RuhNetConsulting
/
getssl
mirror of https://github.com/srvrco/getssl
1
0
Fork 0
Code Issues 0 Projects 0 Releases 51 Wiki Activity
Browse Source

Refactoring and framing skeleton. Commands follow noun verb format. 

Signed-off-by: Dan Schaper <dschaper@ganymeade.com>
pull/340/head
Dan Schaper 8 years ago
parent
cd8d5b8d8e
commit
9444e691a6
No known key found for this signature in database GPG Key ID: FFF1A1AD0113C344
1 changed files with 101 additions and 81 deletions
Split View
Diff Options
Show Stats Download Patch File Download Diff File
  1. +101
    -81
      getsslD

+ 101
- 81
getsslD View File

@ -17,7 +17,7 @@
# more details.
PROGNAME=getsslD
VERSION="0.2"
VERSION="0.2 commit cd8d5b8"
# Default values, accepts environment variables if set, otherwise default are used
WORKING_DIR=${WORKING_DIR:="/ssl}"
@ -31,66 +31,63 @@ ACCOUNT_KEY_TYPE=${ACCOUNT_KEY_TYPE:="rsa"}
# Functions
#####
create_key() {
# Create an openSSL key
local key_loc=${1}
local key_len=${2}
local key_type=${3}
local key_loc=$1
local key_len=$2
local key_type=$3
local valid_key_type
# Check for existing key
if [[ -s "${key_loc}" ]]; then
printf 'Key exists at %s skipping generation.\n' "${key_loc}"
if [[ -s "$key_loc" ]]; then
printf 'Key exists at %s skipping generation.\n' "$key_loc" 1>&2
return 0
elif [[ ! -d $(dirname "${key_loc}") ]]; then
print_error "Directory for storing ${key_loc} does not exist."
elif [[ ! -d $(dirname "$key_loc") ]]; then
printf 'Directory for storing $key_loc does not exist.' 1>&2
return 1
else
printf 'Creating %s bit %s account key in %s...' "${key_len}" "${key_type}" "${key_loc}"
fi
# Determine key type by length
# Valid Let's Encrypt RSA key lengths 2048-8192
# Valid Let's Encrypt ECC key lengths 256, 384, 521
if [[ "${key_len}" -ge 2048 ]] && [[ "${key_len}" -le 8192 ]] && [[ "${key_type}" == "rsa" ]]; then
if [[ "$key_len" -ge 2048 ]] && [[ "$key_len" -le 8192 ]] && [[ "$key_type" == "rsa" ]]; then
valid_key_type="RSA"
fi
if [[ "${key_type}" == "ecc" ]]; then
if [[ "${key_len}" -eq 256 ]] ; then
if [[ "$key_type" == "ecc" ]]; then
if [[ "$key_len" -eq 256 ]] ; then
valid_key_type="prime256v1"
elif [[ "${key_len}" -eq 384 ]]; then
elif [[ "$key_len" -eq 384 ]]; then
valid_key_type="secp384r1"
elif [[ "${key_len}" -eq 521 ]]; then
elif [[ "$key_len" -eq 521 ]]; then
valid_key_type="secp521r1"
fi
fi
if [[ -z ${valid_key_type+x} ]]; then
print_error "Invalid key length. Please check your configuration."
printf "Invalid key length. Please check your configuration." 1>&2
return 1
fi
case "$valid_key_type" in
RSA)
openssl genrsa -out "${key_loc}" "${key_len}" >& /dev/null
openssl genrsa -out "$key_loc" "$key_len" >& /dev/null
printf '%s\n' "Done."
return 0
;;
prime256v1|secp384r1|secp521r1)
openssl ecparam -genkey -out "${key_loc}" -name "${valid_key_type}" >& /dev/null
openssl ecparam -genkey -out "$key_loc" -name "$valid_key_type" >& /dev/null
printf '%s\n' "Done."
return 0
;;
esac
# Error inside case statement openssl generation
print_error "Error creating OpenSSL key, deleting key..."
rm "${key_loc}"
print_error "Done.\n"
printf "Error creating OpenSSL key, deleting key..." 1>&2
rm "$key_loc"
printf "Done.\n" 1>&2
return 1
}
@ -101,8 +98,8 @@ get_date() {
help_message_top() {
cat <<- _EOF_
Usage: "${PROGNAME}" [option] [COMMAND] [ARGS...]
cat <<- _EOL_
Usage: "$PROGNAME" [option] [COMMAND] [ARGS...]
Obtain SSL certificates from the letsencrypt.org ACME server.
Commands:
@ -110,33 +107,32 @@ help_message_top() {
Options to long options apply to short options also.
Options:
-r, --rsa Use RSA algorith for key generation (Default)
-e, --ecc Use elliptic curve algorithm for key or cert generation
-v, --version Display $PROGNAME version information.
_EOF_
_EOL_
return 0
}
help_message_account() {
cat <<- _EOF_
Usage: "${PROGNAME}" account [COMMAND] [ARGS...]
cat <<- _EOL_
Usage: "$PROGNAME" account [COMMAND] [ARGS...]
