[mirror_acme.sh.git] / deploy / gcore_cdn.sh

#!/usr/bin/env sh

# Here is the script to deploy the cert to G-Core CDN service (https://gcorelabs.com/ru/) using the G-Core Labs API (https://docs.gcorelabs.com/cdn/).
# Returns 0 when success.
#
# Written by temoffey <temofffey@gmail.com>
# Public domain, 2019

#export DEPLOY_GCORE_CDN_USERNAME=myusername
#export DEPLOY_GCORE_CDN_PASSWORD=mypassword

########  Public functions #####################

#domain keyfile certfile cafile fullchain

gcore_cdn_deploy() {
  _cdomain="$1"
  _ckey="$2"
  _ccert="$3"
  _cca="$4"
  _cfullchain="$5"

  _debug _cdomain "$_cdomain"
  _debug _ckey "$_ckey"
  _debug _ccert "$_ccert"
  _debug _cca "$_cca"
  _debug _cfullchain "$_cfullchain"

  _fullchain=$(tr '\r\n' '*#' <"$_cfullchain" | sed 's/*#/#/g;s/##/#/g;s/#/\\n/g')
  _key=$(tr '\r\n' '*#' <"$_ckey" | sed 's/*#/#/g;s/#/\\n/g')

  _debug _fullchain "$_fullchain"
  _debug _key "$_key"

  if [ -z "$DEPLOY_GCORE_CDN_USERNAME" ]; then
    if [ -z "$Le_Deploy_gcore_cdn_username" ]; then
      _err "Please define the target username: export DEPLOY_GCORE_CDN_USERNAME=username"
      return 1
    fi
  else
    Le_Deploy_gcore_cdn_username="$DEPLOY_GCORE_CDN_USERNAME"
    _savedomainconf Le_Deploy_gcore_cdn_username "$Le_Deploy_gcore_cdn_username"
  fi

  if [ -z "$DEPLOY_GCORE_CDN_PASSWORD" ]; then
    if [ -z "$Le_Deploy_gcore_cdn_password" ]; then
      _err "Please define the target password: export DEPLOY_GCORE_CDN_PASSWORD=password"
      return 1
    fi
  else
    Le_Deploy_gcore_cdn_password="$DEPLOY_GCORE_CDN_PASSWORD"
    _savedomainconf Le_Deploy_gcore_cdn_password "$Le_Deploy_gcore_cdn_password"
  fi

  _info "Get authorization token"
  _request="{\"username\":\"$Le_Deploy_gcore_cdn_username\",\"password\":\"$Le_Deploy_gcore_cdn_password\"}"
  _debug _request "$_request"
  export _H1="Content-Type:application/json"
  _response=$(_post "$_request" "https://api.gcdn.co/auth/jwt/login")
  _debug _response "$_response"
  _regex=".*\"access\":\"\([-._0-9A-Za-z]*\)\".*$"
  _debug _regex "$_regex"
  _token=$(echo "$_response" | sed -n "s/$_regex/\1/p")
  _debug _token "$_token"

  if [ -z "$_token" ]; then
    _err "Error G-Core Labs API authorization"
    return 1
  fi

  _info "Find CDN resource with cname $_cdomain"
  export _H2="Authorization:Token $_token"
  _response=$(_get "https://api.gcdn.co/resources")
  _debug _response "$_response"
  _regex="\"primary_resource\":null},"
  _debug _regex "$_regex"
  _response=$(echo "$_response" | sed "s/$_regex/$_regex\n/g")
  _debug _response "$_response"
  _regex="^.*\"cname\":\"$_cdomain\".*$"
  _debug _regex "$_regex"
  _resource=$(echo "$_response" | _egrep_o "$_regex")
  _debug _resource "$_resource"
  _regex=".*\"id\":\([0-9]*\).*$"
  _debug _regex "$_regex"
  _resourceId=$(echo "$_resource" | sed -n "s/$_regex/\1/p")
  _debug _resourceId "$_resourceId"
  _regex=".*\"sslData\":\([0-9]*\).*$"
  _debug _regex "$_regex"
  _sslDataOld=$(echo "$_resource" | sed -n "s/$_regex/\1/p")
  _debug _sslDataOld "$_sslDataOld"
  _regex=".*\"originGroup\":\([0-9]*\).*$"
  _debug _regex "$_regex"
  _originGroup=$(echo "$_resource" | sed -n "s/$_regex/\1/p")
  _debug _originGroup "$_originGroup"

  if [ -z "$_resourceId" ] || [ -z "$_originGroup" ]; then
    _err "Not found CDN resource with cname $_cdomain"
    return 1
  fi

