117 lines
3.0 KiB
Go
117 lines
3.0 KiB
Go
package commands
|
|
|
|
import (
|
|
"fmt"
|
|
"os"
|
|
"os/exec"
|
|
"os/user"
|
|
"strconv"
|
|
"strings"
|
|
|
|
"git.nevets.tech/Keys/CertManager/internal"
|
|
)
|
|
|
|
func NewDomainCmd(domain, domainDir string, dirOverridden bool) error {
|
|
//TODO add config option for "overriden dir"
|
|
err := internal.LoadConfig()
|
|
if err != nil {
|
|
return err
|
|
}
|
|
|
|
fmt.Printf("Creating new domain %s\n", domain)
|
|
err = internal.CreateDomainConfig(domain)
|
|
if err != nil {
|
|
return err
|
|
}
|
|
internal.CreateDomainCertsDir(domain, domainDir, dirOverridden)
|
|
|
|
certmanUser, err := user.Lookup("certman")
|
|
if err != nil {
|
|
return fmt.Errorf("error getting user certman: %v", err)
|
|
}
|
|
uid, err := strconv.Atoi(strings.TrimSpace(certmanUser.Uid))
|
|
if err != nil {
|
|
return err
|
|
}
|
|
gid, err := strconv.Atoi(strings.TrimSpace(certmanUser.Gid))
|
|
if err != nil {
|
|
return err
|
|
}
|
|
err = internal.ChownRecursive("/etc/certman/domains", uid, gid)
|
|
if err != nil {
|
|
return err
|
|
}
|
|
err = internal.ChownRecursive("/var/local/certman", uid, gid)
|
|
if err != nil {
|
|
return err
|
|
}
|
|
|
|
fmt.Println("Successfully created domain entry for " + domain + "\nUpdate config file as needed in /etc/certman/domains/" + domain + ".conf\n")
|
|
return nil
|
|
}
|
|
|
|
func InstallCmd(isThin bool, mode string) error {
|
|
if !isThin {
|
|
if os.Geteuid() != 0 {
|
|
return fmt.Errorf("installation must be run as root")
|
|
}
|
|
|
|
internal.MakeDirs()
|
|
internal.CreateConfig(mode)
|
|
|
|
err := internal.LoadConfig()
|
|
if err != nil {
|
|
return err
|
|
}
|
|
|
|
f, err := os.OpenFile("/var/run/certman.pid", os.O_RDONLY|os.O_CREATE, 0755)
|
|
if err != nil {
|
|
return fmt.Errorf("error creating pid file: %v", err)
|
|
}
|
|
err = f.Close()
|
|
if err != nil {
|
|
return fmt.Errorf("error closing pid file: %v", err)
|
|
}
|
|
|
|
newUserCmd := exec.Command("useradd", "-d", "/var/local/certman", "-U", "-r", "-s", "/sbin/nologin", "certman")
|
|
if output, err := newUserCmd.CombinedOutput(); err != nil {
|
|
if !strings.Contains(err.Error(), "exit status 9") {
|
|
return fmt.Errorf("error creating user: %v: output %s", err, output)
|
|
}
|
|
}
|
|
newGroupCmd := exec.Command("groupadd", "-r", "-U", "certman", "certsock")
|
|
if output, err := newGroupCmd.CombinedOutput(); err != nil {
|
|
if !strings.Contains(err.Error(), "exit status 9") {
|
|
return fmt.Errorf("error creating group: %v: output %s", err, output)
|
|
}
|
|
}
|
|
certmanUser, err := user.Lookup("certman")
|
|
if err != nil {
|
|
return fmt.Errorf("error getting user certman: %v", err)
|
|
}
|
|
uid, err := strconv.Atoi(strings.TrimSpace(certmanUser.Uid))
|
|
if err != nil {
|
|
return err
|
|
}
|
|
gid, err := strconv.Atoi(strings.TrimSpace(certmanUser.Gid))
|
|
if err != nil {
|
|
return err
|
|
}
|
|
err = internal.ChownRecursive("/etc/certman", uid, gid)
|
|
if err != nil {
|
|
return fmt.Errorf("error changing uid/gid: %v", err)
|
|
}
|
|
err = internal.ChownRecursive("/var/local/certman", uid, gid)
|
|
if err != nil {
|
|
return fmt.Errorf("error changing uid/gid: %v", err)
|
|
}
|
|
err = os.Chown("/var/run/certman.pid", uid, gid)
|
|
if err != nil {
|
|
return fmt.Errorf("error changing uid/gid: %v", err)
|
|
}
|
|
} else {
|
|
internal.CreateConfig(mode)
|
|
}
|
|
return nil
|
|
}
|