- Added printouts

- Watching reduced to one file (acme.json) - added support to restart containers after renewal of certificates
2025-01-18 22:09:33 +08:00 · 2018-08-04 19:28:41 +02:00 · 2018-08-04 19:28:41 +02:00 · ae23efa767
commit ae23efa767
parent 49fe6f75e0
2 changed files with 116 additions and 75 deletions
--- a/extractor.py
+++ b/extractor.py
@ -3,24 +3,29 @@ import os
 import errno
 import time
 import json
+import docker
+
 from base64 import b64decode
 from watchdog.observers import Observer
 from watchdog.events import FileSystemEventHandler
+from pathlib import Path

-class Handler(FileSystemEventHandler):
-    def on_created(self, event):
-        self.handle(event)

-    def on_modified(self, event):
-        self.handle(event)
+def restartContainerWithDomain(domain):
+    client = docker.from_env()
+    container = client.containers.list(filters = {"label" : "com.github.SnowMB.traefik-certificate-extractor.restart_domain"})
+    for c in container:
+#        print(c.labels['com.github.SnowMB.traefik-certificate-extractor.restart_domain'])
+        domains = str.split(c.labels["com.github.SnowMB.traefik-certificate-extractor.restart_domain"], ',')
+        if domain in domains:
+            print('restarting container ' + c.id)
+            c.restart()

-    def handle(self, event):
-        # Check if it's a JSON file
-        if not event.is_directory and event.src_path.endswith('.json'):
-            print('Certificates changed')

+
+def createCerts(file):
    # Read JSON file
-            data = json.loads(open(event.src_path).read())
+    data = json.loads(open(file).read())

    # Determine ACME version
    acme_version = 2 if 'acme-v02' in data['Account']['Registration']['uri'] else 1
@ -92,10 +97,42 @@ class Handler(FileSystemEventHandler):
                    f.write(chain)

        print('Extracted certificate for: ' + name + (', ' + ', '.join(sans) if sans else ''))
+        restartContainerWithDomain(name)
+
+
+
+
+class Handler(FileSystemEventHandler):
+
+    def __init__(self):
+        self.filename = 'acme.json'
+
+    def on_created(self, event):
+        self.handle(event)
+
+    def on_modified(self, event):
+        self.handle(event)
+
+    def handle(self, event):
+        # Check if it's a JSON file
+        print ('DEBUG : event fired')
+        if not event.is_directory and event.src_path.endswith(self.filename):
+            print('Certificates changed')
+
+            createCerts(event.src_path)
+

 if __name__ == "__main__":
    # Determine path to watch
-    path = sys.argv[1] if len(sys.argv) > 1 else './data'
+    val = sys.argv[1] if len(sys.argv) > 1 else './data/acme.json'
+
+    path = Path(val)
+
+    if not path.exists() or path.is_dir():
+        print ('ERROR ' + str(path) + ' does not exist.')
+        sys.exit(1)
+
+    print('watching path: ' + str(path))

    # Create output directories if it doesn't exist
    try:
@ -109,12 +146,15 @@ if __name__ == "__main__":
        if error.errno != errno.EEXIST:
            raise

+
+
    # Create event handler and observer
    event_handler = Handler()
+    event_handler.filename = str(path.name)
    observer = Observer()

    # Register the directory to watch
-    observer.schedule(event_handler, path)
+    observer.schedule(event_handler, str(path.parent))

    # Main loop to watch the directory
    observer.start()
--- a/requirements.txt
+++ b/requirements.txt
@ -1 +1,2 @@
 watchdog
+docker