Fix spaces
This commit is contained in:
Mikhail Zyablitskiy
parent
6408c702d4
commit
765131ca40
@ -17,148 +17,148 @@
|
|||||||
#domain keyfile certfile cafile fullchain
|
#domain keyfile certfile cafile fullchain
|
||||||
|
|
||||||
rancher_deploy() {
|
rancher_deploy() {
|
||||||
_cdomain="$1"
|
_cdomain="$1"
|
||||||
# Further $(echo "$1" | sed 's/$/\\n/' | tr -d '\n')
|
# Further $(echo "$1" | sed 's/$/\\n/' | tr -d '\n')
|
||||||
# Made for iclude cert in var in one line with \n
|
# Made for iclude cert in var in one line with \n
|
||||||
_ckey=$(echo "$2" | sed 's/$/\\n/' | tr -d '\n')
|
_ckey=$(echo "$2" | sed 's/$/\\n/' | tr -d '\n')
|
||||||
_ccert=$(echo "$3" | sed 's/$/\\n/' | tr -d '\n')
|
_ccert=$(echo "$3" | sed 's/$/\\n/' | tr -d '\n')
|
||||||
_cca=$(echo "$4" | sed 's/$/\\n/' | tr -d '\n')
|
_cca=$(echo "$4" | sed 's/$/\\n/' | tr -d '\n')
|
||||||
_cfullchain=$(echo "$5" | sed 's/$/\\n/' | tr -d '\n')
|
_cfullchain=$(echo "$5" | sed 's/$/\\n/' | tr -d '\n')
|
||||||
|
|
||||||
_debug _cdomain "$_cdomain"
|
_debug _cdomain "$_cdomain"
|
||||||
_debug _ckey "$_ckey"
|
_debug _ckey "$_ckey"
|
||||||
_debug _ccert "$_ccert"
|
_debug _ccert "$_ccert"
|
||||||
_debug _cca "$_cca"
|
_debug _cca "$_cca"
|
||||||
_debug _cfullchain "$_cfullchain"
|
_debug _cfullchain "$_cfullchain"
|
||||||
|
|
||||||
# Check software needed
|
# Check software needed
|
||||||
if ! _exists curl; then
|
if ! _exists curl; then
|
||||||
_err "The command curl is not found."
|
_err "The command curl is not found."
|
||||||
return 1
|
return 1
|
||||||
|
fi
|
||||||
|
|
||||||
|
if ! _exists awk; then
|
||||||
|
_err "The command awk is not found."
|
||||||
|
return 1
|
||||||
|
fi
|
||||||
|
|
||||||
|
if ! _exists grep; then
|
||||||
|
_err "The command grep is not found."
|
||||||
|
return 1
|
||||||
|
fi
|
||||||
|
|
||||||
|
# Check environment variables and config
|
||||||
|
|
||||||
|
if [ -z "$RANCHER_ACCESS_KEY" ]; then
|
||||||
|
if [ -z "$Le_rancher_access_key" ]; then
|
||||||
|
_err "RANCHER_ACCESS_KEY not defined."
|
||||||
|
return 1
|
||||||
fi
|
fi
|
||||||
|
else
|
||||||
|
Le_rancher_access_key="$RANCHER_ACCESS_KEY"
|
||||||
|
_savedomainconf Le_rancher_access_key "$Le_rancher_access_key"
|
||||||
|
fi
|
||||||
|
|
||||||
if ! _exists awk; then
|
if [ -z "$RANCHER_SECRET_KEY" ]; then
|
||||||
_err "The command awk is not found."
|
if [ -z "$Le_rancher_secret_key" ]; then
|
||||||
return 1
|
_err "RANCHER_SECRET_KEY not defined."
|
||||||
|
return 1
|
||||||
fi
|
fi
|
||||||
|
else
|
||||||
|
Le_rancher_secret_key="$RANCHER_SECRET_KEY"
|
||||||
|
_savedomainconf Le_rancher_secret_key "$Le_rancher_secret_key"
|
||||||
|
fi
|
||||||
|
|
||||||
if ! _exists grep; then
|
if [ -z "$RANCHER_ENVIRONMENT" ]; then
|
||||||
_err "The command grep is not found."
