Mirror
/
acme.sh
mirror of https://github.com/acmesh-official/acme.sh.git
1
0
Fork 0
Code Issues Projects Releases Wiki Activity
You can not select more than 25 topics Topics must start with a letter or number, can include dashes ('-') and can be up to 35 characters long.
5883 Commits
9 Branches
44 Tags
18 MiB
Tree: 66dd51a09a
Branches Tags
${ item.name }
Create tag ${ searchTerm }
Create branch ${ searchTerm }
from '66dd51a09a'
${ noResults }
acme.sh/deploy/proxmoxbs.sh

120 lines
4.2 KiB
Raw Normal View History

Create script for deploy certificate on Proxmox Backup Server
4 weeks ago
  1. #!/usr/bin/env sh
  3. # Deploy certificates to a proxmox backup server using the API.
  4. #
  5. # Environment variables that can be set are:
  6. # `DEPLOY_PROXMOXBS_SERVER`: The hostname of the proxmox backup server. Defaults to
  7. # _cdomain.
  8. # `DEPLOY_PROXMOXBS_SERVER_PORT`: The port number the management interface is on.
  9. # Defaults to 8007.
  10. # `DEPLOY_PROXMOXBS_USER`: The user we'll connect as. Defaults to root.
  11. # `DEPLOY_PROXMOXBS_USER_REALM`: The authentication realm the user authenticates
  12. # with. Defaults to pam.
  13. # `DEPLOY_PROXMOXBS_API_TOKEN_NAME`: The name of the API token created for the
  14. # user account. Defaults to acme.
  15. # `DEPLOY_PROXMOXBS_API_TOKEN_KEY`: The API token. Required.
  17. proxmoxbs_deploy() {
  18. _cdomain="$1"
  19. _ckey="$2"
  20. _ccert="$3"
  21. _cca="$4"
  22. _cfullchain="$5"
  24. _debug _cdomain "$_cdomain"
  25. _debug2 _ckey "$_ckey"
  26. _debug _ccert "$_ccert"
  27. _debug _cca "$_cca"
  28. _debug _cfullchain "$_cfullchain"
  30. # "Sane" defaults.
  31. _getdeployconf DEPLOY_PROXMOXBS_SERVER
  32. if [ -z "$DEPLOY_PROXMOXBS_SERVER" ]; then
  33. _target_hostname="$_cdomain"
  34. else
  35. _target_hostname="$DEPLOY_PROXMOXBS_SERVER"
  36. _savedeployconf DEPLOY_PROXMOXBS_SERVER "$DEPLOY_PROXMOXBS_SERVER"
  37. fi
  38. _debug2 DEPLOY_PROXMOXBS_SERVER "$_target_hostname"
  40. _getdeployconf DEPLOY_PROXMOXBS_SERVER_PORT
  41. if [ -z "$DEPLOY_PROXMOXBS_SERVER_PORT" ]; then
  42. _target_port="8007"
  43. else
  44. _target_port="$DEPLOY_PROXMOXBS_SERVER_PORT"
  45. _savedeployconf DEPLOY_PROXMOXBS_SERVER_PORT "$DEPLOY_PROXMOXBS_SERVER_PORT"
  46. fi
  47. _debug2 DEPLOY_PROXMOXBS_SERVER_PORT "$_target_port"
  49. # Complete URL.
  50. _target_url="https://${_target_hostname}:${_target_port}/api2/json/nodes/localhost/certificates/custom"
  51. _debug TARGET_URL "$_target_url"
  53. # More "sane" defaults.
  54. _getdeployconf DEPLOY_PROXMOXBS_USER
  55. if [ -z "$DEPLOY_PROXMOXBS_USER" ]; then
  56. _proxmoxbs_user="root"
  57. else
  58. _proxmoxbs_user="$DEPLOY_PROXMOXBS_USER"
  59. _savedeployconf DEPLOY_PROXMOXBS_USER "$DEPLOY_PROXMOXBS_USER"
  60. fi
  61. _debug2 DEPLOY_PROXMOXBS_USER "$_proxmoxbs_user"
  63. _getdeployconf DEPLOY_PROXMOXBS_USER_REALM
  64. if [ -z "$DEPLOY_PROXMOXBS_USER_REALM" ]; then
  65. _proxmoxbs_user_realm="pam"
  66. else
  67. _proxmoxbs_user_realm="$DEPLOY_PROXMOXBS_USER_REALM"
  68. _savedeployconf DEPLOY_PROXMOXBS_USER_REALM "$DEPLOY_PROXMOXBS_USER_REALM"
  69. fi
  70. _debug2 DEPLOY_PROXMOXBS_USER_REALM "$_proxmoxbs_user_realm"
  72. _getdeployconf DEPLOY_PROXMOXBS_API_TOKEN_NAME
  73. if [ -z "$DEPLOY_PROXMOXBS_API_TOKEN_NAME" ]; then
  74. _proxmoxbs_api_token_name="acme"
  75. else
  76. _proxmoxbs_api_token_name="$DEPLOY_PROXMOXBS_API_TOKEN_NAME"
  77. _savedeployconf DEPLOY_PROXMOXBS_API_TOKEN_NAME "$DEPLOY_PROXMOXBS_API_TOKEN_NAME"
  78. fi
  79. _debug2 DEPLOY_PROXMOXBS_API_TOKEN_NAME "$_proxmoxbs_api_token_name"
  81. # This is required.
  82. _getdeployconf DEPLOY_PROXMOXBS_API_TOKEN_KEY
  83. if [ -z "$DEPLOY_PROXMOXBS_API_TOKEN_KEY" ]; then
  84. _err "API key not provided."
  85. return 1
  86. else
  87. _proxmoxbs_api_token_key="$DEPLOY_PROXMOXBS_API_TOKEN_KEY"
  88. _savedeployconf DEPLOY_PROXMOXBS_API_TOKEN_KEY "$DEPLOY_PROXMOXBS_API_TOKEN_KEY"
  89. fi
  90. _debug2 DEPLOY_PROXMOXBS_API_TOKEN_KEY "$_proxmoxbs_api_token_key"
  92. # PBS API Token header value. Used in "Authorization: PBSAPIToken".
  93. _proxmoxbs_header_api_token="${_proxmoxbs_user}@${_proxmoxbs_user_realm}!${_proxmoxbs_api_token_name}:${_proxmoxbs_api_token_key}"
  94. _debug2 "Auth Header" "$_proxmoxbs_header_api_token"
  96. # Ugly. I hate putting heredocs inside functions because heredocs don't
  97. # account for whitespace correctly but it _does_ work and is several times
  98. # cleaner than anything else I had here.
  99. #
  100. # This dumps the json payload to a variable that should be passable to the
  101. # _psot function.
  102. _json_payload=$(
  103. cat <<HEREDOC
  104. {
  105. "certificates": "$(tr '\n' ':' <"$_cfullchain" | sed 's/:/\\n/g')",
  106. "key": "$(tr '\n' ':' <"$_ckey" | sed 's/:/\\n/g')",
  107. "node":"localhost",
  108. "restart":true,
  109. "force":true
  110. }
  111. HEREDOC
  112. )
  113. _debug2 Payload "$_json_payload"
  115. _info "Push certificates to server"
  116. export HTTPS_INSECURE=1
  117. export _H1="Authorization: PBSAPIToken=${_proxmoxbs_header_api_token}"
  118. _post "$_json_payload" "$_target_url" "" POST "application/json"
  120. }