forked from 0k/0k-charms
Browse Source
fix: [letsencrypt] use action ``crt {renew,create}`` to manage properly renewal.
framadate
fix: [letsencrypt] use action ``crt {renew,create}`` to manage properly renewal.
framadate
Valentin Lab
6 years ago
15 changed files with 1444 additions and 100 deletions
-
4apache/lib/common
-
8apache/test/vhost_cert_provider
-
53letsencrypt/actions/crt
-
77letsencrypt/hooks/dc-pre-run
-
2letsencrypt/hooks/schedule_command-relation-joined
-
347letsencrypt/lib/common
-
3letsencrypt/metadata.yml
-
218letsencrypt/test/crt
-
296letsencrypt/test/crt_create
-
178letsencrypt/test/crt_renew
-
61letsencrypt/test/get_challenge_type
-
142letsencrypt/test/get_dc_env
-
96letsencrypt/test/valid_existing_cert
-
33letsencrypt/test/yaml_opt_bash_env
-
26letsencrypt/test/yaml_opt_bash_env_ignore_first_level
@ -0,0 +1,53 @@ |
|||
#!/bin/bash |
|||
|
|||
if [ -z "$SERVICE_DATASTORE" ]; then |
|||
echo "This script is meant to be run through 'compose' to work properly." >&2 |
|||
exit 1 |
|||
fi |
|||
|
|||
. /etc/shlib |
|||
|
|||
include parse |
|||
include pretty |
|||
|
|||
. $CHARM_PATH/lib/common |
|||
|
|||
usage=" |
|||
$exname [-h|--help] |
|||
$exname create MAIN_DOMAIN [DOMAINS..] |
|||
$exname renew |
|||
" |
|||
|
|||
if [ "$#" == 0 ]; then |
|||
err "Please specify an action" |
|||
print_usage |
|||
exit 1 |
|||
fi |
|||
|
|||
while [ "$1" ]; do |
|||
case "$1" in |
|||
"--help"|"-h") |
|||
print_usage |
|||
exit 0 |
|||
;; |
|||
renew) |
|||
exname="$exname $1" |
|||
shift |
|||
crt_renew "$@" |
|||
exit $? |
|||
;; |
|||
create) |
|||
exname="$exname $1" |
|||
shift |
|||
crt_create "$@" |
|||
exit $? |
|||
;; |
|||
*) |
|||
err "Wrong argument" |
|||
print_usage |
|||
exit 1 |
|||
;; |
|||
esac |
|||
shift |
|||
done |
|||
|
@ -1,77 +0,0 @@ |
|||
#!/bin/bash |
|||
|
|||
## Init is run on host |
|||
## For now it is run every time the script is launched, but |
|||
## it should be launched only once after build. |
|||
|
|||
## Accessible variables are: |
|||
## - SERVICE_NAME Name of current service |
|||
## - DOCKER_BASE_IMAGE Base image from which this service might be built if any |
|||
## - SERVICE_DATASTORE Location on host of the DATASTORE of this service |
|||
## - SERVICE_CONFIGSTORE Location on host of the CONFIGSTORE of this service |
|||
|
|||
aimport remainder_args |
|||
case "${remainder_args[@]:0:2}" in |
|||
"crt info"|"crt list") |
|||
exit 0 |
|||
;; |
|||
esac |
|||
|
|||
. lib/common || exit 1 |
|||
|
|||
set -e |
|||
|
|||
|
|||
service_def=$(get_compose_service_def "$SERVICE_NAME") |
|||
|
|||
config=" |
|||
$SERVICE_NAME: |
|||
environment: |
|||
" |
|||
if USER_EMAIL=$(echo "$service_def" | shyaml get-value options.email 2>/dev/null); then |
|||
config+=" LETSENCRYPT_USER_MAIL: $USER_EMAIL" |
|||
fi |
|||
|
|||
if environment_def="$(printf "%s" "$service_def" | shyaml -y get-value options.env 2>/dev/null)"; then |
|||
while read-0 key value; do |
|||
config+="$(printf "\n %s: %s" "$key" "$value")" |
|||
done < <(printf "%s" "$environment_def" | yaml_opt_bash_env_ignore_first_level LEXICON) |
|||
|
|||
if ! provider=$(printf "%s" "$environment_def" | shyaml -y get-value provider 2>/dev/null); then |
|||
provider= |
|||
## If no provider is given, we fallback on the first found |
|||
|
|||
while read-0 key value; do |
|||
[[ "$(echo "$value" | shyaml get-type)" == "struct" ]] && { |
