143 lines
4.6 KiB
Bash
Raw Normal View History

2019-03-20 03:03:10 +03:00
#!/usr/bin/env sh
2019-03-20 14:02:11 +03:00
# Here is the script to deploy the cert to G-Core CDN service (https://gcorelabs.com/ru/) using the G-Core Labs API (https://docs.gcorelabs.com/cdn/).
2019-03-20 03:03:10 +03:00
# Returns 0 when success.
#
# Written by temoffey <temofffey@gmail.com>
# Public domain, 2019
#export DEPLOY_GCORE_CDN_USERNAME=myusername
#export DEPLOY_GCORE_CDN_PASSWORD=mypassword
######## Public functions #####################
#domain keyfile certfile cafile fullchain
gcore_cdn_deploy() {
_cdomain="$1"
_ckey="$2"
_ccert="$3"
_cca="$4"
_cfullchain="$5"
_debug _cdomain "$_cdomain"
_debug _ckey "$_ckey"
_debug _ccert "$_ccert"
_debug _cca "$_cca"
_debug _cfullchain "$_cfullchain"
_fullchain=$(tr '\r\n' '*#' <"$_cfullchain" | sed 's/*#/#/g;s/##/#/g;s/#/\\n/g')
_key=$(tr '\r\n' '*#' <"$_ckey" | sed 's/*#/#/g;s/#/\\n/g')
2019-03-20 03:03:10 +03:00
_debug _fullchain "$_fullchain"
_debug _key "$_key"
if [ -z "$DEPLOY_GCORE_CDN_USERNAME" ]; then
if [ -z "$Le_Deploy_gcore_cdn_username" ]; then
_err "Please define the target username: export DEPLOY_GCORE_CDN_USERNAME=username"
return 1
fi
else
2019-03-20 14:02:11 +03:00
Le_Deploy_gcore_cdn_username="$DEPLOY_GCORE_CDN_USERNAME"
_savedomainconf Le_Deploy_gcore_cdn_username "$Le_Deploy_gcore_cdn_username"
2019-03-20 03:03:10 +03:00
fi
if [ -z "$DEPLOY_GCORE_CDN_PASSWORD" ]; then
if [ -z "$Le_Deploy_gcore_cdn_password" ]; then
_err "Please define the target password: export DEPLOY_GCORE_CDN_PASSWORD=password"
return 1
fi
else
2019-03-20 14:02:11 +03:00
Le_Deploy_gcore_cdn_password="$DEPLOY_GCORE_CDN_PASSWORD"
_savedomainconf Le_Deploy_gcore_cdn_password "$Le_Deploy_gcore_cdn_password"
2019-03-20 03:03:10 +03:00
fi
_info "Get authorization token"
2019-03-22 20:02:59 +03:00
_request="{\"username\":\"$Le_Deploy_gcore_cdn_username\",\"password\":\"$Le_Deploy_gcore_cdn_password\"}"
2019-03-20 03:03:10 +03:00
_debug _request "$_request"
2019-03-22 20:01:39 +03:00
export _H1="Content-Type:application/json"
2021-01-10 12:39:12 +03:00
_response=$(_post "$_request" "https://api.gcdn.co/auth/jwt/login")
2019-03-20 03:03:10 +03:00
_debug _response "$_response"
2021-01-10 12:39:12 +03:00
_regex=".*\"access\":\"\([-._0-9A-Za-z]*\)\".*$"
2019-03-22 03:41:26 +03:00
_debug _regex "$_regex"
2019-03-22 20:02:59 +03:00
_token=$(echo "$_response" | sed -n "s/$_regex/\1/p")
2019-03-20 03:03:10 +03:00
_debug _token "$_token"
2019-03-20 14:05:18 +03:00
2019-03-22 03:41:26 +03:00
if [ -z "$_token" ]; then
2019-03-20 03:03:10 +03:00
_err "Error G-Core Labs API authorization"
return 1
fi
_info "Find CDN resource with cname $_cdomain"
2019-03-22 20:01:39 +03:00
export _H2="Authorization:Token $_token"
_response=$(_get "https://api.gcdn.co/resources")
2019-03-20 03:03:10 +03:00
_debug _response "$_response"
2021-01-10 12:39:20 +03:00
_regex="\"primary_resource\":null},"
_debug _regex "$_regex"
2021-01-10 12:44:56 +03:00
_response=$(echo "$_response" | sed "s/$_regex/$_regex\n/g")
2021-01-10 12:39:20 +03:00