|
if [ -z "$Le_rancher_environment" ]; then
|
||||||
return 1
|
_err "RANCHER_ENVIRONMENT not defined."
|
||||||
|
return 1
|
||||||
fi
|
fi
|
||||||
|
else
|
||||||
|
Le_rancher_environment="$RANCHER_ENVIRONMENT"
|
||||||
|
_savedomainconf Le_rancher_environment "$Le_rancher_environment"
|
||||||
|
fi
|
||||||
|
|
||||||
# Check environment variables and config
|
if [ -z "$RANCHER_SERVER" ]; then
|
||||||
|
if [ -z "$Le_rancher_server" ]; then
|
||||||
if [ -z "$RANCHER_ACCESS_KEY" ]; then
|
_err "RANCHER_SERVER not defined."
|
||||||
if [ -z "$Le_rancher_access_key" ]; then
|
return 1
|
||||||
_err "RANCHER_ACCESS_KEY not defined."
|
|
||||||
return 1
|
|
||||||
fi
|
|
||||||
else
|
|
||||||
Le_rancher_access_key="$RANCHER_ACCESS_KEY"
|
|
||||||
_savedomainconf Le_rancher_access_key "$Le_rancher_access_key"
|
|
||||||
fi
|
fi
|
||||||
|
else
|
||||||
|
Le_rancher_server="$RANCHER_SERVER"
|
||||||
|
_savedomainconf Le_rancher_server "$Le_rancher_server"
|
||||||
|
fi
|
||||||
|
|
||||||
if [ -z "$RANCHER_SECRET_KEY" ]; then
|
# Check api connection
|
||||||
if [ -z "$Le_rancher_secret_key" ]; then
|
response=$(
|
||||||
_err "RANCHER_SECRET_KEY not defined."
|
curl "$Le_rancher_server/v2-beta/" \
|
||||||
return 1
|
--write-out "%{http_code}" \
|
||||||
fi
|
--silent \
|
||||||
else
|
--output /dev/null
|
||||||
Le_rancher_secret_key="$RANCHER_SECRET_KEY"
|
)
|
||||||
_savedomainconf Le_rancher_secret_key "$Le_rancher_secret_key"
|
if [ "$response" -ge 200 ] && [ "$response" -le 299 ]; then
|
||||||
fi
|
_err "Curl failed to connect to $Le_rancher_server v2-beta API"
|
||||||
|
return 1
|
||||||
|
else
|
||||||
|
_info "API connected!"
|
||||||
|
fi
|
||||||
|
|
||||||
if [ -z "$RANCHER_ENVIRONMENT" ]; then
|
# Check if certificate already exist in rancher
|
||||||
if [ -z "$Le_rancher_environment" ]; then
|
|
||||||
_err "RANCHER_ENVIRONMENT not defined."
|
|
||||||
return 1
|
|
||||||
fi
|
|
||||||
else
|
|
||||||
Le_rancher_environment="$RANCHER_ENVIRONMENT"
|
|
||||||
_savedomainconf Le_rancher_environment "$Le_rancher_environment"
|
|
||||||
fi
|
|
||||||
|
|
||||||
if [ -z "$RANCHER_SERVER" ]; then
|
id_raw_json=$(curl -s -u "$Le_rancher_access_key:$Le_rancher_secret_key" \
|
||||||
if [ -z "$Le_rancher_server" ]; then
|
|
||||||
_err "RANCHER_SERVER not defined."
|
|
||||||
return 1
|
|
||||||
fi
|
|
||||||
else
|
|
||||||
Le_rancher_server="$RANCHER_SERVER"
|
|
||||||
_savedomainconf Le_rancher_server "$Le_rancher_server"
|
|
||||||
fi
|
|
||||||
|
|
||||||
# Check api connection
|
|
||||||
response=$(
|
|
||||||
curl "$Le_rancher_server/v2-beta/" \
|
|
||||||
--write-out "%{http_code}" \
|
|
||||||
--silent \
|
|
||||||
--output /dev/null
|
|
||||||
)
|
|
||||||
if [ "$response" -ge 200 ] && [ "$response" -le 299 ]; then
|
|
||||||
_err "Curl failed to connect to $Le_rancher_server v2-beta API"
|
|
||||||
return 1
|
|
||||||
else
|
|
||||||
_info "API connected!"
