hms
/
nebula-tools
1
0
Fork 0
Code Issues 0 Pull Requests 0 Releases 0 Wiki Activity
You can not select more than 25 topics Topics must start with a letter or number, can include dashes ('-') and can be up to 35 characters long.
35 Commits
1 Branch
61 KiB
 
Tree: aa1574c141
Branches Tags
${ item.name }
Create branch ${ searchTerm }
from 'aa1574c141'
${ noResults }
nebula-tools/refresh-NebulaCA

97 lines
2.9 KiB
Raw Blame History 

  1. #!/bin/bash

  2. ######################################################

  3. #        Name: refresh-NebulaCA

  4. # Description: Creates a new cert for a node based

  5. # on the node cert provided.

  6. #

  7. # Created By: HMSheets

  8. ######################################################

  9. 

  10. 

  11. POSITIONAL=()

  12. while [[ $# -gt 0 ]]

  13. do

  14. key="$1"

  15. 

  16. case $key in

  17.     -h|--help)

  18.     help_msg

  19.     ;;

  20.     -n|--caname)

  21.     CANAME="$2"

  22.     shift # past argument

  23.     shift # past value

  24.     ;;

  25.     -r|--rootpath)

  26.     ROOTPATH="$2"

  27.     shift # past argument

  28.     shift # past value

  29.     ;;

  30.     -f|--cafilename)

  31.     CAFILENAME="$2"

  32.     shift # past argument

  33.     shift # past value

  34.     ;;

  35. #    -k|--cakeyname)

  36. #    CAKEYNAME="$2"

  37. #    shift # past argument

  38. #    shift # past value

  39. #    ;;

  40.     -i|--issuer)

  41.     ISSUER="$2"

  42.     shift # past argument

  43.     shift # past value

  44.     ;;

  45.     *)    # unknown option

  46.     invalid_args_msg #catch all

  47.     ;;

  48. esac

  49. done

  50. set -- "${POSITIONAL[@]}" # restore positional parameters

  51. 

  52. invalid_args_msg () {

  53.     echo "Invalid Parameter(s) Entered: $1"

  54.     exit

  55. }

  56. 

  57. help_msg () {

  58.     echo "Usage of refresh-NebulaCA <flags>: refresh an existing nebula ca"

  59.     echo "  -n|--caname"

  60.     echo "      Name to use for the new CA. Used in the CA cert file and in the filename"

  61.     echo "  -r|--rootpath"

  62.     echo "      Root path of existing CA"

  63.     echo "  -f|--cafilename"

  64.     echo "      Filename of the existing CA"

  65.     echo "  -i|--issuer"

  66.     echo "      Name of the Org Issuing and authorizing the creation of the new Nebula CA"

  67.     echo "  -h|--help"

  68.     echo "      This help text, but you already knew that... right?!?!"

  69.     exit

  70. }

  71. 

  72. DATETIME=$(date '+%Y%m%d-%H%M%S')

  73. 

  74. #CANAME=$(${ROOTPATH}/nebula-cert print -path ${ROOTPATH}/${NODECERTNAME} -json | jq -s .[].details.name | sed 's/["]//g')

  75. #CAIPS=$(${ROOTPATH}/nebula-cert print -path ${ROOTPATH}/${NODECERTNAME} -json | jq -s --compact-output .[].details.ips | sed 's/[]["]//g')

  76. #NODEGROUPS=$(${ROOTPATH}/nebula-cert print -path ${ROOTPATH}/${NODECERTNAME} -json | jq -s --compact-output .[].details.groups | sed 's/[]["]//g') # | sed 's/,/ /g'))

  77. CERTISCASTATUS=$(${ROOTPATH}/nebula-cert print -path ${ROOTPATH}/${CAFILENAME} -json | jq -s --compact-output .[].details.isCa)

  78. 

  79. # Create new file name variable

  80. NEWFILENAME="${CANAME}_${DATETIME}"

  81. 

  82. if [[ $CERTISCASTATUS == false ]]; then

  83.     echo "Certificate is a Node Certificate. Try again by providing the CA Certificate."

  84.     exit

  85. fi

  86. 

  87. if [[ $CERTISCASTATUS == true ]]; then

  88.     echo "~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~"

  89.     echo "Node Name: ${CANAME}"

  90.     echo "Node IPs: ${ISSUER}"

  91.     #echo "Node Groups: ${NODEGROUPS[@]}"

  92.     echo "Certificate isCa Status: ${CERTISCASTATUS}"

  93.     echo "DateTime: ${DATETIME}"

  94.     echo "NEWFILENAME: ${NEWFILENAME}"

  95.     echo "~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~"

  96.     ${ROOTPATH}/nebula-cert sign -name ${CANAME} -out-crt ${ROOTPATH}/${NEWFILENAME}.crt -out-key ${ROOTPATH}/${NEWFILENAME}.key

  97. fi