def check_cert(domain):
|
def check_cert(domain):
|
||||||
@ -213,15 +218,7 @@ def get_web_domains_info(env):
|
|||||||
"root": get_web_root(domain, env),
|
"root": get_web_root(domain, env),
|
||||||
"custom_root": get_web_root(domain, env, test_exists=False),
|
"custom_root": get_web_root(domain, env, test_exists=False),
|
||||||
"ssl_certificate": check_cert(domain),
|
"ssl_certificate": check_cert(domain),
|
||||||
"static_enabled": domain not in has_root_proxy_or_redirect,
|
"static_enabled": domain not in (www_redirects | has_root_proxy_or_redirect),
|
||||||
}
|
}
|
||||||
for domain in get_web_domains(env)
|
for domain in get_web_domains(env)
|
||||||
] + \
|
|
||||||
[
|
|
||||||
{
|
|
||||||
"domain": domain,
|
|
||||||
"ssl_certificate": check_cert(domain),
|
|
||||||
"static_enabled": False,
|
|
||||||
}
|
|
||||||
for domain in get_default_www_redirects(env)
|
|
||||||
]
|
]
|
Loading…
Reference in New Issue
Block a user