Manage Lets Encrypt account
Commands:
key [LENGTH] Create Lets Encrypt account key. (Default 4096 bits)
key Manage Lets Encrypt account key.
_EOF_
_EOL_
return 0
}
prep_workdir() {
# Prepare working directory for key/cert functions
if [[ ! -d "${WORKING_DIR}" ]]; then
printf '%s' "Creating getsslD certificate storage directory - ${WORKING_DIR}..."
if ! mkdir -p "${WORKING_DIR}" >& /dev/null; then
print_error "Could not create ${WORKING_DIR}. Check volumes.\n"
if [[ ! -d "$WORKING_DIR" ]]; then
printf '%s' "Creating getsslD certificate storage directory - $WORKING_DIR..."
if ! mkdir -p "$WORKING_DIR" >& /dev/null; then
printf "!! Could not create $WORKING_DIR. Check volumes." 1>&2
exit 1
else
printf '%s\n' "Done."
@ -149,7 +145,7 @@ print_error() {
# Output error messages to STDERR
local error=$1
printf '!! %s\n' "${1}" 1>&2
printf '!! %s\n' "$1" 1>&2
return 0
}
@ -158,63 +154,74 @@ arg_parser() {
local key_type
local key_length
while [[ -n ${1} ]]; do
case ${1} in
-r | --rsa)
shift
key_type="rsa"
;;
-e | --ecc)
shift
key_type="ecc"
;;
-h | --help)
while [[ ! -z ${1+x} ]]; do
case $1 in
-h | --help | "")
help_message_top
exit 0
;;
-v | --version)
printf '%s version %s\n' ${PROGNAME} ${VERSION}
exit 0
;;
account)
# Remove account command
shift
case $1 in
case $1 in # account subcommand
-h | --help | "")
help_message_account
exit 0
;;
key)
# Remove key subcommand
shift
# If no key type specified on the command line
# https://stackoverflow.com/a/13864829
if [[ -z "${key_type+x}" ]]; then
# No key types specified use default of RSA or environment variable
key_type="${ACCOUNT_KEY_TYPE:=rsa}"
printf 'No key type specified, using default of %s\n' "${key_type}"
fi
# We have a key type need length
# If no key length specified on the command line
if [[ -z "${1}" ]]; then
# No length specified, use default of 4096 or environment variable
key_length="${ACCOUNT_KEY_LENGTH:=4096}"
printf 'No key length specified, using default of %s\n' "${key_length}"
else
key_length="${1}"
fi
create_key "${ACCOUNT_KEY_LOCATION}" "${key_length}" "${key_type}"
exit 0
case $1 in # key subcommand
-h | --help | "")
help_message_account_key
exit 0
;;
create)
shift
case $1 in # create subcommand
-h | --help | "")
help_message_account_key_create
exit 0
;;
r | rsa)
shift
key_type="rsa"
printf 'Creating %s bit RSA account key...' $1
create_key $ACCOUNT_KEY_LOCATION $1 $key_type
shift
;;
e | ecc)
shift
key_type="ecc"
printf 'Creating %s bit ECC account key...' $1
create_key $ACCOUNT_KEY_LOCATION $1 $key_type
shift
;;
*)
printf 'Invalid command\n\n'
help_message_account_key_create
exit 1
;;
esac # End create subcommand
;;
*)
printf 'Invalid command\n\n'
help_message_account_key
exit 1
;;
esac # End key subcommands
;;
-h | --help)
*)
printf 'Invalid command\n\n'
help_message_account
exit 0
exit 1
;;
esac # End account subcommands
;;
esac # End account subcommands
;;
*)
printf 'Invalid command\n\n'
help_message_top
exit 1
;;
esac # End options
esac # End main program
done
}
@ -224,10 +231,23 @@ arg_parser() {
main() {
if [[ "$1" == "-v" ]] || [[ "$1" == "--version" ]]; then
printf '%s v%s\n' "$PROGNAME" "$VERSION"
exit 0
fi
if [[ "$1" == "-h" ]] || [[ "$1" == "--help" ]] || [[ "$1" == "" ]]; then
help_message_top
exit 0
fi
# read any variables from config in working directory
if [[ -s "$WORKING_DIR/getsslD.cfg" ]]; then
printf '%s\n'"Reading config from from $WORKING_DIR/getsslD.cfg"
. "$WORKING_DIR/getsslD.cfg"
printf 'Reading config from from %s/getsslD.cfg\n' "$WORKING_DIR"
source "$WORKING_DIR/getsslD.cfg"
else
printf "!! Unable to find $WORKING_DIR/getsslD.cfg. Please generate or mount directory with file location." 1>&2
exit 1
fi
arg_parser $*
@ -235,6 +255,6 @@ arg_parser $*
}
# Only run main if we are not testing.
if [[ "${GETSSLD_TEST}" != true ]]; then
if [[ "$GETSSLD_TEST" != true ]]; then
main $@
fi

Write Preview
Loading…
Cancel
Save