Ola Thoresen
2 years ago
1 changed files with 99 additions and 0 deletions
@ -0,0 +1,99 @@ |
|||||
|
#!/bin/bash |
||||
|
|
||||
|
#Here is a script to deploy cert to opengear operations manager. |
||||
|
|
||||
|
#returns 0 means success, otherwise error. |
||||
|
|
||||
|
|
||||
|
# Note that SSH must be able to login to remote host without a password... |
||||
|
# The user must have sudo-access without password |
||||
|
# |
||||
|
# SSH Keys must have been exchanged with the remote host. Validate and |
||||
|
# test that you can login to USER@SERVER from the host running acme.sh before |
||||
|
# using this script. |
||||
|
|
||||
|
|
||||
|
|
||||
|
# export OPENGEAR_USER="" # required |
||||
|
# export OPENGEAR_HOST="om1234" # defaults to domain name |
||||
|
|
||||
|
|
||||
|
Le_Deploy_ssh_cmd="ssh" |
||||
|
|
||||
|
#domain keyfile certfile cafile fullchain |
||||
|
opengear_deploy() { |
||||
|
_cdomain="$1" |
||||
|
_ckey="$2" |
||||
|
_ccert="$3" |
||||
|
_cca="$4" |
||||
|
_cfullchain="$5" |
||||
|
|
||||
|
_debug _cdomain "$_cdomain" |
||||
|
_debug _ckey "$_ckey" |
||||
|
_debug _ccert "$_ccert" |
||||
|
_debug _cca "$_cca" |
||||
|
_debug _cfullchain "$_cfullchain" |
||||
|
|
||||
|
|
||||
|
Le_Deploy_og_keyfile="/tmp/$(basename $_ckey)" |
||||
|
Le_Deploy_og_fullchain="/tmp/$(basename $_cfullchain)" |
||||
|
|
||||
|
|
||||
|
# OPENGEAR ENV VAR check |
||||
|
if [ -z "$OPENGEAR_HOST" ]; then |
||||
|
# HOST is not set in environment, check for saved variable |
||||
|
_getdeployconf OPENGEAR_HOST |
||||
|
_opengear_host=$OPENGEAR_HOST |
||||
|
fi |
||||
|
if [ -z "$_opengear_host" ]; then |
||||
|
_info "No host found in saved vars. Defaulting to domain: $_cdomain" |
||||
|
_opengear_host="$_cdomain" |
||||
|
fi |
||||
|
if [ -z "$OPENGEAR_USER" ]; then |
||||
|
_debug "USER not found in ENV variables lets check for saved variables" |
||||
|
_getdeployconf OPENGEAR_USER |
||||
|
_opengear_user=$OPENGEAR_USER |
||||
|
if [ -z "$_opengear_user" ]; then |
||||
|
_err "No user found.. If this is the first time deploying please set OPENGEAR_USER in environment variables. Delete them after you have succesfully deployed certs." |
||||
|
return 1 |
||||
|
else |
||||
|
_debug "Using saved env variables." |
||||
|
fi |
||||
|
else |
||||
|
_debug "Detected ENV variables to be saved to the deploy conf." |
||||
|
_opengear_user="$OPENGEAR_USER" |
||||
|
# Encrypt and save user |
||||
|
_savedeployconf OPENGEAR_USER "$_opengear_user" 1 |
||||
|
_savedeployconf OPENGEAR_HOST "$_opengear_host" 1 |
||||
|
fi |
||||
|
_info "Deploying to $_opengear_host" |
||||
|
|
||||
|
_cmdstr="sudo echo -e \"set services.https.certificate =$(cat $_cfullchain | base64 -w0)\nset services.https.private_key =$(cat $_ckey | base64 -w0)\npush\" | /usr/unsupported/bin/ogconfig-cli" |
||||
|
_info "will deploy new certificate" |
||||
|
if ! _ssh_remote_cmd "$_cmdstr"; then |
||||
|
return $_err_code |
||||
|
fi |
||||
|
|
||||
|
return $_err_code |
||||
|
} |
||||
|
|
||||
|
|
||||
|
|
||||
|
#cmd |
||||
|
_ssh_remote_cmd() { |
||||
|
_cmd="$1" |
||||
|
_secure_debug "Remote commands to execute: $_cmd" |
||||
|
_info "Submitting sequence of commands to remote server by ssh" |
||||
|
# quotations in bash cmd below intended. Squash travis spellcheck error |
||||
|
# shellcheck disable=SC2029 |
||||
|
_debug $Le_Deploy_ssh_cmd "$_opengear_user@$_opengear_host" sh -c "'$_cmd'" |
||||
|
$Le_Deploy_ssh_cmd "$_opengear_user@$_opengear_host" sh -c "'$_cmd'" |
||||
|
_err_code="$?" |
||||
|
|
||||
|
if [ "$_err_code" != "0" ]; then |
||||
|
_err "Error code $_err_code returned from ssh" |
||||
|
fi |
||||
|
|
||||
|
return $_err_code |
||||
|
} |
||||
|
|
||||
Write
Preview
Loading…
Cancel
Save
Reference in new issue