|
|
||||||
fi
|
|
||||||
|
|
||||||
# Check if certificate already exist in rancher
|
|
||||||
|
|
||||||
id_raw_json=$(curl -s -u "$Le_rancher_access_key:$Le_rancher_secret_key" \
|
|
||||||
-X GET \
|
-X GET \
|
||||||
-H 'Accept: application/json' \
|
-H 'Accept: application/json' \
|
||||||
-H 'Content-Type: application/json' \
|
-H 'Content-Type: application/json' \
|
||||||
"$Le_rancher_server/v2-beta/projects/$Le_rancher_environment/certificates?name=$_cdomain")
|
"$Le_rancher_server/v2-beta/projects/$Le_rancher_environment/certificates?name=$_cdomain")
|
||||||
cert_state=$(echo "$id_raw_json" | awk -F='\:' -v RS='\,' "\$id_raw_json~/\"state\"/ {print}" | tr -d "\n\t" | sed -e 's/^"//' -e 's/"$//' | grep -o "active")
|
cert_state=$(echo "$id_raw_json" | awk -F='\:' -v RS='\,' "\$id_raw_json~/\"state\"/ {print}" | tr -d "\n\t" | sed -e 's/^"//' -e 's/"$//' | grep -o "active")
|
||||||
_info "Cert state is $cert_state"
|
_info "Cert state is $cert_state"
|
||||||
if [ -z "$cert_state" ]; then
|
if [ -z "$cert_state" ]; then
|
||||||
# Add new certificate
|
# Add new certificate
|
||||||
_info "Adding new cert to rancher"
|
_info "Adding new cert to rancher"
|
||||||
response=$(
|
response=$(
|
||||||
curl -u "$Le_rancher_access_key:$Le_rancher_secret_key" \
|
curl -u "$Le_rancher_access_key:$Le_rancher_secret_key" \
|
||||||
-X POST \
|
-X POST \
|
||||||
--write-out "%{http_code}" \
|
--write-out "%{http_code}" \
|
||||||
--silent \
|
--silent \
|
||||||
--output /dev/null \
|
--output /dev/null \
|
||||||
-H 'Accept: application/json' \
|
|
||||||
-H 'Content-Type: application/json' \
|
|
||||||
-d "{\"type\":\"certificate\",\"name\":\"$_cdomain\",\"description\":\"acme.sh cert for $_cdomain\",\"key\":\"$_ckey\",\"cert\":\"$_ccert\",\"certChain\":\"$_cca\"}" \
|
|
||||||
"$Le_rancher_server/v2-beta/projects/$Le_rancher_environment/certificates/"
|
|
||||||
)
|
|
||||||
_info "Update status code: $response"
|
|
||||||
if [ "$response" -lt 199 ] || [ "$response" -gt 300 ]; then
|
|
||||||
_err "Curl failed to create new cert"
|
|
||||||
return 1
|
|
||||||
fi
|
|
||||||
else
|
|
||||||
# Get certificate ID
|
|
||||||
id_raw_json=$(curl -s -u "$Le_rancher_access_key:$Le_rancher_secret_key" \
|
|
||||||
-X GET \
|
|
||||||
-H 'Accept: application/json' \
|
-H 'Accept: application/json' \
|
||||||
-H 'Content-Type: application/json' \
|
-H 'Content-Type: application/json' \
|
||||||
"$Le_rancher_server/v2-beta/projects/$Le_rancher_environment/certificates?name=$_cdomain")
|
-d "{\"type\":\"certificate\",\"name\":\"$_cdomain\",\"description\":\"acme.sh cert for $_cdomain\",\"key\":\"$_ckey\",\"cert\":\"$_ccert\",\"certChain\":\"$_cca\"}" \
|
||||||
cert_id=$(echo "$id_raw_json" | awk -F='\:' -v RS='\,' "\$id_raw_json~/\"data\"/ {print}" | tr -d "\n\t" | sed -e 's/^"//' -e 's/"$//' | sed -e 's/data.*"//')
|
"$Le_rancher_server/v2-beta/projects/$Le_rancher_environment/certificates/"
|
||||||
_info "Cert already exist ID is: $cert_id"
|
)
|
||||||
# Update existing certificate
|
_info "Update status code: $response"
|
||||||
_info "Updating..."
