hms
/
nebula-tools
1
0
Fork 0
Code Issues 0 Pull Requests 0 Releases 0 Wiki Activity
You can not select more than 25 topics Topics must start with a letter or number, can include dashes ('-') and can be up to 35 characters long.
36 Commits
1 Branch
61 KiB
 
Tree: 3399f07f00
Branches Tags
${ item.name }
Create branch ${ searchTerm }
from '3399f07f00'
${ noResults }
nebula-tools/refresh-NebulaCA

96 lines
2.9 KiB
Raw Blame History 

  1. #!/bin/bash

  2. ######################################################

  3. #        Name: refresh-NebulaCA

  4. # Description: Creates a new cert for a node based

  5. # on the node cert provided.

  6. #

  7. # Created By: HMSheets

  8. ######################################################

  9. 

  10. invalid_args_msg () {

  11.     echo "Invalid Parameter(s) Entered: $1"

  12.     exit

  13. }

  14. 

  15. help_msg () {

  16.     echo "Usage of refresh-NebulaCA <flags>: refresh an existing nebula ca"

  17.     echo "  -n|--caname"

  18.     echo "      Name to use for the new CA. Used in the CA cert file and in the filename"

  19.     echo "  -r|--rootpath"

  20.     echo "      Root path of existing CA"

  21.     echo "  -f|--cafilename"

  22.     echo "      Filename of the existing CA"

  23.     echo "  -i|--issuer"

  24.     echo "      Name of the Org Issuing and authorizing the creation of the new Nebula CA"

  25.     echo "  -h|--help"

  26.     echo "      This help text, but you already knew that... right?!?!"

  27.     exit

  28. }

  29. 

  30. POSITIONAL=()

  31. while [[ $# -gt 0 ]]

  32. do

  33. key="$1"

  34. 

  35. case $key in

  36.     -h|--help)

  37.     help_msg

  38.     ;;

  39.     -n|--caname)

  40.     CANAME="$2"

  41.     shift # past argument

  42.     shift # past value

  43.     ;;

  44.     -r|--rootpath)

  45.     ROOTPATH="$2"

  46.     shift # past argument

  47.     shift # past value

  48.     ;;

  49.     -f|--cafilename)

  50.     CAFILENAME="$2"

  51.     shift # past argument

  52.     shift # past value

  53.     ;;

  54. #    -k|--cakeyname)

  55. #    CAKEYNAME="$2"

  56. #    shift # past argument

  57. #    shift # past value

  58. #    ;;

  59.     -i|--issuer)

  60.     ISSUER="$2"

  61.     shift # past argument

  62.     shift # past value

  63.     ;;

  64.     *)    # unknown option

  65.     invalid_args_msg #catch all

  66.     ;;

  67. esac

  68. done

  69. set -- "${POSITIONAL[@]}" # restore positional parameters

  70. 

  71. DATETIME=$(date '+%Y%m%d-%H%M%S')

  72. 

  73. #CANAME=$(${ROOTPATH}/nebula-cert print -path ${ROOTPATH}/${NODECERTNAME} -json | jq -s .[].details.name | sed 's/["]//g')

  74. #CAIPS=$(${ROOTPATH}/nebula-cert print -path ${ROOTPATH}/${NODECERTNAME} -json | jq -s --compact-output .[].details.ips | sed 's/[]["]//g')

  75. #NODEGROUPS=$(${ROOTPATH}/nebula-cert print -path ${ROOTPATH}/${NODECERTNAME} -json | jq -s --compact-output .[].details.groups | sed 's/[]["]//g') # | sed 's/,/ /g'))

  76. CERTISCASTATUS=$(${ROOTPATH}/nebula-cert print -path ${ROOTPATH}/${CAFILENAME} -json | jq -s --compact-output .[].details.isCa)

  77. 

  78. # Create new file name variable

  79. NEWFILENAME="${CANAME}_${DATETIME}"

  80. 

  81. if [[ $CERTISCASTATUS == false ]]; then

  82.     echo "Certificate is a Node Certificate. Try again by providing the CA Certificate."

  83.     exit

  84. fi

  85. 

  86. if [[ $CERTISCASTATUS == true ]]; then

  87.     echo "~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~"

  88.     echo "Node Name: ${CANAME}"

  89.     echo "Node IPs: ${ISSUER}"

  90.     #echo "Node Groups: ${NODEGROUPS[@]}"

  91.     echo "Certificate isCa Status: ${CERTISCASTATUS}"

  92.     echo "DateTime: ${DATETIME}"

  93.     echo "NEWFILENAME: ${NEWFILENAME}"

  94.     echo "~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~"

  95.     ${ROOTPATH}/nebula-cert sign -name ${CANAME} -out-crt ${ROOTPATH}/${NEWFILENAME}.crt -out-key ${ROOTPATH}/${NEWFILENAME}.key

  96. fi