Added custom tls cert support

2023-06-21 21:07:20 +02:00
parent ccae88bb77
commit 4759146d99
4 changed files with 104 additions and 20 deletions
--- a/modoboa_installer/config_dict_template.py
+++ b/modoboa_installer/config_dict_template.py
@@ -30,16 +30,25 @@ ConfigDictTemplate = [
    {
        "name": "certificate",
        "values": [
-            {
-                "option": "generate",
-                "default": "true",
-            },
            {
                "option": "type",
                "default": "self-signed",
                "customizable": True,
                "question": "Please choose your certificate type",
-                "values": ["self-signed", "letsencrypt"],
+                "value_return": ["manual"],
+                "values": ["self-signed", "letsencrypt", "manual"],
+            },
+            {
+                "option": "tls_cert_file_path",
+                "customizable": True,
+                "question": "Please enter your certificate fullchain path",
+                "default": ""
+            },
+            {
+                "option": "tls_key_file_path",
+                "customizable": True,
+                "question": "Please enter your certificate key path",
+                "default": ""
            }
        ],
    },
--- a/modoboa_installer/ssl.py
+++ b/modoboa_installer/ssl.py
@@ -25,6 +25,34 @@ class CertificateBackend(object):
        return True


+class ManualCertification(CertificateBackend):
+    """Use certificate provided."""
+
+    def __init__(self, *args, **kwargs):
+        super().__init__(*args, **kwargs)
+        path_correct = True
+        self.tls_cert_file_path = self.config.get("certificate",
+                                                  "tls_key_file_path")
+        self.tls_key_file_path = self.config.get("certificate",
+                                                 "tls_cert_file_path")
+
+        if not os.path.exists(self.tls_key_file_path):
+            utils.error("'tls_key_file_path' path is not accessible")
+            path_correct = False
+        if not os.path.exists(self.tls_cert_file_path):
+            utils.error("'tls_cert_file_path' path is not accessible")
+            path_correct = False
+
+        if not path_correct:
+            sys.exit(1)
+
+    def generate_cert(self):
+        self.config.set("general", "tls_key_file",
+                        self.tls_key_file_path)
+        self.config.set("general", "tls_cert_file",
+                        self.tls_cert_file_path)
+
+
 class SelfSignedCertificate(CertificateBackend):
    """Create a self signed certificate."""

@@ -119,8 +147,9 @@ class LetsEncryptCertificate(CertificateBackend):

 def get_backend(config):
    """Return the appropriate backend."""
-    if not config.getboolean("certificate", "generate"):
-        return None
-    if config.get("certificate", "type") == "letsencrypt":
+    cert_type = config.get("certificate", "type")
+    if cert_type == "letsencrypt":
        return LetsEncryptCertificate(config)
+    if cert_type == "manual":
+        return ManualCertification(config)
    return SelfSignedCertificate(config)
--- a/modoboa_installer/utils.py
+++ b/modoboa_installer/utils.py
@@ -316,6 +316,19 @@ def get_entry_value(entry, interactive):

        if entry.get("values") and user_value != "":
            user_value = values[int(user_value)]
+
+        condition = (
+            entry.get("value_return") and
+            user_value in entry.get("value_return")
+            )
+        if condition:
+            error(f"{user_value} cannot be set interactively, "
+                  "Please configure installer.cfg manually by running "
+                  "'python3 run.py ----stop-after-configfile-check domain'. "
+                  "Check modoboa-installer Readme for more information."
+                  )
+            sys.exit(1)
+
    return user_value if user_value else default_value