|||
provider="$key" |
|||
break |
|||
} |
|||
done < <(echo "$environment_def" | shyaml key-values-0) |
|||
warn "No ${WHITE}provider${NORMAL} key given, had to infer it, chose '$key'." |
|||
fi |
|||
|
|||
config+=$(echo -en "\n LEXICON_PROVIDER: $provider") |
|||
fi |
|||
|
|||
if ! challenge_type=$(printf "%s" "$service_def" | shyaml get-value "options.challenge-type" 2>/dev/null); then |
|||
warn "No ${WHITE}challenge-type${NORMAL} provided, defaulting to 'http'." |
|||
challenge_type=http |
|||
fi |
|||
config+=$(echo -en "\n CHALLENGE_TYPE: $challenge_type") |
|||
|
|||
if will_need_http_access; then |
|||
while read container_id; do |
|||
info "Attempting to clear port 80 by stopping $container_id" |
|||
docker stop -t 5 "$container_id" |
|||
done < <(docker ps \ |
|||
--filter label="compose.project=$PROJECT_NAME" \ |
|||
--filter publish=80 \ |
|||
--format "{{.ID}}" |
|||
) |
|||
config+=$(echo -en "\n ports: |
|||
- \"0.0.0.0:80:80\"") |
|||
fi |
|||
|
|||
init-config-add "$config" |
|||
|
|||
mkdir -p "$SERVICE_DATASTORE/etc/letsencrypt" |
@ -0,0 +1,218 @@ |
|||
#!/bin/bash |
|||
|
|||
exname=$(basename $0) |
|||
|
|||
prefix_cmd=" |
|||
. /etc/shlib |
|||
|
|||
include common |
|||
include parse |
|||
|
|||
. ../lib/common |
|||
|
|||
get_dc_env() { |
|||
local i |
|||
echo \"Calling get_dc_env\" >&2 |
|||
((i=0)) |
|||
for arg in \"\$@\"; do |
|||
echo \" arg\$((i++)):\" |
|||
echo \"\$arg\" | prefix \" | \" |
|||
done >&2 |
|||
echo \"\$GET_DC_ENV\" |
|||
} |
|||
export -f get_dc_env |
|||
|
|||
will_need_http_access() { |
|||
local i |
|||
echo \"Calling will_need_http_access\" >&2 |
|||
((i=0)) |
|||
for arg in \"\$@\"; do |
|||
echo \" arg\$((i++)):\" |
|||
echo \"\$arg\" | prefix \" | \" |
|||
done >&2 |
|||
[ \"\$WILL_NEED_HTTP_ACCESS\" == 'yes' ] |
|||
} |
|||
export -f will_need_http_access |
|||
|
|||
|
|||
|
|||
" |
|||
|
|||
## |
|||
## Mocks |
|||
## |
|||
|
|||
cfg-get-value() { |
|||
local key="$1" |
|||
shyaml get-value "$key" 2>/dev/null |
|||
} |
|||
export -f cfg-get-value |
|||
|
|||
file_put() { |
|||
echo "file_put $1" |
|||
cat - | prefix " | " |
|||
} |
|||
export -f file_put |
|||
|
|||
docker() { |
|||
local i |
|||
echo "Calling: docker" >&2 |
|||
((i=0)) |
|||
for arg in "$@"; do |
|||
echo " arg$((i++)):" |
|||
echo "$arg" | prefix " | " |
|||
done >&2 |
|||
if [ "$1" == "ps" ]; then |
|||
echo "$DOCKER_PS" |
|||
fi |
|||
} |
|||
export -f docker |
|||
|
|||
yaml_key_val_str() { |
|||
printf "%s:\n%s" "$1" "$(echo "$2" | prefix " ")" |
|||
} |
|||
export -f yaml_key_val_str |
|||
|
|||
compose() { |
|||
local i |
|||
echo "Calling: compose" >&2 |
|||
((i=0)) |
|||
for arg in "$@"; do |
|||
echo " arg$((i++)):" |
|||
echo "$arg" | prefix " | " |
|||
done >&2 |
|||
} |
|||
export -f compose |
|||
|
|||
|
|||
|
|||
try " |
|||
SERVICE_NAME='\$SERVICE_NAME' |
|||
WILL_NEED_HTTP_ACCESS= |
|||
crt '' create www.example.com |
|||
" |
|||
is err reg 'Calling get_dc_env |
|||
arg0: |
|||
| |
|||
arg1: |
|||
| create |
|||
arg2: |
|||
| www.example.com |
|||
Calling will_need_http_access |
|||
arg0: |
|||
| |
|||
arg1: |
|||
| create |
|||
arg2: |
|||
| www.example.com |
|||
Calling: compose |
|||
.* |
|||
| run |
|||
.* |
|||
| letsencrypt |
|||
.* |
|||
| crt |
|||
.* |
|||
| create |
|||
.* |
|||
| www.example.com' RTRIM |
|||
is errlvl 0 |
|||
is out '' |
|||
|
|||
try " |
|||
