hms
/
nebula-tools
1
0
Fork 0
Code Issues 0 Pull Requests 0 Releases 0 Wiki Activity
You can not select more than 25 topics Topics must start with a letter or number, can include dashes ('-') and can be up to 35 characters long.
42 Commits
1 Branch
61 KiB
 
Branch: master
Branches Tags
${ item.name }
Create branch ${ searchTerm }
from 'master'
${ noResults }
nebula-tools/update-NebulaNodeCert

75 lines
2.4 KiB
Raw Permalink Blame History 

  1. #!/bin/bash

  2. ######################################################

  3. #        Name: update-NebulaNodeCert

  4. # Description: Creates a new cert for a node based

  5. # on the node cert provided.

  6. #

  7. # Created By: HMSheets

  8. ######################################################

  9. 

  10. 

  11. POSITIONAL=()

  12. while [[ $# -gt 0 ]]

  13. do

  14. key="$1"

  15. 

  16. case $key in

  17.     -n|--nodecertname)

  18.     NODECERTNAME="$2"

  19.     shift # past argument

  20.     shift # past value

  21.     ;;

  22.     -r|--rootpath) # do not add a trailing '/'

  23.     ROOTPATH="$2"

  24.     shift # past argument

  25.     shift # past value

  26.     ;;

  27.     -c|--cacertname)

  28.     CACERTNAME="$2"

  29.     shift # past argument

  30.     shift # past value

  31.     ;;

  32.     -k|--cakeyname)

  33.     CAKEYNAME="$2"

  34.     shift # past argument

  35.     shift # past value

  36.     ;;

  37.     *)    # unknown option

  38.     POSITIONAL+=("$1") # save it in an array for later

  39.     shift # past argument

  40.     ;;

  41. esac

  42. done

  43. set -- "${POSITIONAL[@]}" # restore positional parameters

  44. 

  45. if [[ -n $1 ]]; then

  46.     echo "Invalid Parameter(s) Entered: $1"

  47.     exit

  48. fi

  49. 

  50. DATETIME=$(date '+%Y%m%d-%H%M%S')

  51. 

  52. NODENAME=$(${ROOTPATH}/nebula-cert print -path ${ROOTPATH}/${NODECERTNAME} -json | jq -s .[].details.name | sed 's/["]//g')

  53. NODEIPS=$(${ROOTPATH}/nebula-cert print -path ${ROOTPATH}/${NODECERTNAME} -json | jq -s --compact-output .[].details.ips | sed 's/[]["]//g')

  54. NODEGROUPS=$(${ROOTPATH}/nebula-cert print -path ${ROOTPATH}/${NODECERTNAME} -json | jq -s --compact-output .[].details.groups | sed 's/[]["]//g') # | sed 's/,/ /g'))

  55. CERTISCASTATUS=$(${ROOTPATH}/nebula-cert print -path ${ROOTPATH}/${NODECERTNAME} -json | jq -s --compact-output .[].details.isCa)

  56. 

  57. # Create new file name variable

  58. NEWFILENAME="${NODENAME}_${DATETIME}"

  59. 

  60. if [[ $CERTISCASTATUS == true ]]; then

  61.     echo "Certificate is the root CA Certificate. Try again with a node certificate."

  62.     exit

  63. fi

  64. 

  65. if [[ $CERTISCASTATUS == false ]]; then

  66.     echo "~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~"

  67.     echo "Node Name: ${NODENAME}"

  68.     echo "Node IPs: ${NODEIPS}"

  69.     echo "Node Groups: ${NODEGROUPS[@]}"

  70.     echo "Certificate isCa Status: ${CERTISCASTATUS}"

  71.     echo "DateTime: ${DATETIME}"

  72.     echo "NEWFILENAME: ${NEWFILENAME}"

  73.     echo "~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~"

  74.     ${ROOTPATH}/nebula-cert sign -groups ${NODEGROUPS[@]} -ip ${NODEIPS} -name ${NODENAME} -ca-crt ${ROOTPATH}/${CACERTNAME} -ca-key ${ROOTPATH}/${CAKEYNAME} -out-crt ${ROOTPATH}/${NEWFILENAME}.crt -out-key ${ROOTPATH}/${NEWFILENAME}.key

  75. fi