From 72f7d25a69b6ed41a15eef973f9fbb821931c901 Mon Sep 17 00:00:00 2001 From: Mike Crute Date: Tue, 18 Jul 2017 03:35:52 +0000 Subject: Initial import --- manage.py | 64 +++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++ 1 file changed, 64 insertions(+) create mode 100755 manage.py (limited to 'manage.py') diff --git a/manage.py b/manage.py new file mode 100755 index 0000000..8838a1e --- /dev/null +++ b/manage.py @@ -0,0 +1,64 @@ +#!/usr/bin/env python + +import os +import sys +import socket +from OpenSSL import crypto +from OpenSSL.crypto import PKey, X509 + +from server import app + + +VAR_PATH = "var" +LOG_PATH = os.path.join(VAR_PATH, "log") +KEY_PATH = os.path.join(VAR_PATH, "ssl-key.pem") +CERT_PATH = os.path.join(VAR_PATH, "ssl-cert.pem") + + +def generate_cert(serial=1): + ca = X509() + ca.set_version(2) + ca.set_serial_number(serial) + ca.get_subject().CN = socket.getfqdn() + ca.gmtime_adj_notBefore(0) + ca.gmtime_adj_notAfter(24 * 60 * 60) + ca.set_issuer(ca.get_subject()) + ca.set_pubkey(key) + ca.sign(key, "sha256") + + with open(CERT_PATH, "wb") as fp: + fp.write(crypto.dump_certificate(crypto.FILETYPE_PEM, ca)) + + +if not os.path.exists(VAR_PATH): + os.mkdir(VAR_PATH) + +if not os.path.exists(LOG_PATH): + os.mkdir(LOG_PATH) + +if not os.path.exists(KEY_PATH): + key = PKey() + key.generate_key(crypto.TYPE_RSA, 2048) + + with open(KEY_PATH, "wb") as fp: + os.chmod(KEY_PATH, 0o600) + fp.write(crypto.dump_privatekey(crypto.FILETYPE_PEM, key)) +else: + with open(KEY_PATH, "rb") as fp: + key = crypto.load_privatekey(crypto.FILETYPE_PEM, fp.read()) + + +if not os.path.exists(CERT_PATH): + generate_cert() +else: + with open(CERT_PATH, "rb") as fp: + cert = crypto.load_certificate(crypto.FILETYPE_PEM, fp.read()) + + if cert.has_expired(): + generate_cert(cert.get_serial_number() + 1) + + +if __name__ == "__main__" and sys.argv[-1] == "runserver": + app.run(host="0.0.0.0", port=5000, + ssl_context=("var/ssl-cert.pem", "var/ssl-key.pem"), + threaded=True, debug=True) -- cgit v1.2.3