SERVICE_NAME='\$SERVICE_NAME' |
|||
GET_DC_ENV=' |
|||
\$SERVICE_NAME: |
|||
environment: |
|||
LETSENCRYPT_USER_MAIL: foo@example.com |
|||
LEXICON_OVH_FOO: 1 |
|||
LEXICON_PROVIDER: wiz |
|||
' |
|||
WILL_NEED_HTTP_ACCESS= |
|||
crt '' create www.example.com |
|||
" |
|||
is err reg 'Calling: compose |
|||
.* |
|||
| --add-compose-content |
|||
.* |
|||
| docker-compose: |
|||
| $SERVICE_NAME: |
|||
| environment: |
|||
| LETSENCRYPT_USER_MAIL: foo@example.com |
|||
| LEXICON_OVH_FOO: 1 |
|||
| LEXICON_PROVIDER: wiz |
|||
.* |
|||
| run |
|||
.* |
|||
| letsencrypt |
|||
.* |
|||
| crt |
|||
.* |
|||
| create |
|||
.* |
|||
| www.example.com' RTRIM |
|||
is errlvl 0 |
|||
|
|||
|
|||
try " |
|||
SERVICE_NAME='\$SERVICE_NAME' |
|||
GET_DC_ENV=' |
|||
\$SERVICE_NAME: |
|||
environment: |
|||
LETSENCRYPT_USER_MAIL: foo@example.com |
|||
LEXICON_OVH_FOO: 1 |
|||
LEXICON_PROVIDER: wiz |
|||
' |
|||
WILL_NEED_HTTP_ACCESS=yes |
|||
DOCKER_PS= |
|||
crt '' create www.example.com |
|||
" "need http acces, no docker on port 80" |
|||
is err part 'Calling: docker |
|||
arg0: |
|||
| ps' RTRIM |
|||
is errlvl 0 |
|||
is out '' |
|||
|
|||
try " |
|||
GET_DC_ENV=' |
|||
\$SERVICE_NAME: |
|||
environment: |
|||
LETSENCRYPT_USER_MAIL: foo@example.com |
|||
LEXICON_OVH_FOO: 1 |
|||
LEXICON_PROVIDER: wiz |
|||
' |
|||
WILL_NEED_HTTP_ACCESS=yes |
|||
DOCKER_PS=' |
|||
docker_1 |
|||
docker_2 |
|||
' |
|||
crt '' create www.example.com |
|||
" "need http acces, 2 dockers on port 80" |
|||
is err reg 'II Attempting to clear port 80 by stopping docker_1 |
|||
Calling: docker |
|||
arg0: |
|||
. stop |
|||
.* |
|||
. docker_1 |
|||
II Attempting to clear port 80 by stopping docker_2 |
|||
Calling: docker |
|||
arg0: |
|||
. stop |
|||
.* |
|||
. docker_2 |
|||
Calling: compose |
|||
.* |
|||
II Attempting restart docker_1 |
|||
Calling: docker |
|||
arg0: |
|||
. start |
|||
.* |
|||
. docker_1 |
|||
II Attempting restart docker_2 |
|||
Calling: docker |
|||
arg0: |
|||
. start |
|||
.* |
|||
. docker_2' RTRIM |
|||
is errlvl 0 |
|||
is out '' |
@ -0,0 +1,296 @@ |
|||
#!/bin/bash |
|||
|
|||
exname=$(basename $0) |
|||
|
|||
prefix_cmd=" |
|||
. /etc/shlib |
|||
|
|||
include common |
|||
include parse |
|||
|
|||
. ../lib/common |
|||
|
|||
valid_existing_cert() { |
|||
local i |
|||
echo \"Calling valid_existing_cert\" >&2 |
|||
((i=0)) |
|||
for arg in \"\$@\"; do |
|||
echo \" arg\$((i++)):\" |
|||
echo \"\$arg\" | prefix \" | \" |
|||
done >&2 |
|||
return \"\$VALID_EXISTING_CERT\" |
|||
} |
|||
export -f valid_existing_cert |
|||
|
|||
crt() { |
|||
local i |
|||
echo \"Calling crt\" >&2 |
|||
((i=0)) |
|||
for arg in \"\$@\"; do |
|||
echo \" arg\$((i++)):\" |
|||
echo \"\$arg\" | prefix \" | \" |
|||
done >&2 |
|||
return \$CRT |
|||
} |
|||
export -f crt |
|||
|
|||
|
|||
letsencrypt_set_renew_before_expiry() { |
|||
local i |
|||
echo \"Calling letsencrypt_set_renew_before_expiry\" >&2 |
|||
((i=0)) |
|||
for arg in \"\$@\"; do |
|||
echo \" arg\$((i++)):\" |
|||
echo \"\$arg\" | prefix \" | \" |
|||
done >&2 |
|||
[ \"\$LETSENCRYPT_SET_RENEW_BEFORE_EXPIRY\" == \"yes\" ] |
|||
} |
|||
export -f letsencrypt_set_renew_before_expiry |
|||
|
|||
|
|||
letsencrypt_cert_delete() { |
|||
local i |
|||
echo \"Calling letsencrypt_cert_delete\" >&2 |
|||
((i=0)) |
|||
for arg in \"\$@\"; do |
|||
echo \" arg\$((i++)):\" |
|||
echo \"\$arg\" | prefix \" | \" |
