Browse Source

made initial changes to refresh ca script

master
HMSheets 3 years ago
parent
commit
642541b5a1
1 changed files with 111 additions and 1 deletions
  1. +111
    -1
      refresh-NebulaCA

+ 111
- 1
refresh-NebulaCA View File

@@ -1 +1,111 @@
#!/bin/bash
#!/bin/bash
######################################################
# Name: refresh-NebulaCA
# Description: Creates a new cert for a node based
# on the node cert provided.
#
# Created By: HMSheets
######################################################


POSITIONAL=()
while [[ $# -gt 0 ]]
do
key="$1"

case $key in
-n|--caname)
CANAME="$2"
shift # past argument
shift # past value
;;
-r|--rootpath)
ROOTPATH="$2"
shift # past argument
shift # past value
;;
-f|--cafilename)
CAFILENAME="$2"
shift # past argument
shift # past value
;;
# -k|--cakeyname)
# CAKEYNAME="$2"
# shift # past argument
# shift # past value
# ;;
-i|--issuer)
ISSUER="$2"
shift # past argument
shift # past value
;;
*) # unknown option
POSITIONAL+=("$1") # save it in an array for later
shift # past argument
;;
esac
done
set -- "${POSITIONAL[@]}" # restore positional parameters

# Additional Parameter Evaluation
while [ -n "$1" ]; do # while loop starts

case "$1" in

-h) help_msg ;; # help

--h) help_msg ;; # help

*) invalid_args_msg ;; #catch all

esac

shift

done

invalid_args_msg () {
echo "Invalid Parameter(s) Entered: $1"
exit
}

help_msg () {
echo "Usage of refresh-NebulaCA <flags>: refresh an existing nebula ca"
echo " -n|--caname"
echo " Name to use for the new CA. Used in the CA cert file and in the filename"
echo " -r|--rootpath"
echo " Root path of existing CA"
echo " -f|--cafilename"
echo " Filename of the existing CA"
echo " -i|--issuer"
echo " Name of the Org Issuing and authorizing the creation of the new Nebula CA"
echo " -h|--help"
echo " This help text, but you already knew that... right?!?!"
}

DATETIME=$(date '+%Y%m%d-%H%M%S')

#CANAME=$(${ROOTPATH}/nebula-cert print -path ${ROOTPATH}/${NODECERTNAME} -json | jq -s .[].details.name | sed 's/["]//g')
#CAIPS=$(${ROOTPATH}/nebula-cert print -path ${ROOTPATH}/${NODECERTNAME} -json | jq -s --compact-output .[].details.ips | sed 's/[]["]//g')
#NODEGROUPS=$(${ROOTPATH}/nebula-cert print -path ${ROOTPATH}/${NODECERTNAME} -json | jq -s --compact-output .[].details.groups | sed 's/[]["]//g') # | sed 's/,/ /g'))
CERTISCASTATUS=$(${ROOTPATH}/nebula-cert print -path ${ROOTPATH}/${CAFILENAME} -json | jq -s --compact-output .[].details.isCa)

# Create new file name variable
NEWFILENAME="${CANAME}_${DATETIME}"

if [[ $CERTISCASTATUS == false ]]; then
echo "Certificate is a Node Certificate. Try again by providing the CA Certificate."
exit
fi

if [[ $CERTISCASTATUS == true ]]; then
echo "~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~"
echo "Node Name: ${CANAME}"
echo "Node IPs: ${ISSUER}"
#echo "Node Groups: ${NODEGROUPS[@]}"
echo "Certificate isCa Status: ${CERTISCASTATUS}"
echo "DateTime: ${DATETIME}"
echo "NEWFILENAME: ${NEWFILENAME}"
echo "~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~"
${ROOTPATH}/nebula-cert sign -name ${CANAME} -out-crt ${ROOTPATH}/${NEWFILENAME}.crt -out-key ${ROOTPATH}/${NEWFILENAME}.key
fi

Loading…
Cancel
Save