Mirror
/
acme.sh
mirror of https://github.com/acmesh-official/acme.sh.git
1
0
Fork 0
Code Issues Projects Releases Wiki Activity
Browse Source

gcore_cdn_deploy

pull/2178/head
temoffey 6 years ago
parent
02882fb327
commit
228c835466
2 changed files with 145 additions and 0 deletions
Whitespace
Show all changes Ignore whitespace when comparing lines Ignore changes in amount of whitespace Ignore changes in whitespace at EOL
Split View
Diff Options
Show Stats Download Patch File Download Diff File
  1. 15
      deploy/README.md
  2. 130
      deploy/gcore_cdn.sh

15
deploy/README.md
View File

@ -391,3 +391,18 @@ acme.sh --deploy --deploy-hook mydevil -d example.com
```
That will remove old certificate and install new one.
## 15. Deploy the cert to G-Core CDN servise
Deploy the cert to G-Core CDN servise (https://gcorelabs.com/ru/) using the G-Core Labs API (https://docs.gcorelabs.com/cdn/).
Uses command line curl for send requests and jq for parse responses.
Then you can deploy now:
```sh
export DEPLOY_GCORE_CDN_USERNAME=myusername
export DEPLOY_GCORE_CDN_PASSWORD=mypassword
acme.sh --deploy -d example.com --deploy-hook gcore_cdn
```
Please note, need installed jq.

130
deploy/gcore_cdn.sh
View File

@ -0,0 +1,130 @@
#!/usr/bin/env sh
# Here is the script to deploy the cert to G-Core CDN servise (https://gcorelabs.com/ru/) using the G-Core Labs API (https://docs.gcorelabs.com/cdn/).
# Uses command line curl for send requests and jq for parse responses.
# Returns 0 when success.
#
# Written by temoffey <temofffey@gmail.com>
# Public domain, 2019
#export DEPLOY_GCORE_CDN_USERNAME=myusername
#export DEPLOY_GCORE_CDN_PASSWORD=mypassword
######## Public functions #####################
#domain keyfile certfile cafile fullchain
gcore_cdn_deploy() {
_cdomain="$1"
_ckey="$2"
_ccert="$3"
_cca="$4"
_cfullchain="$5"
_debug _cdomain "$_cdomain"
_debug _ckey "$_ckey"
_debug _ccert "$_ccert"
_debug _cca "$_cca"
_debug _cfullchain "$_cfullchain"
_fullchain=$(awk 1 ORS='\\n' "$_cfullchain")
_key=$(awk 1 ORS='\\n' "$_ckey")
_debug _fullchain "$_fullchain"
_debug _key "$_key"
if [ -z "$DEPLOY_GCORE_CDN_USERNAME" ]; then
if [ -z "$Le_Deploy_gcore_cdn_username" ]; then
_err "Please define the target username: export DEPLOY_GCORE_CDN_USERNAME=username"
return 1
else
DEPLOY_GCORE_CDN_USERNAME="$Le_Deploy_gcore_cdn_username"
fi
else
_savedomainconf Le_Deploy_gcore_cdn_username "$DEPLOY_GCORE_CDN_USERNAME"
fi
if [ -z "$DEPLOY_GCORE_CDN_PASSWORD" ]; then
if [ -z "$Le_Deploy_gcore_cdn_password" ]; then
_err "Please define the target password: export DEPLOY_GCORE_CDN_PASSWORD=password"
return 1
else
DEPLOY_GCORE_CDN_PASSWORD="$Le_Deploy_gcore_cdn_password"
fi
else
_savedomainconf Le_Deploy_gcore_cdn_password "$DEPLOY_GCORE_CDN_PASSWORD"
fi
if ! [ -x "$(command -v jq)" ]; then
_err "Please install the package jq: sudo apt-get install jq"
return 1
fi
_info "Get authorization token"
_request="{ \"username\": \"$DEPLOY_GCORE_CDN_USERNAME\", \"password\": \"$DEPLOY_GCORE_CDN_PASSWORD\" }"
_debug _request "$_request"
_response=$(curl -s -X POST https://api.gcdn.co/auth/signin -H "Content-Type:application/json" -d "$_request")
_debug _response "$_response"
_token=$(echo "$_response" | jq -r '.token')
_debug _token "$_token"
if [ "$_token" == "null" ]; then
_err "Error G-Core Labs API authorization"
return 1
fi
_info "Find CDN resource with cname $_cdomain"
_response=$(curl -s -X GET https://api.gcdn.co/resources -H "Authorization:Token $_token")
_debug _response "$_response"
_resource=$(echo "$_response" | jq -r ".[] | select(.cname == \"$_cdomain\")")
_debug _resource "$_resource"
_resourceId=$(echo "$_resource" | jq -r '.id')
_sslDataOld=$(echo "$_resource" | jq -r '.sslData')
_originGroup=$(echo "$_resource" | jq -r '.originGroup')
_debug _resourceId "$_resourceId"
_debug _sslDataOld "$_sslDataOld"
_debug _originGroup "$_originGroup"
if [ -z "$_resourceId" ] || [ "$_resourceId" == "null" ] || [ -z "$_originGroup" ] || [ "$_originGroup" == "null" ]; then
_err "Not found CDN resource with cname $_cdomain"
return 1
fi
_info "Add new SSL certificate"
_date=$(date "+%d.%m.%Y %H:%M:%S")
_request="{ \"name\": \"$_cdomain ($_date)\", \"sslCertificate\": \"$_fullchain\n\", \"sslPrivateKey\": \"$_key\n\" }"
_debug _request "$_request"
_response=$(curl -s -X POST https://api.gcdn.co/sslData -H "Content-Type:application/json" -H "Authorization:Token $_token" -d "$_request")
_debug _response "$_response"
_sslDataAdd=$(echo "$_response" | jq -r '.id')
_debug _sslDataAdd "$_sslDataAdd"
if [ "$_sslDataAdd" == "null" ]; then
_err "Error new SSL certificate add"
return 1
fi
_info "Update CDN resource"
_request="{ \"originGroup\": $_originGroup, \"sslData\": $_sslDataAdd }"
_debug _request "$_request"
_response=$(curl -s -X PUT https://api.gcdn.co/resources/$_resourceId -H "Content-Type:application/json" -H "Authorization:Token $_token" -d "$_request")
_debug _response "$_response"
_sslDataNew=$(echo "$_response" | jq -r '.sslData')
_debug _sslDataNew "$_sslDataNew"
if [ "$_sslDataNew" != "$_sslDataAdd" ]; then
_err "Error CDN resource update"
return 1
fi
if [ -z "$_sslDataOld" ] || [ "$_sslDataOld" = "null" ]; then
_info "Not found old SSL certificate"
else
_info "Delete old SSL certificate"
_response=$(curl -s -X DELETE https://api.gcdn.co/sslData/$_sslDataOld -H "Authorization:Token $_token")
_debug _response "$_response"
fi
_info "Certificate successfully deployed"
return 0
}
Write Preview
Loading…
Cancel
Save