|||
done >&2 |
|||
[ \"\$LETSENCRYPT_CERT_DELETE\" == \"yes\" ] |
|||
} |
|||
export -f letsencrypt_cert_delete |
|||
|
|||
|
|||
" |
|||
|
|||
## |
|||
## Mocks |
|||
## |
|||
|
|||
get_compose_service_def() { |
|||
local i |
|||
echo "Calling: get_compose_service_def" >&2 |
|||
((i=0)) |
|||
for arg in "$@"; do |
|||
echo " arg$((i++)):" |
|||
echo "$arg" | prefix " | " |
|||
done >&2 |
|||
echo "$GET_COMPOSE_SERVICE_DEF" |
|||
} |
|||
export -f get_compose_service_def |
|||
|
|||
|
|||
|
|||
try " |
|||
exname=\"crt create\" |
|||
SERVICE_NAME='\$SERVICE_NAME' |
|||
GET_COMPOSE_SERVICE_DEF= |
|||
VALID_EXISTING_CERT=1 |
|||
crt_create |
|||
" |
|||
is err 'Error: At least one domain should be provided as argument. |
|||
usage: |
|||
crt create [-h|--help] |
|||
crt create MAIN_DOMAIN [ALT_DOMAINS...]' RTRIM |
|||
is errlvl 1 |
|||
|
|||
|
|||
try " |
|||
exname=\"crt create\" |
|||
SERVICE_NAME='\$SERVICE_NAME' |
|||
GET_COMPOSE_SERVICE_DEF= |
|||
VALID_EXISTING_CERT=1 |
|||
crt_create --help |
|||
" |
|||
is err '' |
|||
is out 'usage: |
|||
crt create [-h|--help] |
|||
crt create MAIN_DOMAIN [ALT_DOMAINS...]' RTRIM |
|||
is errlvl 0 |
|||
|
|||
|
|||
try " |
|||
CRT=0 |
|||
exname=\"crt create\" |
|||
SERVICE_NAME='\$SERVICE_NAME' |
|||
GET_COMPOSE_SERVICE_DEF= |
|||
VALID_EXISTING_CERT=1 |
|||
LETSENCRYPT_SET_RENEW_BEFORE_EXPIRY=yes |
|||
crt_create www.example.com |
|||
" "invalid cert" |
|||
is err 'Calling: get_compose_service_def |
|||
arg0: |
|||
| $SERVICE_NAME |
|||
Calling valid_existing_cert |
|||
arg0: |
|||
| 30 |
|||
arg1: |
|||
| www.example.com |
|||
Calling crt |
|||
arg0: |
|||
| |
|||
arg1: |
|||
| create |
|||
arg2: |
|||
| www.example.com |
|||
Calling letsencrypt_set_renew_before_expiry |
|||
arg0: |
|||
| www.example.com |
|||
arg1: |
|||
| 30' RTRIM |
|||
is out '' RTRIM |
|||
is errlvl 0 |
|||
|
|||
|
|||
try " |
|||
exname=\"crt create\" |
|||
SERVICE_NAME='\$SERVICE_NAME' |
|||
GET_COMPOSE_SERVICE_DEF= |
|||
VALID_EXISTING_CERT=0 |
|||
LETSENCRYPT_SET_RENEW_BEFORE_EXPIRY=yes |
|||
crt_create www.example.com |
|||
" "valid cert" |
|||
is err 'Calling: get_compose_service_def |
|||
arg0: |
|||
| $SERVICE_NAME |
|||
Calling valid_existing_cert |
|||
arg0: |
|||
| 30 |
|||
arg1: |
|||
| www.example.com |
|||
II A valid cert already exists for domain www.example.com.' RTRIM |
|||
is out '' RTRIM |
|||
is errlvl 0 |
|||
|
|||
|
|||
try " |
|||
exname=\"crt create\" |
|||
SERVICE_NAME='\$SERVICE_NAME' |
|||
GET_COMPOSE_SERVICE_DEF= |
|||
VALID_EXISTING_CERT=0 |
|||
LETSENCRYPT_SET_RENEW_BEFORE_EXPIRY=yes |
|||
crt_create www.example.com -f |
|||
" "valid cert but force" |
|||
is err 'Calling: get_compose_service_def |
|||
arg0: |
|||
| $SERVICE_NAME |
|||
Calling valid_existing_cert |
|||
arg0: |
|||
| 30 |
|||
arg1: |
|||
| www.example.com |
|||
Calling crt |
|||
arg0: |
|||
| |
|||
arg1: |
|||
| create |
|||
arg2: |
|||
| www.example.com |
|||
Calling letsencrypt_set_renew_before_expiry |
|||
arg0: |
|||
| www.example.com |
|||
arg1: |
|||
| 30' RTRIM |
|||
is out '' RTRIM |
|||
is errlvl 0 |
|||
|
|||
|
|||
try " |
|||
exname=\"crt create\" |
|||
SERVICE_NAME='\$SERVICE_NAME' |
|||
LETSENCRYPT_SET_RENEW_BEFORE_EXPIRY=yes |
|||
GET_COMPOSE_SERVICE_DEF=' |
|||
a: 1 |
|||
options: |
|||
foo: bar' |
|||
VALID_EXISTING_CERT=1 |
|||
crt_create www.example.com |
|||
" "not valid, cfg is passed correctly" |
|||
is err reg 'Calling crt |
|||
arg0: |
|||
. foo: bar |
|||
arg1: |
|||
. create |
|||
arg2: |
|||
. www.example.com' RTRIM |
|||
is out '' RTRIM |
|||
is errlvl 0 |
|||
|
|||
|
|||
try " |
|||
exname=\"crt create\" |
|||
SERVICE_NAME='\$SERVICE_NAME' |
|||
GET_COMPOSE_SERVICE_DEF=' |
|||
a: 1 |
|||
options: |
|||
foo: bar' |
|||
VALID_EXISTING_CERT=2 |
|||
LETSENCRYPT_SET_RENEW_BEFORE_EXPIRY=yes |
|||
LETSENCRYPT_CERT_DELETE=yes |
|||
crt_create www.example.com |
|||
" "not valid, already existing diff domain" |
|||
is err 'Calling: get_compose_service_def |
|||
arg0: |
|||
| $SERVICE_NAME |
|||
Calling valid_existing_cert |
|||
arg0: |
|||
| 30 |
|||
arg1: |
|||
| www.example.com |
|||
Error: Domain mismatch detected, lets delete previous cert. |
|||
Calling letsencrypt_cert_delete |
|||
arg0: |
|||
| www.example.com |
|||
Error: Previous cert for www.example.com deleted. |
|||
Calling crt |
|||
arg0: |
|||
| foo: bar |
|||
arg1: |
|||
| create |
|||
arg2: |
|||
| www.example.com |
|||
Calling letsencrypt_set_renew_before_expiry |
|||
arg0: |
|||
| www.example.com |
|||
arg1: |
|||
| 30' RTRIM |
|||
is out '' RTRIM |
|||
is errlvl 0 |
|||
|
|||
|
|||
|
|||
try " |
|||
exname=\"crt create\" |
|||
SERVICE_NAME='\$SERVICE_NAME' |
|||
LETSENCRYPT_SET_RENEW_BEFORE_EXPIRY=yes |
|||
GET_COMPOSE_SERVICE_DEF=' |
|||
a: 1 |
|||
options: |
|||
foo: bar |
|||
renew-before-expiry: 15 |
|||
' |
|||
VALID_EXISTING_CERT=1 |
|||
crt_create www.example.com |
|||
" "not valid, renew-before-expiry is used" |
|||
is err reg 'Calling valid_existing_cert |
|||
arg0: |
|||
. 15 |
|||
arg1: |
|||
. www.example.com |
|||
' RTRIM |
|||
is out '' RTRIM |
|||
is errlvl 0 |
|||
|
|||
|
|||
|
|||
try " |
|||
crt() { return 1; } |
|||
exname=\"crt create\" |
|||
SERVICE_NAME='\$SERVICE_NAME' |
|||
GET_COMPOSE_SERVICE_DEF='' |
|||
VALID_EXISTING_CERT=1 |
|||
crt_create www.example.com |
|||
" "valid cert but force" |
|||
is err part "Error: Certificate creation/renew failed for domain 'www.example.com'." RTRIM |
|||
is out '' RTRIM |
|||
is errlvl 1 |
@ -0,0 +1,178 @@ |
|||
#!/bin/bash |
|||
|
|||
exname=$(basename $0) |
|||
|
|||
prefix_cmd=" |
|||
. /etc/shlib |
|||
|
|||
include common |
|||
include parse |
|||
|
|||
. ../lib/common |
|||
|
|||
valid_existing_cert() { |
|||
local i |
|||
echo \"Calling valid_existing_cert\" >&2 |
|||
((i=0)) |
|||
for arg in \"\$@\"; do |
|||
echo \" arg\$((i++)):\" |
|||
echo \"\$arg\" | prefix \" | \" |
|||
done >&2 |
|||
[ \"\$VALID_EXISTING_CERT\" == \"yes\" ] |
|||
} |
|||
export -f valid_existing_cert |
|||
|
|||
crt() { |
|||
local i |
|||
echo \"Calling crt\" >&2 |
|||
((i=0)) |
|||
for arg in \"\$@\"; do |
|||
echo \" arg\$((i++)):\" |
|||
echo \"\$arg\" | prefix \" | \" |
|||
done >&2 |
|||
} |
|||
export -f crt |
|||
|
|||
get_domain_list() { |
|||
local i |
|||
echo \"Calling get_domain_list\" >&2 |
|||
((i=0)) |
|||
for arg in \"\$@\"; do |
|||
echo \" arg\$((i++)):\" |
|||
echo \"\$arg\" | prefix \" | \" |
|||
done >&2 |
|||
echo \"\$GET_DOMAIN_LIST\" |
|||
} |
|||
export -f get_domain_list |
|||
|
|||
|
|||
" |
|||
|
|||
## |
|||
## Mocks |
|||
## |
|||
|
|||
get_compose_service_def() { |
|||
local i |
|||
echo "Calling: get_compose_service_def" >&2 |
|||
((i=0)) |
|||
for arg in "$@"; do |
|||
echo " arg$((i++)):" |
|||
echo "$arg" | prefix " | " |
|||
done >&2 |
|||
echo "$GET_COMPOSE_SERVICE_DEF" |
|||
} |
|||
export -f get_compose_service_def |
|||
|
|||
|
|||
|
|||
try " |
|||
exname=\"crt renew\" |
|||
SERVICE_NAME='\$SERVICE_NAME' |
|||
GET_COMPOSE_SERVICE_DEF= |
|||
crt_renew xxx |
|||
" |
|||
is err 'Error: No argument required |
|||
usage: $ |
|||
crt renew [-h|--help]' RTRIM |
|||
is errlvl 1 |
|||
is out '' |
|||
|
|||
try " |
|||
exname=\"crt renew\" |
|||
SERVICE_NAME='\$SERVICE_NAME' |
|||
GET_COMPOSE_SERVICE_DEF= |
|||
GET_DOMAIN_LIST= |
|||
crt_renew |
|||
" |
|||
is err part 'II No domain founds' RTRIM |
|||
is errlvl 0 |
|||
is out '' |
|||
|
|||
|
|||
try " |
|||
exname=\"crt renew\" |
|||
SERVICE_NAME='\$SERVICE_NAME' |
|||
GET_COMPOSE_SERVICE_DEF=' |
|||
options: |
|||
wiz: foo |
|||
' |
|||
GET_DOMAIN_LIST=' |
|||
www.example.com: |
|||
remaining: 20 |
|||
foo.bar: |
|||
remaining: 32 |
|||
' |
|||
crt_renew |
|||
" "2 certs, one need renew, one is ok" |
|||
is err part 'II Renewing domain www.example.com (20 days left)' RTRIM |
|||
is err part 'Calling crt |
|||
arg0: |
|||
| wiz: foo |
|||
arg1: |
|||
| renew |
|||
arg2: |
|||
| www.example.com |
|||
' |
|||
is err part 'II Domain foo.bar does not need renewing (32 days left).' RTRIM |
|||
is errlvl 0 |
|||
is out '' |
|||
|
|||
|
|||
|
|||
try " |
|||
exname=\"crt renew\" |
|||
SERVICE_NAME='\$SERVICE_NAME' |
|||
GET_COMPOSE_SERVICE_DEF=' |
|||
options: |
|||
wiz: foo |
|||
renew-before-expiry: 15 |
|||
' |
|||
GET_DOMAIN_LIST=' |
|||
www.example.com: |
|||
remaining: 45 |
|||
' |
|||
crt_renew |
|||
" "setting renew-before-expiry" |
|||
is err part 'II Domain www.example.com does not need renewing (45 days left).' RTRIM |
|||
is errlvl 0 |
|||
is out '' |
|||
|
|||
|
|||
try " |
|||
exname=\"crt renew\" |
|||
SERVICE_NAME='\$SERVICE_NAME' |
|||
GET_COMPOSE_SERVICE_DEF= |
|||
GET_DOMAIN_LIST=' |
|||
www.example.com: |
|||
remaining: EXPIRED |
|||
' |
|||
crt_renew |
|||
" "expired cert" |
|||
is err part 'II Renewing domain www.example.com (expired).' RTRIM |
|||
is errlvl 0 |
|||
is out '' |
|||
|
|||
|
|||
try " |
|||
crt() { ! [[ \"\$3\" =~ ^wiz|foo$ ]]; } |
|||
exname=\"crt renew\" |
|||
SERVICE_NAME='\$SERVICE_NAME' |
|||
GET_COMPOSE_SERVICE_DEF= |
|||
GET_DOMAIN_LIST=' |
|||
www.example.com: |
|||
remaining: EXPIRED |
|||
foo: |
|||
remaining: EXPIRED |
|||
bar: |
|||
remaining: 98 |
|||
wiz: |
|||
remaining: 10 |
|||
' |
|||
crt_renew |
|||
" "some failed renewal" |
|||
is err part 'II Renewing domain www.example.com (expired).' RTRIM |
|||
is err part 'Error: At least one domain failed to be renewed: foo wiz' RTRIM |
|||
is errlvl 1 |
|||
is out '' |
|||
|
@ -0,0 +1,61 @@ |
|||
#!/bin/bash |
|||
|
|||
exname=$(basename $0) |
|||
|
|||
prefix_cmd=" |
|||
. /etc/shlib |
|||
|
|||
include common |
|||
include parse |
|||
|
|||
. ../lib/common |
|||
|
|||
letsencrypt_get_challenge_type() { |
|||
echo 'Calling letsencrypt_get_challenge_type' >&2 |
|||
echo \"\$LETSENCRYPT_GET_CHALLENGE_TYPE\" |
|||
} |
|||
export -f letsencrypt_get_challenge_type |
|||
|
|||
" |
|||
|
|||
|
|||
|
|||
try " |
|||
LETSENCRYPT_GET_CHALLENGE_TYPE=foo |
|||
get_challenge_type '' create "bar" |
|||
" |
|||
is errlvl 0 |
|||
is err "Warning: No challenge-type provided, defaulting to 'http'." RTRIM |
|||
is out 'http' RTRIM |
|||
|
|||
try " |
|||
LETSENCRYPT_GET_CHALLENGE_TYPE=foo |
|||
get_challenge_type ' |
|||
challenge-type: wiz |
|||
' create "bar" |
|||
" |
|||
noerror |
|||
is out 'wiz' RTRIM |
|||
|
|||
|
|||
try " |
|||
LETSENCRYPT_GET_CHALLENGE_TYPE=foo |
|||
get_challenge_type ' |
|||
challenge-type: wiz |
|||
' renew "bar" |
|||
" |
|||
is errlvl 0 |
|||
is err 'Calling letsencrypt_get_challenge_type' RTRIM |
|||
is out 'foo' RTRIM |
|||
|
|||
|
|||
try " |
|||
LETSENCRYPT_GET_CHALLENGE_TYPE=http-01 |
|||
get_challenge_type ' |
|||
challenge-type: wiz |
|||
' renew "bar" |
|||
" |
|||
is errlvl 0 |
|||
is err 'Calling letsencrypt_get_challenge_type' RTRIM |
|||
is out 'http' RTRIM |
|||
|
@ -0,0 +1,142 @@ |
|||
#!/bin/bash |
|||
|
|||
exname=$(basename $0) |
|||
|
|||
prefix_cmd=" |
|||
. /etc/shlib |
|||
|
|||
include common |
|||
include parse |
|||
|
|||
. ../lib/common |
|||
|
|||
get_challenge_type() { |
|||
local i |
|||
echo \"Calling get_challenge_type\" >&2 |
|||
((i=0)) |
|||
for arg in \"\$@\"; do |
|||
echo \" arg\$((i++)):\" |
|||
echo \"\$arg\" | prefix \" | \" |
|||
done >&2 |
|||
echo \"\$GET_CHALLENGE_TYPE\" |
|||
} |
|||
export -f get_challenge_type |
|||
|
|||
" |
|||
|
|||
|
|||
|
|||
try " |
|||
SERVICE_NAME='\$SERVICE_NAME' |
|||
GET_CHALLENGE_TYPE=foo |
|||
get_dc_env '' create bar |
|||
" |
|||
is errlvl 0 |
|||
is err part "\ |
|||
Calling get_challenge_type |
|||
arg0: |
|||
| |
|||
arg1: |
|||
| create |
|||
arg2: |
|||
| bar |
|||
" RTRIM |
|||
is out '$SERVICE_NAME: |
|||
docker-compose: |
|||
environment: |
|||
CHALLENGE_TYPE: foo' RTRIM |
|||
|
|||
|
|||
try " |
|||
SERVICE_NAME='\$SERVICE_NAME' |
|||
GET_CHALLENGE_TYPE=foo |
|||
get_dc_env ' |
|||
email: foo@example.com |
|||
' create bar |
|||
" |
|||
is errlvl 0 |
|||
is err part "\ |
|||
Calling get_challenge_type |
|||
arg0: |
|||
| |
|||
| email: foo@example.com |
|||
| |
|||
arg1: |
|||
| create |
|||
arg2: |
|||
| bar |
|||
" RTRIM |
|||
is out '$SERVICE_NAME: |
|||
docker-compose: |
|||
environment: |
|||
LETSENCRYPT_USER_MAIL: foo@example.com |
|||
CHALLENGE_TYPE: foo' RTRIM |
|||
|
|||
|
|||
try " |
|||
SERVICE_NAME='\$SERVICE_NAME' |
|||
GET_CHALLENGE_TYPE=foo |
|||
get_dc_env ' |
|||
email: foo@example.com |
|||
env: |
|||
' create bar |
|||
" "environment def is empty" |
|||
is errlvl 0 |
|||
is out '$SERVICE_NAME: |
|||
docker-compose: |
|||
environment: |
|||
LETSENCRYPT_USER_MAIL: foo@example.com |
|||
CHALLENGE_TYPE: foo' RTRIM |
|||
|
|||
try " |
|||
SERVICE_NAME='\$SERVICE_NAME' |
|||
GET_CHALLENGE_TYPE=foo |
|||
get_dc_env ' |
|||
email: foo@example.com |
|||
env: |
|||
ignore: x |
|||
ovh: |
|||
foo: 1 |
|||
bar: 2 |
|||
wiz: |
|||
foo: 1 |
|||
' create bar |
|||
" "environment def without provider" |
|||
is errlvl 0 |
|||
is out '$SERVICE_NAME: |
|||
docker-compose: |
|||
environment: |
|||
LETSENCRYPT_USER_MAIL: foo@example.com |
|||
LEXICON_OVH_FOO: 1 |
|||
LEXICON_OVH_BAR: 2 |
|||
LEXICON_WIZ_FOO: 1 |
|||
LEXICON_PROVIDER: ovh |
|||
CHALLENGE_TYPE: foo' RTRIM |
|||
|
|||
|
|||
try " |
|||
SERVICE_NAME='\$SERVICE_NAME' |
|||
GET_CHALLENGE_TYPE=foo |
|||
get_dc_env ' |
|||
email: foo@example.com |
|||
env: |
|||
ignore: y |
|||
ovh: |
|||
foo: 1 |
|||
bar: 2 |
|||
wiz: |
|||
foo: 1 |
|||
provider: wiz |
|||
' create bar |
|||
" "environment def with provider" |
|||
is errlvl 0 |
|||
is out '$SERVICE_NAME: |
|||
docker-compose: |
|||
environment: |
|||
LETSENCRYPT_USER_MAIL: foo@example.com |
|||
LEXICON_OVH_FOO: 1 |
|||
LEXICON_OVH_BAR: 2 |
