|
|
|
@ -18,12 +18,12 @@ |
|
|
|
|
|
|
|
rancher_deploy() { |
|
|
|
_cdomain="$1" |
|
|
|
# Further $(cat $1 | sed 's/$/\\n/' | tr -d '\n') |
|
|
|
# Further $(echo "$1" | sed 's/$/\\n/' | tr -d '\n') |
|
|
|
# Made for iclude cert in var in one line with \n |
|
|
|
_ckey=$(cat $2 | sed 's/$/\\n/' | tr -d '\n') |
|
|
|
_ccert=$(cat $3 | sed 's/$/\\n/' | tr -d '\n') |
|
|
|
_cca=$(cat $4 | sed 's/$/\\n/' | tr -d '\n') |
|
|
|
_cfullchain=$(cat $5 | sed 's/$/\\n/' | tr -d '\n') |
|
|
|
_ckey=$(echo "$2" | sed 's/$/\\n/' | tr -d '\n') |
|
|
|
_ccert=$(echo "$3" | sed 's/$/\\n/' | tr -d '\n') |
|
|
|
_cca=$(echo "$4" | sed 's/$/\\n/' | tr -d '\n') |
|
|
|
_cfullchain=$(echo "$5" | sed 's/$/\\n/' | tr -d '\n') |
|
|
|
|
|
|
|
_debug _cdomain "$_cdomain" |
|
|
|
_debug _ckey "$_ckey" |
|
|
|
@ -31,7 +31,7 @@ rancher_deploy() { |
|
|
|
_debug _cca "$_cca" |
|
|
|
_debug _cfullchain "$_cfullchain" |
|
|
|
|
|
|
|
# Check software needed |
|
|
|
# Check software needed |
|
|
|
if ! _exists curl; then |
|
|
|
_err "The command curl is not found." |
|
|
|
return 1 |
|
|
|
@ -47,7 +47,7 @@ rancher_deploy() { |
|
|
|
return 1 |
|
|
|
fi |
|
|
|
|
|
|
|
# Check environment variables and config |
|
|
|
# Check environment variables and config |
|
|
|
|
|
|
|
if [ -z "$RANCHER_ACCESS_KEY" ]; then |
|
|
|
if [ -z "$Le_rancher_access_key" ]; then |
|
|
|
@ -89,36 +89,36 @@ rancher_deploy() { |
|
|
|
_savedomainconf Le_rancher_server "$Le_rancher_server" |
|
|
|
fi |
|
|
|
|
|
|
|
# Check api connection |
|
|
|
# Check api connection |
|
|
|
response=$( |
|
|
|
curl $Le_rancher_server/v2-beta/ \ |
|
|
|
--write-out %{http_code} \ |
|
|
|
curl "$Le_rancher_server/v2-beta/" \ |
|
|
|
--write-out "%{http_code}" \ |
|
|
|
--silent \ |
|
|
|
--output /dev/null |
|
|
|
) |
|
|
|
if [[ "$response" -ge 200 && "$response" -le 299 ]]; then |
|
|
|
if [ "$response" -ge 200 ] && [ "$response" -le 299 ]; then |
|
|
|
_err "Curl failed to connect to $Le_rancher_server v2-beta API" |
|
|
|
return 1 |
|
|
|
else |
|
|
|
_info "API connected!" |
|
|
|
fi |
|
|
|
|
|
|
|
# Check if certificate already exist in rancher |
|
|
|
# Check if certificate already exist in rancher |
|
|
|
|
|
|
|
id_raw_json=`curl -s -u "$Le_rancher_access_key:$Le_rancher_secret_key" \ |
|
|
|
id_raw_json=$(curl -s -u "$Le_rancher_access_key:$Le_rancher_secret_key" \ |
|
|
|
-X GET \ |
|
|
|
-H 'Accept: application/json' \ |
|
|
|
-H 'Content-Type: application/json' \ |
|
|
|
"$Le_rancher_server/v2-beta/projects/$Le_rancher_environment/certificates?name=$_cdomain"` |
|
|
|
cert_state=$(echo $id_raw_json | awk -F='\:' -v RS='\,' "\$id_raw_json~/\"state\"/ {print}" | tr -d "\n\t" | sed -e 's/^"//' -e 's/"$//' | grep -o active) |
|
|
|
