|
@@ -0,0 +1,81 @@
|
|
|
+
|
|
|
+
|
|
|
+
|
|
|
+
|
|
|
+
|
|
|
+
|
|
|
+
|
|
|
+
|
|
|
+
|
|
|
+
|
|
|
+
|
|
|
+
|
|
|
+
|
|
|
+
|
|
|
+
|
|
|
+kong_deploy() {
|
|
|
+ _cdomain="$1"
|
|
|
+ _ckey="$2"
|
|
|
+ _ccert="$3"
|
|
|
+ _cca="$4"
|
|
|
+ _cfullchain="$5"
|
|
|
+ _info "Deploying certificate on Kong instance"
|
|
|
+ if [ -z "$KONG_URL" ]; then
|
|
|
+ _debug "KONG_URL Not set, using default http://localhost:8001"
|
|
|
+ KONG_URL="http://localhost:8001"
|
|
|
+ fi
|
|
|
+
|
|
|
+ _debug _cdomain "$_cdomain"
|
|
|
+ _debug _ckey "$_ckey"
|
|
|
+ _debug _ccert "$_ccert"
|
|
|
+ _debug _cca "$_cca"
|
|
|
+ _debug _cfullchain "$_cfullchain"
|
|
|
+
|
|
|
+
|
|
|
+ uuid=$(_get "$KONG_URL/apis?request_host=$_cdomain" | _normalizeJson | _egrep_o '[0-9a-f]{8}-[0-9a-f]{4}-[0-9a-f]{4}-[0-9a-f]{4}-[0-9a-f]{12}')
|
|
|
+ if [ -z "$uuid" ]; then
|
|
|
+ _err "Unable to get Kong uuid for domain $_cdomain"
|
|
|
+ _err "Make sure that KONG_URL is correctly configured"
|
|
|
+ _err "Make sure that a Kong api request_host match the domain"
|
|
|
+ _err "Kong url: $KONG_URL"
|
|
|
+ return 1
|
|
|
+ fi
|
|
|
+
|
|
|
+ _saveaccountconf KONG_URL "$KONG_URL"
|
|
|
+
|
|
|
+ delim="-----MultipartDelimeter$(date "+%s%N")"
|
|
|
+ nl="\015\012"
|
|
|
+
|
|
|
+ _H1="Content-Type: multipart/form-data; boundary=$delim"
|
|
|
+
|
|
|
+
|
|
|
+ content="--$delim${nl}Content-Disposition: form-data; name=\"name\"${nl}${nl}ssl"
|
|
|
+
|
|
|
+ content="$content${nl}--$delim${nl}Content-Disposition: form-data; name=\"config.key\"; filename=\"$(basename "$_ckey")\"${nl}Content-Type: application/octet-stream${nl}${nl}$(cat "$_ckey")"
|
|
|
+
|
|
|
+ content="$content${nl}--$delim${nl}Content-Disposition: form-data; name=\"config.cert\"; filename=\"$(basename "$_cfullchain")\"${nl}Content-Type: application/octet-stream${nl}${nl}$(cat "$_cfullchain")"
|
|
|
+
|
|
|
+ content="$content${nl}--$delim--${nl}"
|
|
|
+
|
|
|
+ content=$(printf %b "$content")
|
|
|
+
|
|
|
+ _debug header "$_H1"
|
|
|
+ _debug content "$content"
|
|
|
+
|
|
|
+ ssl_uuid=$(_get "$KONG_URL/apis/$uuid/plugins" | _egrep_o '"id":"[0-9a-f]{8}-[0-9a-f]{4}-[0-9a-f]{4}-[0-9a-f]{4}-[0-9a-f]{12}"[a-zA-Z0-9\-\,\"_\:]*"name":"ssl"' | _egrep_o '[0-9a-f]{8}-[0-9a-f]{4}-[0-9a-f]{4}-[0-9a-f]{4}-[0-9a-f]{12}')
|
|
|
+ _debug ssl_uuid "$ssl_uuid"
|
|
|
+ if [ -z "$ssl_uuid" ]; then
|
|
|
+
|
|
|
+ response=$(_post "$content" "$KONG_URL/apis/$uuid/plugins" "" "POST")
|
|
|
+ else
|
|
|
+
|
|
|
+ response=$(_post "$content" "$KONG_URL/apis/$uuid/plugins/$ssl_uuid" "" "PATCH")
|
|
|
+ fi
|
|
|
+ if ! [ "$(echo "$response" | _egrep_o "ssl")" = "ssl" ]; then
|
|
|
+ _err "An error occured with cert upload. Check response:"
|
|
|
+ _err "$response"
|
|
|
+ return 1
|
|
|
+ fi
|
|
|
+ _debug response "$response"
|
|
|
+ _info "Certificate successfully deployed"
|
|
|
+}
|