|||
LEXICON_WIZ_FOO: 1 |
|||
LEXICON_PROVIDER: wiz |
|||
CHALLENGE_TYPE: foo' RTRIM |
|||
|
@ -0,0 +1,96 @@ |
|||
#!/bin/bash |
|||
|
|||
exname=$(basename $0) |
|||
|
|||
prefix_cmd=" |
|||
. /etc/shlib |
|||
|
|||
include common |
|||
include parse |
|||
|
|||
. ../lib/common |
|||
|
|||
has_existing_cert() { |
|||
echo \"Calling has_existing_cert $*\" >&2 |
|||
[ \"\$HAS_EXISTING_CERT\" == 'yes' ] |
|||
} |
|||
export -f has_existing_cert |
|||
|
|||
letsencrypt_cert_info() { |
|||
echo \"Calling letsencrypt_cert_info $*\" >&2 |
|||
echo \"\$LETSENCRYPT_CERT_INFO\" |
|||
} |
|||
export -f letsencrypt_cert_info |
|||
|
|||
" |
|||
|
|||
|
|||
try " |
|||
HAS_EXISTING_CERT= ## False |
|||
valid_existing_cert 30 'www.example.com' |
|||
" |
|||
is errlvl 1 |
|||
is err 'Calling has_existing_cert' RTRIM |
|||
is out '' RTRIM |
|||
|
|||
|
|||
try " |
|||
HAS_EXISTING_CERT=yes ## False |
|||
LETSENCRYPT_CERT_INFO=' |
|||
domains: www.example.com |
|||
remaining: 74 |
|||
' |
|||
valid_existing_cert 30 'www.example.com' |
|||
" "existing and valid cert" |
|||
is errlvl 0 |
|||
is err part 'Calling has_existing_cert' RTRIM |
|||
is err part 'Querying www.example.com for previous info...' RTRIM |
|||
is err part 'Calling letsencrypt_cert_info' RTRIM |
|||
is out '' RTRIM |
|||
|
|||
|
|||
try " |
|||
HAS_EXISTING_CERT=yes ## False |
|||
LETSENCRYPT_CERT_INFO=' |
|||
domains: www.example.com |
|||
remaining: 74 |
|||
' |
|||
valid_existing_cert 90 'www.example.com' |
|||
" "days validity beneath threshold" |
|||
is errlvl 1 |
|||
is out '' RTRIM |
|||
|
|||
|
|||
try " |
|||
HAS_EXISTING_CERT=yes ## False |
|||
LETSENCRYPT_CERT_INFO=' |
|||
domains: www.example.com example.com |
|||
remaining: 74 |
|||
' |
|||
valid_existing_cert 30 'www.example.com' |
|||
" "domains mismatch 1" |
|||
is errlvl 2 |
|||
is out '' RTRIM |
|||
|
|||
try " |
|||
HAS_EXISTING_CERT=yes ## False |
|||
LETSENCRYPT_CERT_INFO=' |
|||
domains: www.example.com |
|||
remaining: 74 |
|||
' |
|||
valid_existing_cert 30 'www.example.com' example.com |
|||
" "domains mismatch 2" |
|||
is errlvl 2 |
|||
is out '' RTRIM |
|||
|
|||
|
|||
try " |
|||
HAS_EXISTING_CERT=yes ## False |
|||
LETSENCRYPT_CERT_INFO=' |
|||
domains: www.example.com |
|||
remaining: EXPIRED |
|||
' |
|||
valid_existing_cert 30 www.example.com |
|||
" "expired" |
|||
is errlvl 1 |
|||
is out '' RTRIM |
@ -0,0 +1,33 @@ |
|||
#!/bin/bash |
|||
|
|||
exname=$(basename $0) |
|||
|
|||
prefix_cmd=" |
|||
. /etc/shlib |
|||
|
|||
include common |
|||
include parse |
|||
|
|||
. ../lib/common |
|||
|
|||
" |
|||
|
|||
|
|||
try "echo ' |
|||
a: b |
|||
' | yaml_opt_bash_env PREFIX | tr '\0' ':'" |
|||
noerror |
|||
is out 'PREFIX_A:b:' |
|||
|
|||
|
|||
try "echo ' |
|||
x: 1 |
|||
y: |
|||
a: 4 |
|||
b: 3 |
|||
|
|||
' | yaml_opt_bash_env PREFIX | tr '\0' ':'" |
|||
noerror |
|||
is out 'PREFIX_X:1:PREFIX_Y_A:4:PREFIX_Y_B:3:' |
|||
|
|||
|
@ -0,0 +1,26 @@ |
|||
#!/bin/bash |
|||
|
|||
exname=$(basename $0) |
|||
|
|||
prefix_cmd=" |
|||
. /etc/shlib |
|||
|
|||
include common |
|||
include parse |
|||
|
|||
. ../lib/common |
|||
|
|||
" |
|||
|
|||
|
|||
try "echo ' |
|||
x: 1 |
|||
y: |
|||
a: 4 |
|||
b: 3 |
|||
|
|||
' | yaml_opt_bash_env PREFIX | tr '\0' ':'" |
|||
noerror |
|||
is out 'PREFIX_X:1:PREFIX_Y_A:4:PREFIX_Y_B:3:' |
|||
|
|||
|
Write
Preview
Loading…
Cancel
Save
Reference in new issue