"$Le_rancher_server/v2-beta/projects/$Le_rancher_environment/certificates?name=$_cdomain") |
|
|
|
cert_state=$(echo "$id_raw_json" | awk -F='\:' -v RS='\,' "\$id_raw_json~/\"state\"/ {print}" | tr -d "\n\t" | sed -e 's/^"//' -e 's/"$//' | grep -o "active") |
|
|
|
_info "Cert state is $cert_state" |
|
|
|
if [ -z $cert_state ]; then |
|
|
|
if [ -z "$cert_state" ]; then |
|
|
|
# Add new certificate |
|
|
|
_info "Adding new cert to rancher" |
|
|
|
response=$( |
|
|
|
curl -u "$Le_rancher_access_key:$Le_rancher_secret_key" \ |
|
|
|
-X POST \ |
|
|
|
--write-out %{http_code} \ |
|
|
|
--write-out "%{http_code}" \ |
|
|
|
--silent \ |
|
|
|
--output /dev/null \ |
|
|
|
-H 'Accept: application/json' \ |
|
|
|
@ -127,25 +127,25 @@ rancher_deploy() { |
|
|
|
"$Le_rancher_server/v2-beta/projects/$Le_rancher_environment/certificates/" |
|
|
|
) |
|
|
|
_info "Update status code: $response" |
|
|
|
if [[ $response -lt 199 || $response -gt 300 ]]; then |
|
|
|
if [ "$response" -lt 199 ] || [ "$response" -gt 300 ]; then |
|
|
|
_err "Curl failed to create new cert" |
|
|
|
return 1 |
|
|
|
fi |
|
|
|
else |
|
|
|
# Get certificate ID |
|
|
|
id_raw_json=`curl -s -u "$Le_rancher_access_key:$Le_rancher_secret_key" \ |
|
|
|
id_raw_json=$(curl -s -u "$Le_rancher_access_key:$Le_rancher_secret_key" \ |
|
|
|
-X GET \ |
|
|
|
-H 'Accept: application/json' \ |
|
|
|
-H 'Content-Type: application/json' \ |
|
|
|
"$Le_rancher_server/v2-beta/projects/$Le_rancher_environment/certificates?name=$_cdomain"` |
|
|
|
cert_id=$(echo $id_raw_json | awk -F='\:' -v RS='\,' "\$id_raw_json~/\"data\"/ {print}" | tr -d "\n\t" | sed -e 's/^"//' -e 's/"$//' | sed -e 's/data.*"//') |
|
|
|
"$Le_rancher_server/v2-beta/projects/$Le_rancher_environment/certificates?name=$_cdomain") |
|
|
|
cert_id=$(echo "$id_raw_json" | awk -F='\:' -v RS='\,' "\$id_raw_json~/\"data\"/ {print}" | tr -d "\n\t" | sed -e 's/^"//' -e 's/"$//' | sed -e 's/data.*"//') |
|
|
|
_info "Cert already exist ID is: $cert_id" |
|
|
|
# Update existing certificate |
|
|
|
_info "Updating..." |
|
|
|
response=$( |
|
|
|
curl -u "$Le_rancher_access_key:$Le_rancher_secret_key" \ |
|
|
|
-X PUT \ |
|
|
|
--write-out %{http_code} \ |
|
|
|
--write-out "%{http_code}" \ |
|
|
|
--silent \ |
|
|
|
--output /dev/null \ |
|
|
|
-H 'Accept: application/json' \ |
|
|
|
@ -154,7 +154,7 @@ rancher_deploy() { |
|
|
|
"$Le_rancher_server/v2-beta/projects/$Le_rancher_environment/certificates/$cert_id" |
|
|
|
) |
|
|
|
_info "Update status code: $response" |
|
|
|
if [[ $response -lt 199 || $response -gt 300 ]]; then |
|
|
|
if [ "$response" -lt 199 ] || [ "$response" -gt 300 ]; then |
|
|
|
_err "Curl failed to update cert with id=$cert_id" |
|
|
|
return 1 |
|
|
|
fi |
|
|
|
|
Mikhail Zyablitskiy
7 years ago