⚝
One Hat Cyber Team
⚝
Your IP:
216.73.216.74
Server IP:
104.21.16.1
Server:
Linux vmi2315822.contaboserver.net 5.15.0-134-generic #145-Ubuntu SMP Wed Feb 12 20:08:39 UTC 2025 x86_64
Server Software:
LiteSpeed
PHP Version:
8.3.21
Buat File
|
Buat Folder
Eksekusi
Dir :
~
/
usr
/
local
/
CyberCP
/
plogical
/
View File Name :
renew.py
#!/usr/local/CyberCP/bin/python import os import os.path import sys import django from typing import Union, Optional from datetime import datetime, timedelta import time sys.path.append('/usr/local/CyberCP') os.environ.setdefault("DJANGO_SETTINGS_MODULE", "CyberCP.settings") django.setup() from plogical.CyberCPLogFileWriter import CyberCPLogFileWriter as logging from websiteFunctions.models import Websites, ChildDomains import OpenSSL from plogical.virtualHostUtilities import virtualHostUtilities from plogical.processUtilities import ProcessUtilities class Renew: def _check_and_renew_ssl(self, domain: str, path: str, admin_email: str, is_child: bool = False) -> None: """Helper method to check and renew SSL for a domain.""" try: logging.writeToFile(f'Checking SSL for {domain}.', 0) file_path = f'/etc/letsencrypt/live/{domain}/fullchain.pem' if not os.path.exists(file_path): logging.writeToFile(f'SSL does not exist for {domain}. Obtaining now..', 0) virtualHostUtilities.issueSSL(domain, path, admin_email) return logging.writeToFile(f'SSL exists for {domain}. Checking if SSL will expire in 15 days..', 0) with open(file_path, 'r') as cert_file: x509 = OpenSSL.crypto.load_certificate(OpenSSL.crypto.FILETYPE_PEM, cert_file.read()) expire_data = x509.get_notAfter().decode('ascii') final_date = datetime.strptime(expire_data, '%Y%m%d%H%M%SZ') now = datetime.now() diff = final_date - now ssl_provider = x509.get_issuer().get_components()[1][1].decode('utf-8') logging.writeToFile(f'Provider: {ssl_provider}, Days until expiration: {diff.days}', 0) if diff.days >= 15 and ssl_provider != 'Denial': logging.writeToFile(f'SSL exists for {domain} and is not ready to renew, skipping..', 0) return if ssl_provider == 'Denial' or ssl_provider == "Let's Encrypt": logging.writeToFile(f'SSL exists for {domain} and ready to renew..', 0) logging.writeToFile(f'Renewing SSL for {domain}..', 0) virtualHostUtilities.issueSSL(domain, path, admin_email) elif ssl_provider != "Let's Encrypt": logging.writeToFile(f'Custom SSL exists for {domain} and ready to renew..', 1) except OpenSSL.crypto.Error as e: logging.writeToFile(f'OpenSSL error for {domain}: {str(e)}', 1) except Exception as e: logging.writeToFile(f'Error processing SSL for {domain}: {str(e)}', 1) def _restart_services(self) -> None: """Helper method to restart required services.""" try: logging.writeToFile('Restarting mail services for them to see new SSL.', 0) commands = [ 'postmap -F hash:/etc/postfix/vmail_ssl.map', 'systemctl restart postfix', 'systemctl restart dovecot', 'systemctl restart lscpd' ] for cmd in commands: ProcessUtilities.normalExecutioner(cmd) # Add a small delay between restarts time.sleep(2) except Exception as e: logging.writeToFile(f'Error restarting services: {str(e)}', 1) def SSLObtainer(self): try: logging.writeToFile('Running SSL Renew Utility') # Process main domains for website in Websites.objects.filter(state=1): self._check_and_renew_ssl( website.domain, f'/home/{website.domain}/public_html', website.adminEmail ) # Process child domains for child in ChildDomains.objects.all(): self._check_and_renew_ssl( child.domain, child.path, child.master.adminEmail, is_child=True ) self._restart_services() except Exception as e: logging.writeToFile(f'Error in SSLObtainer: {str(e)}', 1) @staticmethod def FixMailSSL(): try: for website in Websites.objects.all(): virtualHostUtilities.setupAutoDiscover(1, '/home/cyberpanel/templogs', website.domain, website.admin) except Exception as e: logging.writeToFile(f'Error in FixMailSSL: {str(e)}', 1) if __name__ == "__main__": sslOB = Renew() sslOB.SSLObtainer()