Commit 64d3cb4d authored by David Seaward's avatar David Seaward
Browse files

update certificate creation

* do not recreate certificate if it already exists
* use new Service class
parent 62e6a8a9
import pathlib
import django.contrib.auth
import paramiko
from celery.utils.log import get_task_logger
......@@ -6,7 +8,7 @@ from django.db import transaction
from django.utils import timezone
from woocommerce import API as WOO_API
from ..models import ExternalCredit, ExternalBundle, Limit
from ..models import ExternalCredit, ExternalBundle, Limit, Service
logger = get_task_logger(__name__)
......@@ -99,8 +101,14 @@ def activate(ssh, limit, credit_timedelta=None, renewal_date=None):
# otherwise, activate the limit before saving
if limit.service == "TUNNEL":
managed_exec(ssh, "./create_new_ovpn_config --generate %s" % (limit.user.get_identity(),))
if limit.service == Service.TUNNEL:
user_identity = limit.user.get_identity()
filepath = settings.OVPN_FILEPATH.replace("{USER_IDENTITY}", user_identity)
is_file = pathlib.Path(filepath).is_file()
# only create certificate if it doesn't exist
if not is_file:
managed_exec(ssh, "./create_new_ovpn_config --generate %s" % (user_identity,))
# skip unsupported limits
limit.is_active = False
......@@ -109,7 +117,7 @@ def activate(ssh, limit, credit_timedelta=None, renewal_date=None):
def deactivate(ssh, limit):
if limit.service == "TUNNEL":
if limit.service == Service.TUNNEL:
managed_exec(ssh, "./create_new_ovpn_config --revoke %s" % (limit.user.get_identity(),))
limit.is_active = False
Markdown is supported
0% or .
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment