|
123456789101112131415161718192021222324252627282930313233343536373839404142434445464748495051525354555657585960616263646566676869707172737475767778798081828384858687888990919293949596979899100101102103104105106107108109110111 |
- #!/bin/bash
- ######################################################
- # Name: refresh-NebulaCA
- # Description: Creates a new cert for a node based
- # on the node cert provided.
- #
- # Created By: HMSheets
- ######################################################
-
-
- POSITIONAL=()
- while [[ $# -gt 0 ]]
- do
- key="$1"
-
- case $key in
- -n|--caname)
- CANAME="$2"
- shift # past argument
- shift # past value
- ;;
- -r|--rootpath)
- ROOTPATH="$2"
- shift # past argument
- shift # past value
- ;;
- -f|--cafilename)
- CAFILENAME="$2"
- shift # past argument
- shift # past value
- ;;
- # -k|--cakeyname)
- # CAKEYNAME="$2"
- # shift # past argument
- # shift # past value
- # ;;
- -i|--issuer)
- ISSUER="$2"
- shift # past argument
- shift # past value
- ;;
- *) # unknown option
- POSITIONAL+=("$1") # save it in an array for later
- shift # past argument
- ;;
- esac
- done
- set -- "${POSITIONAL[@]}" # restore positional parameters
-
- # Additional Parameter Evaluation
- while [ -n "$1" ]; do # while loop starts
-
- case "$1" in
-
- -h) help_msg ;; # help
-
- --h) help_msg ;; # help
-
- *) invalid_args_msg ;; #catch all
-
- esac
-
- shift
-
- done
-
- invalid_args_msg () {
- echo "Invalid Parameter(s) Entered: $1"
- exit
- }
-
- help_msg () {
- echo "Usage of refresh-NebulaCA <flags>: refresh an existing nebula ca"
- echo " -n|--caname"
- echo " Name to use for the new CA. Used in the CA cert file and in the filename"
- echo " -r|--rootpath"
- echo " Root path of existing CA"
- echo " -f|--cafilename"
- echo " Filename of the existing CA"
- echo " -i|--issuer"
- echo " Name of the Org Issuing and authorizing the creation of the new Nebula CA"
- echo " -h|--help"
- echo " This help text, but you already knew that... right?!?!"
- }
-
- DATETIME=$(date '+%Y%m%d-%H%M%S')
-
- #CANAME=$(${ROOTPATH}/nebula-cert print -path ${ROOTPATH}/${NODECERTNAME} -json | jq -s .[].details.name | sed 's/["]//g')
- #CAIPS=$(${ROOTPATH}/nebula-cert print -path ${ROOTPATH}/${NODECERTNAME} -json | jq -s --compact-output .[].details.ips | sed 's/[]["]//g')
- #NODEGROUPS=$(${ROOTPATH}/nebula-cert print -path ${ROOTPATH}/${NODECERTNAME} -json | jq -s --compact-output .[].details.groups | sed 's/[]["]//g') # | sed 's/,/ /g'))
- CERTISCASTATUS=$(${ROOTPATH}/nebula-cert print -path ${ROOTPATH}/${CAFILENAME} -json | jq -s --compact-output .[].details.isCa)
-
- # Create new file name variable
- NEWFILENAME="${CANAME}_${DATETIME}"
-
- if [[ $CERTISCASTATUS == false ]]; then
- echo "Certificate is a Node Certificate. Try again by providing the CA Certificate."
- exit
- fi
-
- if [[ $CERTISCASTATUS == true ]]; then
- echo "~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~"
- echo "Node Name: ${CANAME}"
- echo "Node IPs: ${ISSUER}"
- #echo "Node Groups: ${NODEGROUPS[@]}"
- echo "Certificate isCa Status: ${CERTISCASTATUS}"
- echo "DateTime: ${DATETIME}"
- echo "NEWFILENAME: ${NEWFILENAME}"
- echo "~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~"
- ${ROOTPATH}/nebula-cert sign -name ${CANAME} -out-crt ${ROOTPATH}/${NEWFILENAME}.crt -out-key ${ROOTPATH}/${NEWFILENAME}.key
- fi
|