Add certificate renew endpoint.
This commit is contained in:
parent
7eb3e946e5
commit
7798356bda
|
@ -29,7 +29,7 @@ Since the whole `2001:470:c844:uug0::/60` network will be forwared to/from the u
|
|||
|
||||
## REST API endpoints
|
||||
| endpoint | method | body | description |
|
||||
|---------------------------|:---------:|-------------------------------|-----------------------|
|
||||
| --------------------- | :----: | ------------------------------------------------------ | -------------------------------------------------------------------- |
|
||||
| /users | GET | | get list of users |
|
||||
| /users | POST | ```{ "name": "johndoe" }``` | create new user |
|
||||
| /gateways | GET | | get list of gateways |
|
||||
|
@ -37,6 +37,7 @@ Since the whole `2001:470:c844:uug0::/60` network will be forwared to/from the u
|
|||
| /gateway/$fqdn | GET | | get info about gateway |
|
||||
| /gateway/$fqdn | DELETE | | delete gateway |
|
||||
| /gateway/$fqdn/config | GET | | get client config file for gateway |
|
||||
| /gateway/$fqdn/renew | POST | | generate new certificate for gateway (min 30 days before expiration) |
|
||||
|
||||
## Technical details
|
||||
VPNUnit runs inside a Docker container, and stores its data in the `/data` subvolume (which is usually mounted on `/srv/vpnunit` on the physical machine).
|
||||
|
|
12
main.py
12
main.py
|
@ -257,6 +257,18 @@ def get_gateway_config(fqdn):
|
|||
)
|
||||
|
||||
|
||||
@app.route("/gateway/<fqdn>/renew", methods=["POST"])
|
||||
@auth.login_required
|
||||
def post_gateway_renew(fqdn):
|
||||
os.environ["EASYRSA_CERT_EXPIRE"] = "180" # days
|
||||
|
||||
r = os.system("easyrsa renew {} nopass".format(fqdn))
|
||||
if r != 0:
|
||||
raise Ex(500, "exit: {} cannot renew")
|
||||
|
||||
return jsonify({"status": "ok"})
|
||||
|
||||
|
||||
@app.route("/gateway/<fqdn>", methods=["DELETE"])
|
||||
@auth.login_required
|
||||
def delete_gateway(fqdn):
|
||||
|
|
Loading…
Reference in New Issue