|
if [ "$response" -lt 199 ] || [ "$response" -gt 300 ]; then
|
||||||
response=$(
|
_err "Curl failed to create new cert"
|
||||||
curl -u "$Le_rancher_access_key:$Le_rancher_secret_key" \
|
return 1
|
||||||
-X PUT \
|
|
||||||
--write-out "%{http_code}" \
|
|
||||||
--silent \
|
|
||||||
--output /dev/null \
|
|
||||||
-H 'Accept: application/json' \
|
|
||||||
-H 'Content-Type: application/json' \
|
|
||||||
-d "{\"id\":\"$cert_id\",\"type\":\"certificate\",\"baseType\":\"certificate\",\"name\":\"$_cdomain\",\"state\":\"active\",\"accountId\":\"$Le_rancher_environment\",\"algorithm\":\"SHA256WITHRSA\",\"cert\":\"$_ccert\",\"certChain\":\"$_cfullchain\",\"key\":\"$_ckey\"}" \
|
|
||||||
"$Le_rancher_server/v2-beta/projects/$Le_rancher_environment/certificates/$cert_id"
|
|
||||||
)
|
|
||||||
_info "Update status code: $response"
|
|
||||||
if [ "$response" -lt 199 ] || [ "$response" -gt 300 ]; then
|
|
||||||
_err "Curl failed to update cert with id=$cert_id"
|
|
||||||
return 1
|
|
||||||
fi
|
|
||||||
fi
|
fi
|
||||||
_info "Certificate successfully deployed"
|
else
|
||||||
return 0
|
# Get certificate ID
|
||||||
|
id_raw_json=$(curl -s -u "$Le_rancher_access_key:$Le_rancher_secret_key" \
|
||||||
|
-X GET \
|
||||||
|
-H 'Accept: application/json' \
|
||||||
|
-H 'Content-Type: application/json' \
|
||||||
|
"$Le_rancher_server/v2-beta/projects/$Le_rancher_environment/certificates?name=$_cdomain")
|
||||||
|
cert_id=$(echo "$id_raw_json" | awk -F='\:' -v RS='\,' "\$id_raw_json~/\"data\"/ {print}" | tr -d "\n\t" | sed -e 's/^"//' -e 's/"$//' | sed -e 's/data.*"//')
|
||||||
|
_info "Cert already exist ID is: $cert_id"
|
||||||
|
# Update existing certificate
|
||||||
|
_info "Updating..."
|
||||||
|
response=$(
|
||||||
|
curl -u "$Le_rancher_access_key:$Le_rancher_secret_key" \
|
||||||
|
-X PUT \
|
||||||
|
--write-out "%{http_code}" \
|
||||||
|
--silent \
|
||||||
|
--output /dev/null \
|
||||||
|
-H 'Accept: application/json' \
|
||||||
|
-H 'Content-Type: application/json' \
|
||||||
|
-d "{\"id\":\"$cert_id\",\"type\":\"certificate\",\"baseType\":\"certificate\",\"name\":\"$_cdomain\",\"state\":\"active\",\"accountId\":\"$Le_rancher_environment\",\"algorithm\":\"SHA256WITHRSA\",\"cert\":\"$_ccert\",\"certChain\":\"$_cfullchain\",\"key\":\"$_ckey\"}" \
|
||||||
|
"$Le_rancher_server/v2-beta/projects/$Le_rancher_environment/certificates/$cert_id"
|
||||||
|
)
|
||||||
|
_info "Update status code: $response"
|
||||||
|
if [ "$response" -lt 199 ] || [ "$response" -gt 300 ]; then
|
||||||
|
_err "Curl failed to update cert with id=$cert_id"
|
||||||
|
return 1
|
||||||
|
fi
|
||||||
|
fi
|
||||||
|
_info "Certificate successfully deployed"
|
||||||
|
return 0
|
||||||
}
|
}
|
||||||
|
|||||||
Loading…
Reference in New Issue
Block a user