_debug _response "$_response"
2019-03-23 16:29:33 +03:00
_regex="^.*\"cname\":\"$_cdomain\".*$"
2019-03-22 03:41:26 +03:00
_debug _regex "$_regex"
2021-01-10 12:39:20 +03:00
_resource=$(echo "$_response" | _egrep_o "$_regex")
2019-03-20 03:03:10 +03:00
_debug _resource "$_resource"
2021-01-10 12:39:20 +03:00
_regex=".*\"id\":\([0-9]*\).*$"
2019-03-22 03:41:26 +03:00
_debug _regex "$_regex"
2019-03-22 20:02:59 +03:00
_resourceId=$(echo "$_resource" | sed -n "s/$_regex/\1/p")
2019-03-20 03:03:10 +03:00
_debug _resourceId "$_resourceId"
_regex=".*\"sslData\":\([0-9]*\).*$"
2019-03-22 03:41:26 +03:00
_debug _regex "$_regex"
2019-03-22 20:02:59 +03:00
_sslDataOld=$(echo "$_resource" | sed -n "s/$_regex/\1/p")
2019-03-20 03:03:10 +03:00
_debug _sslDataOld "$_sslDataOld"
_regex=".*\"originGroup\":\([0-9]*\).*$"
2019-03-22 03:41:26 +03:00
_debug _regex "$_regex"
2019-03-22 20:02:59 +03:00
_originGroup=$(echo "$_resource" | sed -n "s/$_regex/\1/p")
2019-03-20 03:03:10 +03:00
_debug _originGroup "$_originGroup"
2019-03-22 03:41:26 +03:00
if [ -z "$_resourceId" ] || [ -z "$_originGroup" ]; then
2019-03-20 03:03:10 +03:00
_err "Not found CDN resource with cname $_cdomain"
return 1
fi
_info "Add new SSL certificate"
_date=$(date "+%d.%m.%Y %H:%M:%S")
2019-03-22 20:02:59 +03:00
_request="{\"name\":\"$_cdomain ($_date)\",\"sslCertificate\":\"$_fullchain\",\"sslPrivateKey\":\"$_key\"}"
2019-03-20 03:03:10 +03:00
_debug _request "$_request"
2019-03-22 20:01:39 +03:00
_response=$(_post "$_request" "https://api.gcdn.co/sslData")
2019-03-20 03:03:10 +03:00
_debug _response "$_response"
_regex=".*\"id\":\([0-9]*\).*$"
2019-03-22 03:41:26 +03:00
_debug _regex "$_regex"
2019-03-22 20:02:59 +03:00
_sslDataAdd=$(echo "$_response" | sed -n "s/$_regex/\1/p")
2019-03-20 03:03:10 +03:00
_debug _sslDataAdd "$_sslDataAdd"
2019-03-22 03:41:26 +03:00
if [ -z "$_sslDataAdd" ]; then
2019-03-20 03:03:10 +03:00
_err "Error new SSL certificate add"
return 1
fi
_info "Update CDN resource"
2019-03-22 20:02:59 +03:00
_request="{\"originGroup\":$_originGroup,\"sslData\":$_sslDataAdd}"
2019-03-20 03:03:10 +03:00
_debug _request "$_request"
2019-03-22 20:01:39 +03:00
_response=$(_post "$_request" "https://api.gcdn.co/resources/$_resourceId" '' "PUT")
2019-03-20 03:03:10 +03:00
_debug _response "$_response"
_regex=".*\"sslData\":\([0-9]*\).*$"
2019-03-22 03:41:26 +03:00
_debug _regex "$_regex"
2019-03-22 20:02:59 +03:00
_sslDataNew=$(echo "$_response" | sed -n "s/$_regex/\1/p")
2019-03-20 03:03:10 +03:00
_debug _sslDataNew "$_sslDataNew"
if [ "$_sslDataNew" != "$_sslDataAdd" ]; then
_err "Error CDN resource update"
return 1
fi
if [ -z "$_sslDataOld" ] || [ "$_sslDataOld" = "null" ]; then
2019-03-20 14:02:11 +03:00
_info "Not found old SSL certificate"
2019-03-20 03:03:10 +03:00
else
_info "Delete old SSL certificate"
2019-03-22 20:01:39 +03:00
_response=$(_post '' "https://api.gcdn.co/sslData/$_sslDataOld" '' "DELETE")
2019-03-20 03:03:10 +03:00
_debug _response "$_response"
fi
_info "Certificate successfully deployed"
return 0
2019-03-20 14:02:11 +03:00
}