Basically I have accumulated together a lot of the ideas described so far on aardvark.
The program uses Python, Flask, jinga2, bootstrap5, plotly, pandas and runs with apache and gunicorn.
I’m pretty new to all this so am using it in this basic manner. There are two logins, guest and admin.
from flask import session from flask_session import Session app.config["SESSION_PERMANENT"] = False app.config["SESSION_TYPE"] = "filesystem" Session(app) try: session['user'] if not session.get('logged_in') or session['user'] != 'admin':
The section for the login form:
@app.route('/login', methods=['POST'])
def do_admin_login():
global config_data
if request.form['password'] == config_data['ADMINPW'] and request.form['username'] == 'admin':
session['logged_in'] = True
session['user'] = "admin"
elif request.form['password'] == 'guest' and request.form['username'] == 'guest':
session['logged_in'] = True
session['user'] = "guest"
else:
flash('wrong password!')
#return home()
return render_template('login.html')
params= { 'url': 'example.com',
'adminoutputFormat': 'html'}
return mainpage(params)
The main page lets you add new URL’s to manage the certificate expiry/renewal process.
The grading uses the free ssllabs.com api.
The “generate csr and key” page examines the current certificate and offers a replacement and key. It’s an API so you can use curl to bring the key and csr to a machine.
Then below this page is the principal information behind the website, the about to expire certificates.
The below that just more of the same but fancier:
Then a view of the whole scope over the year
The graded page is an overview of the externally facing sites:
With a scrolling table below that for you to find the errant certificates (not shown).
The website is using fairly minimal bootstrap5 to display nicely with lowest effort in coding.
The program is written as an API so you can read/generate with curl, and add/update with an api token.
The data is still in a json file. I suppose is this became vital I should put it in a database but its all a lot of effort and most of us sysadmins prefer our flat files anyway.