hms
/
nebula-tools
1
0
Derivar 0
Código Questões 0 Pedidos de integração 0 Lançamentos 0 Wiki Trabalho
Não pode escolher mais do que 25 tópicos Os tópicos devem começar com uma letra ou um número, podem incluir traços ('-') e podem ter até 35 caracteres.
41 Cometimentos
1 Ramo
61 KiB
 
Árvore: 9a3668937e
Ramos Etiquetas
${ item.name }
Criar ramo ${ searchTerm }
de '9a3668937e'
${ noResults }
nebula-tools/refresh-NebulaCA

133 linhas
3.3 KiB
Em bruto Responsabilidade Histórico 

  1. #!/bin/bash

  2. ######################################################

  3. #        Name: refresh-NebulaCA

  4. # Description: Creates a new cert for a node based

  5. # on the node cert provided.

  6. #

  7. # Created By: HMSheets

  8. ######################################################

  9. 

  10. # Try Catch Functions

  11. function try()

  12. {

  13.     [[ $- = *e* ]]; SAVED_OPT_E=$?

  14.     set +e

  15. }

  16. 

  17. function throw()

  18. {

  19.     exit $1

  20. }

  21. 

  22. function catch()

  23. {

  24.     export ex_code=$?

  25.     (( $SAVED_OPT_E )) && set +e

  26.     return $ex_code

  27. }

  28. 

  29. function throwErrors()

  30. {

  31.     set -e

  32. }

  33. 

  34. function ignoreErrors()

  35. {

  36.     set +e

  37. }

  38. 

  39. # Parameter Eval Fuctions

  40. function invalid_args_msg () {

  41.     echo "Invalid Parameter(s) Entered"

  42.     exit

  43. }

  44. 

  45. function help_msg () {

  46.     echo "Usage of refresh-NebulaCA <flags>: refresh an existing nebula ca"

  47.     echo "  -n|--caname"

  48.     echo "      Name to use for the new CA. Used in the CA cert file and in the filename"

  49.     echo "  -r|--rootpath"

  50.     echo "      Root path of existing CA"

  51.     echo "  -f|--cafilename"

  52.     echo "      Filename of the existing CA"

  53.     #echo "  -i|--issuer"

  54.     #echo "      Name of the Org Issuing and authorizing the creation of the new Nebula CA"

  55.     echo "  -h|--help"

  56.     echo "      This help text, but you already knew that... right?!?!"

  57.     exit

  58. }

  59. 

  60. # Parameter Evaluation while loop

  61. POSITIONAL=()

  62. while [[ $# -gt 0 ]]

  63. do

  64. key="$1"

  65. 

  66. case $key in

  67.     -h|--help)

  68.     help_msg

  69.     ;;

  70.     -n|--caname)

  71.     CANAME="$2"

  72.     shift # past argument

  73.     shift # past value

  74.     ;;

  75.     -r|--rootpath)

  76.     ROOTPATH="$2"

  77.     shift # past argument

  78.     shift # past value

  79.     ;;

  80.     -f|--cafilename)

  81.     CAFILENAME="$2"

  82.     shift # past argument

  83.     shift # past value

  84.     ;;

  85. #    -k|--cakeyname)

  86. #    CAKEYNAME="$2"

  87. #    shift # past argument

  88. #    shift # past value

  89. #    ;;

  90. #    -i|--issuer)

  91. #    ISSUER="$2"

  92. #    shift # past argument

  93. #    shift # past value

  94. #    ;;

  95.     *)    # unknown option

  96.     invalid_args_msg #catch all

  97.     ;;

  98. esac

  99. done

  100. set -- "${POSITIONAL[@]}" # restore positional parameters

  101. 

  102. DATETIME=$(date '+%Y%m%d-%H%M%S')

  103. 

  104. #CANAME=$(${ROOTPATH}/nebula-cert print -path ${ROOTPATH}/${NODECERTNAME} -json | jq -s .[].details.name | sed 's/["]//g')

  105. #CAIPS=$(${ROOTPATH}/nebula-cert print -path ${ROOTPATH}/${NODECERTNAME} -json | jq -s --compact-output .[].details.ips | sed 's/[]["]//g')

  106. #NODEGROUPS=$(${ROOTPATH}/nebula-cert print -path ${ROOTPATH}/${NODECERTNAME} -json | jq -s --compact-output .[].details.groups | sed 's/[]["]//g') # | sed 's/,/ /g'))

  107. CERTISCASTATUS=$(${ROOTPATH}/nebula-cert print -path ${ROOTPATH}/${CAFILENAME} -json | jq -s --compact-output .[].details.isCa)

  108. 

  109. # Create new file name variable

  110. NEWFILENAME="${CANAME}_${DATETIME}"

  111. 

  112. if [[ $CERTISCASTATUS == false ]]; then

  113.     echo "Certificate is a Node Certificate. Try again by providing the CA Certificate."

  114.     exit

  115. fi

  116. 

  117. if [[ $CERTISCASTATUS == true ]]; then

  118.     echo "~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~"

  119.     echo "Node Name: ${CANAME}"

  120.     #echo "Node IPs: ${ISSUER}"

  121.     #echo "Node Groups: ${NODEGROUPS[@]}"

  122.     echo "Certificate isCa Status: ${CERTISCASTATUS}"

  123.     echo "DateTime: ${DATETIME}"

  124.     echo "NEWFILENAME: ${NEWFILENAME}"

  125.     echo "~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~"

  126.     try

  127.     (

  128.         ${ROOTPATH}/nebula-cert sign -name ${CANAME} -out-crt ${ROOTPATH}/${NEWFILENAME}.crt -out-key ${ROOTPATH}/${NEWFILENAME}.key

  129.     )

  130.     catch || {

  131.         help_msg

  132.     }

  133. fi