migrate the SSL certificates path for non-primary certs to a new layout using a new migration script

management/mailconfig.py

@@ -88,7 +88,7 @@ def add_mail_user(email, pw, env):
 	if not os.path.exists(user_mail_dir):
 		os.makedirs(user_mail_dir)
 		os.chown(user_mail_dir, maildirstat.st_uid, maildirstat.st_gid)
-	shutil.copyfile(env["CONF_DIR"] + "/dovecot_sieve.txt", user_mail_dir + "/.dovecot.sieve")
+	shutil.copyfile(utils.CONF_DIR + "/dovecot_sieve.txt", user_mail_dir + "/.dovecot.sieve")
 	os.chown(user_mail_dir + "/.dovecot.sieve", maildirstat.st_uid, maildirstat.st_gid)
 
 	# Update DNS in case any new domains are added.

management/utils.py

@@ -1,16 +1,23 @@
+import os.path
+
+CONF_DIR = os.path.join(os.path.dirname(__file__), "../conf")
+
 def load_environment():
     # Load settings from /etc/mailinabox.conf.
-    import os.path
-    env = load_env_vars_from_file("/etc/mailinabox.conf")
-    env["CONF_DIR"] = os.path.join(os.path.dirname(__file__), "../conf")
-    return env
+    return load_env_vars_from_file("/etc/mailinabox.conf")
 
 def load_env_vars_from_file(fn):
     # Load settings from a KEY=VALUE file.
-    env = { }
+    import collections
+    env = collections.OrderedDict()
     for line in open(fn): env.setdefault(*line.strip().split("=", 1))
     return env
 
+def save_environment(env):
+    with open("/etc/mailinabox.conf", "w") as f:
+        for k, v in env.items():
+            f.write("%s=%s\n" % (k, v))
+
 def safe_domain_name(name):
     # Sanitize a domain name so it is safe to use as a file name on disk.
     import urllib.parse

management/web_update.py

@@ -75,7 +75,7 @@ def get_domain_ssl_files(domain, env):
 	# Don't allow the user to override the key for PRIMARY_HOSTNAME because
 	# that's what's in the main file.
 	ssl_key = os.path.join(env["STORAGE_ROOT"], 'ssl/ssl_private_key.pem')
-	alt_key = os.path.join(env["STORAGE_ROOT"], 'ssl/domains/%s_private_key.pem' % safe_domain_name(domain))
+	alt_key = os.path.join(env["STORAGE_ROOT"], 'ssl/%s/private_key.pem' % safe_domain_name(domain))
 	if domain != env['PRIMARY_HOSTNAME'] and os.path.exists(alt_key):
 		ssl_key = alt_key
 
@@ -85,14 +85,14 @@ def get_domain_ssl_files(domain, env):
 	if domain == env['PRIMARY_HOSTNAME']:
 		ssl_certificate = os.path.join(env["STORAGE_ROOT"], 'ssl/ssl_certificate.pem')
 	else:
-		ssl_certificate = os.path.join(env["STORAGE_ROOT"], 'ssl/domains/%s_certifiate.pem' % safe_domain_name(domain))
+		ssl_certificate = os.path.join(env["STORAGE_ROOT"], 'ssl/%s/ssl_certificate.pem' % safe_domain_name(domain))
 
 	# Where would the CSR go? As with the SSL cert itself, the CSR must be
 	# different for each domain name.
 	if domain == env['PRIMARY_HOSTNAME']:
 		csr_path = os.path.join(env["STORAGE_ROOT"], 'ssl/ssl_cert_sign_req.csr')
 	else:
-		csr_path = os.path.join(env["STORAGE_ROOT"], 'ssl/domains/%s_cert_sign_req.csr' % safe_domain_name(domain))
+		csr_path = os.path.join(env["STORAGE_ROOT"], 'ssl/%s/certificate_signing_request.csr' % safe_domain_name(domain))
 
 	return ssl_key, ssl_certificate, csr_path