|
|
@ -0,0 +1,58 @@ |
|
|
|
#!/usr/bin/env sh |
|
|
|
|
|
|
|
#Here is a script to deploy cert to nuster server. |
|
|
|
|
|
|
|
#returns 0 means success, otherwise error. |
|
|
|
|
|
|
|
######## Public functions ##################### |
|
|
|
|
|
|
|
#domain keyfile certfile cafile fullchain |
|
|
|
nuster_deploy() { |
|
|
|
_cdomain="$1" |
|
|
|
_ckey="$2" |
|
|
|
_ccert="$3" |
|
|
|
_cca="$4" |
|
|
|
_cfullchain="$5" |
|
|
|
|
|
|
|
_debug _cdomain "$_cdomain" |
|
|
|
_debug _ckey "$_ckey" |
|
|
|
_debug _ccert "$_ccert" |
|
|
|
_debug _cca "$_cca" |
|
|
|
_debug _cfullchain "$_cfullchain" |
|
|
|
|
|
|
|
# handle reload preference |
|
|
|
DEFAULT_NUSTER_RELOAD="/usr/sbin/service nuster restart" |
|
|
|
if [ -z "${DEPLOY_NUSTER_RELOAD}" ]; then |
|
|
|
_reload="${DEFAULT_NUSTER_RELOAD}" |
|
|
|
_cleardomainconf DEPLOY_NUSTER_RELOAD |
|
|
|
else |
|
|
|
_reload="${DEPLOY_NUSTER_RELOAD}" |
|
|
|
_savedomainconf DEPLOY_NUSTER_RELOAD "$DEPLOY_NUSTER_RELOAD" |
|
|
|
fi |
|
|
|
_savedomainconf DEPLOY_NUSTER_PEM_PATH "$DEPLOY_NUSTER_PEM_PATH" |
|
|
|
|
|
|
|
# work out the path where the PEM file should go |
|
|
|
_pem_path="${DEPLOY_NUSTER_PEM_PATH}" |
|
|
|
if [ -z "$_pem_path" ]; then |
|
|
|
_err "Path to save PEM file not found. Please define DEPLOY_NUSTER_PEM_PATH." |
|
|
|
return 1 |
|
|
|
fi |
|
|
|
_pem_full_path="$_pem_path/$_cdomain.pem" |
|
|
|
_info "Full path to PEM $_pem_full_path" |
|
|
|
|
|
|
|
# combine the key and fullchain into a single pem and install |
|
|
|
cat "$_cfullchain" "$_ckey" >"$_pem_full_path" |
|
|
|
chmod 600 "$_pem_full_path" |
|
|
|
_info "Certificate successfully deployed" |
|
|
|
|
|
|
|
# restart HAProxy |
|
|
|
_info "Run reload: $_reload" |
|
|
|
if eval "$_reload"; then |
|
|
|
_info "Reload success!" |
|
|
|
return 0 |
|
|
|
else |
|
|
|
_err "Reload error" |
|
|
|
return 1 |
|
|
|
fi |
|
|
|
|
|
|
|
} |