Browse Source

Updates based on feedback

pull/1602/head
andrewheberle 6 years ago
committed by GitHub
parent
commit
3b4e2a0bf5
No known key found for this signature in database GPG Key ID: 4AEE18F83AFDEB23
  1. 28
      deploy/vmwareuag.sh

28
deploy/vmwareuag.sh

@ -2,12 +2,12 @@
# Script for acme.sh to deploy certificates to a VMware UAG appliance # Script for acme.sh to deploy certificates to a VMware UAG appliance
# #
# The following variables can be exported:
# The following variables can be used:
# #
# export DEPLOY_VMWAREUAG_USERNAME="admin"
# export DEPLOY_VMWAREUAG_USERNAME="admin" - optional
# export DEPLOY_VMWAREUAG_PASSWORD="" - required # export DEPLOY_VMWAREUAG_PASSWORD="" - required
# export DEPLOY_VMWAREUAG_HOST="" - required (space seperated list) host:port
# export DEPLOY_VMWAREUAG_HTTPS_INSECURE="1" - defaults to insecure
# export DEPLOY_VMWAREUAG_HOST="" - required - host:port - comma seperated list
# export DEPLOY_VMWAREUAG_HTTPS_INSECURE="1" - optional - defaults to insecure
# #
# #
@ -25,11 +25,6 @@ vmwareuag_deploy() {
DEPLOY_VMWAREUAG_USERNAME_DEFAULT="admin" DEPLOY_VMWAREUAG_USERNAME_DEFAULT="admin"
DEPLOY_VMWAREUAG_HTTPS_INSECURE="1" DEPLOY_VMWAREUAG_HTTPS_INSECURE="1"
if [ -f "${DOMAIN_CONF}" ]; then
# shellcheck disable=SC1090
. "${DOMAIN_CONF}"
fi
_debug _cdomain "${_cdomain}" _debug _cdomain "${_cdomain}"
_debug _ckey "${_ckey}" _debug _ckey "${_ckey}"
_debug _ccert "${_ccert}" _debug _ccert "${_ccert}"
@ -72,8 +67,10 @@ vmwareuag_deploy() {
# Set variables for later use # Set variables for later use
_user="${Le_Deploy_vmwareuag_username}:${Le_Deploy_vmwareuag_password}" _user="${Le_Deploy_vmwareuag_username}:${Le_Deploy_vmwareuag_password}"
_privatekeypem="$(awk 'NF {sub(/\r/, ""); printf "%s\\n",$0;}' <"${_ckey}")"
_certchainpem="$(awk 'NF {sub(/\r/, ""); printf "%s\\n",$0;}' <"${_cfullchain}")"
# convert key and fullchain into "single line pem" for JSON request
_privatekeypem="$(tr '\n' '\000' <"${_ckey}" | sed 's/\x0/\\n/g')"
_certchainpem="$(tr '\n' '\000' <"${_cfullchain}" | sed 's/\x0/\\n/g')"
# api path
_path="/rest/v1/config/certs/ssl/end_user" _path="/rest/v1/config/certs/ssl/end_user"
_debug _user "${_user}" _debug _user "${_user}"
@ -83,23 +80,20 @@ vmwareuag_deploy() {
# Create JSON request # Create JSON request
_jsonreq="$(printf '{ "privateKeyPem": "%s", "certChainPem": "%s" }' "${_privatekeypem}" "${_certchainpem}")" _jsonreq="$(printf '{ "privateKeyPem": "%s", "certChainPem": "%s" }' "${_privatekeypem}" "${_certchainpem}")"
_debug JSON "${_jsonreq}"
_debug _jsonreq "${_jsonreq}"
# dont verify certs if config set # dont verify certs if config set
_old_HTTPS_INSECURE="${HTTPS_INSECURE}"
if [ "${Le_Deploy_vmwareuag_https_insecure}" = "1" ]; then if [ "${Le_Deploy_vmwareuag_https_insecure}" = "1" ]; then
# shellcheck disable=SC2034
HTTPS_INSECURE="1" HTTPS_INSECURE="1"
fi fi
# do post against UAG host(s) # do post against UAG host(s)
for _host in ${Le_Deploy_vmwareuag_host}; do
for _host in $(echo "${Le_Deploy_vmwareuag_host}" | tr ',' ' '); do
_url="https://${_host}${_path}" _url="https://${_host}${_path}"
_debug _url "${_url}" _debug _url "${_url}"
_post "${_jsonreq}" "${_url}" "" "PUT" "application/json" _post "${_jsonreq}" "${_url}" "" "PUT" "application/json"
done done
# reset HTTP_INSECURE
HTTPS_INSECURE="${_old_HTTPS_INSECURE}"
return 0 return 0
} }
Loading…
Cancel
Save