Mirror
/
acme.sh
mirror of https://github.com/acmesh-official/acme.sh.git
1
0
Fork 0
Code Issues Projects Releases Wiki Activity
You can not select more than 25 topics Topics must start with a letter or number, can include dashes ('-') and can be up to 35 characters long.
2221 Commits
9 Branches
44 Tags
15 MiB
Tree: edcef92f70
Branches Tags
${ item.name }
Create tag ${ searchTerm }
Create branch ${ searchTerm }
from 'edcef92f70'
${ noResults }
acme.sh/deploy/vmwareuag.sh

131 lines
4.3 KiB
Raw Normal View History

Initial deploy hook for VMware UAG appliance
7 years ago
  1. #!/usr/bin/env sh
  3. # Script for acme.sh to deploy certificates to a VMware UAG appliance
  4. #
  5. # The following variables can be exported:
  6. #
  7. # export DEPLOY_VMWAREUAG_USERNAME="admin"
  8. # export DEPLOY_VMWAREUAG_PASSWORD="" # required
  9. # export DEPLOY_VMWAREUAG_HOST="" # required (comma seperated list)
  10. # export DEPLOY_VMWAREUAG_PORT="9443"
  11. # export DEPLOY_VMWAREUAG_SSL_VERIFY="yes"
  12. #
  13. #
  15. ######## Public functions #####################
  17. #domain keyfile certfile cafile fullchain
  18. vmwareuag_deploy() {
  19. _cdomain="$1"
  20. _ckey="$2"
  21. _ccert="$3"
  22. _cca="$4"
  23. _cfullchain="$5"
  25. # Some defaults
  26. DEPLOY_VMWAREUAG_USERNAME_DEFAULT="admin"
  27. DEPLOY_VMWAREUAG_SSL_VERIFY_DEFAULT="yes"
  28. DEPLOY_VMWAREUAG_PORT_DEFAULT="9443"
  30. if [ -f "${DOMAIN_CONF}" ]; then
  31. # shellcheck disable=SC1090
  32. . "${DOMAIN_CONF}"
  33. fi
  35. _debug _cdomain "${_cdomain}"
  36. _debug _ckey "${_ckey}"
  37. _debug _ccert "${_ccert}"
  38. _debug _cca "${_cca}"
  39. _debug _cfullchain "${_cfullchain}"
  41. # USERNAME is optional. If not provided then assume "${DEPLOY_VMWAREUAG_USERNAME_DEFAULT}"
  42. if [ -n "${DEPLOY_VMWAREUAG_USERNAME}" ]; then
  43. Le_Deploy_vmwareuag_username="${DEPLOY_VMWAREUAG_USERNAME}"
  44. _savedomainconf Le_Deploy_vmwareuag_username "${Le_Deploy_vmwareuag_username}"
  45. elif [ -z "${Le_Deploy_vmwareuag_username}" ]; then
  46. Le_Deploy_vmwareuag_username="${DEPLOY_VMWAREUAG_USERNAME_DEFAULT}"
  47. fi
  49. # PASSWORD is required.
  50. if [ -n "${DEPLOY_VMWAREUAG_PASSWORD}" ]; then
  51. Le_Deploy_vmwareuag_password="${DEPLOY_VMWAREUAG_PASSWORD}"
  52. _savedomainconf Le_Deploy_vmwareuag_password "${Le_Deploy_vmwareuag_password}"
  53. elif [ -z "${Le_Deploy_vmwareuag_password}" ]; then
  54. _err "DEPLOY_VMWAREUAG_PASSWORD is required"
  55. return 1
  56. fi
  58. # HOST is required.
