diff --git a/refresh-NebulaCA b/refresh-NebulaCA index cc1f786..4d91b21 100644 --- a/refresh-NebulaCA +++ b/refresh-NebulaCA @@ -1 +1,111 @@ -#!/bin/bash \ No newline at end of file +#!/bin/bash +###################################################### +# Name: refresh-NebulaCA +# Description: Creates a new cert for a node based +# on the node cert provided. +# +# Created By: HMSheets +###################################################### + + +POSITIONAL=() +while [[ $# -gt 0 ]] +do +key="$1" + +case $key in + -n|--caname) + CANAME="$2" + shift # past argument + shift # past value + ;; + -r|--rootpath) + ROOTPATH="$2" + shift # past argument + shift # past value + ;; + -f|--cafilename) + CAFILENAME="$2" + shift # past argument + shift # past value + ;; +# -k|--cakeyname) +# CAKEYNAME="$2" +# shift # past argument +# shift # past value +# ;; + -i|--issuer) + ISSUER="$2" + shift # past argument + shift # past value + ;; + *) # unknown option + POSITIONAL+=("$1") # save it in an array for later + shift # past argument + ;; +esac +done +set -- "${POSITIONAL[@]}" # restore positional parameters + +# Additional Parameter Evaluation +while [ -n "$1" ]; do # while loop starts + + case "$1" in + + -h) help_msg ;; # help + + --h) help_msg ;; # help + + *) invalid_args_msg ;; #catch all + + esac + + shift + +done + +invalid_args_msg () { + echo "Invalid Parameter(s) Entered: $1" + exit +} + +help_msg () { + echo "Usage of refresh-NebulaCA : refresh an existing nebula ca" + echo " -n|--caname" + echo " Name to use for the new CA. Used in the CA cert file and in the filename" + echo " -r|--rootpath" + echo " Root path of existing CA" + echo " -f|--cafilename" + echo " Filename of the existing CA" + echo " -i|--issuer" + echo " Name of the Org Issuing and authorizing the creation of the new Nebula CA" + echo " -h|--help" + echo " This help text, but you already knew that... right?!?!" +} + +DATETIME=$(date '+%Y%m%d-%H%M%S') + +#CANAME=$(${ROOTPATH}/nebula-cert print -path ${ROOTPATH}/${NODECERTNAME} -json | jq -s .[].details.name | sed 's/["]//g') +#CAIPS=$(${ROOTPATH}/nebula-cert print -path ${ROOTPATH}/${NODECERTNAME} -json | jq -s --compact-output .[].details.ips | sed 's/[]["]//g') +#NODEGROUPS=$(${ROOTPATH}/nebula-cert print -path ${ROOTPATH}/${NODECERTNAME} -json | jq -s --compact-output .[].details.groups | sed 's/[]["]//g') # | sed 's/,/ /g')) +CERTISCASTATUS=$(${ROOTPATH}/nebula-cert print -path ${ROOTPATH}/${CAFILENAME} -json | jq -s --compact-output .[].details.isCa) + +# Create new file name variable +NEWFILENAME="${CANAME}_${DATETIME}" + +if [[ $CERTISCASTATUS == false ]]; then + echo "Certificate is a Node Certificate. Try again by providing the CA Certificate." + exit +fi + +if [[ $CERTISCASTATUS == true ]]; then + echo "~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~" + echo "Node Name: ${CANAME}" + echo "Node IPs: ${ISSUER}" + #echo "Node Groups: ${NODEGROUPS[@]}" + echo "Certificate isCa Status: ${CERTISCASTATUS}" + echo "DateTime: ${DATETIME}" + echo "NEWFILENAME: ${NEWFILENAME}" + echo "~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~" + ${ROOTPATH}/nebula-cert sign -name ${CANAME} -out-crt ${ROOTPATH}/${NEWFILENAME}.crt -out-key ${ROOTPATH}/${NEWFILENAME}.key +fi \ No newline at end of file