You are here

function Provision_Service_Certificate_LetsEncrypt::generate_certificates in Aegir HTTPS 7.3

Generate a self-signed certificate for the provided key.

Because we only generate certificates for sites we make some assumptions based on the uri, but this cert may be replaced by the admin if they already have an existing certificate.

Overrides Provision_Service_Certificate::generate_certificates

File

submodules/letsencrypt/drush/Provision/Service/Certificate/LetsEncrypt.php, line 99

Class

Provision_Service_Certificate_LetsEncrypt
A LetsEncrypt implementation of the Certificate service type.

Code

function generate_certificates($https_key) {
  $path = $this
    ->get_source_path($https_key);
  provision_file()
    ->create_dir($path, dt("HTTPS certificate directory for %https_key", array(
    '%https_key' => $https_key,
  )), 0700);
  $config_file = $this
    ->getConfigFile($this->server->letsencrypt_ca);
  $script_path = $this->server->letsencrypt_script_path;
  $config_path = $this->server->letsencrypt_config_path;
  $drush_alias = escapeshellarg('@' . d()->uri);
  $domain_list = $this
    ->getDomainsString(d());
  $on_remote_server = !provision_is_local_host(d()->platform->web_server->remote_host);
  $le_hook = $script_path . '/dehydrated-hooks.sh';
  $le_options = '--cron --accept-terms';
  if ($on_remote_server) {
    $le_options .= ' --hook ' . $le_hook;
  }
  drush_log(dt("Generating Let's Encrypt certificates."));
  $cmd = "AEGIR_DRUSH_ALIAS={$drush_alias} {$script_path}/script {$le_options} --config {$script_path}/{$config_file} --out {$config_path} {$domain_list}";
  drush_log("Running: " . $cmd, 'notice');
  $result = drush_shell_exec($cmd);
  if ($result) {
    foreach (drush_shell_exec_output() as $line) {
      drush_log($line);
    }
    drush_log(dt("Successfully generated Let's Encrypt certificates."), 'success');
  }
  else {
    foreach (drush_shell_exec_output() as $line) {
      drush_log($line, 'warning');
    }
    if (drush_get_option('hosting_https_fail_task_if_certificate_fails', FALSE)) {
      drush_set_error('HTTPS_CERT_GEN_FAIL', dt("Failed to generate Let's Encrypt certificates."));
    }
    else {
      drush_log(dt("Failed to generate Let's Encrypt certificates."), 'warning');
    }
  }
}