  59. if [ -n "${DEPLOY_VMWAREUAG_HOST}" ]; then
  60. Le_Deploy_vmwareuag_host="${DEPLOY_VMWAREUAG_HOST}"
  61. _savedomainconf Le_Deploy_vmwareuag_host "${Le_Deploy_vmwareuag_host}"
  62. elif [ -z "${Le_Deploy_vmwareuag_host}" ]; then
  63. _err "DEPLOY_VMWAREUAG_HOST is required"
  64. return 1
  65. fi
  67. # SSL_VERIFY is optional. If not provided then assume "${DEPLOY_VMWAREUAG_SSL_VERIFY_DEFAULT}"
  68. if [ -n "${DEPLOY_VMWAREUAG_SSL_VERIFY}" ]; then
  69. Le_Deploy_vmwareuag_ssl_verify="${DEPLOY_VMWAREUAG_SSL_VERIFY}"
  70. _savedomainconf Le_Deploy_vmwareuag_ssl_verify "${Le_Deploy_vmwareuag_ssl_verify}"
  71. elif [ -z "${Le_Deploy_vmwareuag_ssl_verify}" ]; then
  72. Le_Deploy_vmwareuag_ssl_verify="${DEPLOY_VMWAREUAG_SSL_VERIFY_DEFAULT}"
  73. fi
  75. # PORT is optional. If not provided then assume "${DEPLOY_VMWAREUAG_PORT_DEFAULT}"
  76. if [ -n "${DEPLOY_VMWAREUAG_PORT}" ]; then
  77. Le_Deploy_vmwareuag_port="${DEPLOY_VMWAREUAG_PORT}"
  78. _savedomainconf Le_Deploy_vmwareuag_port "${Le_Deploy_vmwareuag_port}"
  79. elif [ -z "${Le_Deploy_vmwareuag_port}" ]; then
  80. Le_Deploy_vmwareuag_port="${DEPLOY_VMWAREUAG_PORT_DEFAULT}"
  81. fi
  83. # Set variables for later use
  84. _user="${Le_Deploy_vmwareuag_username}:${Le_Deploy_vmwareuag_password}"
  85. _contenttype="Content-Type: application/json"
  86. _privatekeypem="$(cat "${_ckey}" | awk 'NF {sub(/\r/, ""); printf "%s\\n",$0;}')"
  87. _certchainpem="$(cat "${_ccert}" "${_cca}" | awk 'NF {sub(/\r/, ""); printf "%s\\n",$0;}')"
  88. _port="${Le_Deploy_vmwareuag_port}"
  89. _path="/rest/v1/config/certs/ssl/end_user"
  91. _debug _user "${_user}"
  92. _debug _contenttype "${_contenttype}"
  93. _debug _privatekeypem "${_privatekeypem}"
  94. _debug _certchainpem "${_certchainpem}"
  95. _debug _port "${_port}"
  96. _debug _path "${_path}"
  98. # Create JSON request
  99. _jsonreq=(_mktemp)
  100. _debug _jsonreq "${_jsonreq}"
  102. printf '{ "privateKeyPem": "%s", "certChainPem": "%s" }' "${_privatekeypem}" "${_certchainpem}" > "${_jsonreq}"
  103. _debug JSON "$(cat "${_jsonreq}")"
  105. # Send request via curl
  106. if command -v curl; then
  107. _info "Using curl"
  108. if [ "${Le_Deploy_vmwareuag_ssl_verify}" = "yes" ]; then
  109. _opts=""
  110. else
  111. _opts="-k"
  112. fi
  113. _oldifs=${IFS}
  114. IFS=,
  115. for _host in ${Le_Deploy_vmwareuag_host}; do
  116. _url="https://${_host}:${_port}${_path}"
  117. _debug _url "${_url}"
  118. curl ${_opts} -X PUT -H "${_contenttype}" -d "@${_jsonreq}" -u "${_user}" "${_url}"
  119. done
  120. IFS=${_oldifs}
  121. # Remove JSON request file
  122. [ -f "${_jsonreq}" ] && rm -f "${_jsonreq}"
  123. elif command -v wget; then
  124. _info "Using wget"
  125. _err "Not implemented"
  126. # Remove JSON request file
  127. [ -f "${_jsonreq}" ] && rm -f "${_jsonreq}"
  128. return 1
  129. fi
  130. return 0
  131. }