  _info "Add new SSL certificate"
  _date=$(date "+%d.%m.%Y %H:%M:%S")
  _request="{\"name\":\"$_cdomain ($_date)\",\"sslCertificate\":\"$_fullchain\",\"sslPrivateKey\":\"$_key\"}"
  _debug _request "$_request"
  _response=$(_post "$_request" "https://api.gcdn.co/sslData")
  _debug _response "$_response"
  _regex=".*\"id\":\([0-9]*\).*$"
  _debug _regex "$_regex"
  _sslDataAdd=$(echo "$_response" | sed -n "s/$_regex/\1/p")
  _debug _sslDataAdd "$_sslDataAdd"

  if [ -z "$_sslDataAdd" ]; then
    _err "Error new SSL certificate add"
    return 1
  fi

  _info "Update CDN resource"
  _request="{\"originGroup\":$_originGroup,\"sslData\":$_sslDataAdd}"
  _debug _request "$_request"
  _response=$(_post "$_request" "https://api.gcdn.co/resources/$_resourceId" '' "PUT")
  _debug _response "$_response"
  _regex=".*\"sslData\":\([0-9]*\).*$"
  _debug _regex "$_regex"
  _sslDataNew=$(echo "$_response" | sed -n "s/$_regex/\1/p")
  _debug _sslDataNew "$_sslDataNew"

  if [ "$_sslDataNew" != "$_sslDataAdd" ]; then
    _err "Error CDN resource update"
    return 1
  fi

  if [ -z "$_sslDataOld" ] || [ "$_sslDataOld" = "null" ]; then
    _info "Not found old SSL certificate"
  else
    _info "Delete old SSL certificate"
    _response=$(_post '' "https://api.gcdn.co/sslData/$_sslDataOld" '' "DELETE")
    _debug _response "$_response"
  fi

  _info "Certificate successfully deployed"
  return 0
}
Commit	Line	Data
228c8354	1	#!/usr/bin/env sh
228c8354	2
95cdb4b2	3	# Here is the script to deploy the cert to G-Core CDN service (https://gcorelabs.com/ru/) using the G-Core Labs API (https://docs.gcorelabs.com/cdn/).
228c8354	4	# Returns 0 when success.
	5	#
	6	# Written by temoffey <temofffey@gmail.com>
	7	# Public domain, 2019
	8
	9	#export DEPLOY_GCORE_CDN_USERNAME=myusername
	10	#export DEPLOY_GCORE_CDN_PASSWORD=mypassword
	11
	12	######## Public functions #####################
	13
	14	#domain keyfile certfile cafile fullchain
	15
	16	gcore_cdn_deploy() {
	17	_cdomain="$1"
	18	_ckey="$2"
	19	_ccert="$3"
	20	_cca="$4"
	21	_cfullchain="$5"
	22
	23	_debug _cdomain "$_cdomain"
	24	_debug _ckey "$_ckey"
	25	_debug _ccert "$_ccert"
	26	_debug _cca "$_cca"
	27	_debug _cfullchain "$_cfullchain"
	28
63407041 ТЯ	29	_fullchain=$(tr '\r\n' '#' <"$_cfullchain" \| sed 's/#/#/g;s/##/#/g;s/#/\\n/g')
63407041 ТЯ	30	_key=$(tr '\r\n' '#' <"$_ckey" \| sed 's/#/#/g;s/#/\\n/g')
228c8354	31
	32	_debug _fullchain "$_fullchain"
	33	_debug _key "$_key"
	34
	35	if [ -z "$DEPLOY_GCORE_CDN_USERNAME" ]; then
	36	if [ -z "$Le_Deploy_gcore_cdn_username" ]; then
	37	_err "Please define the target username: export DEPLOY_GCORE_CDN_USERNAME=username"
	38	return 1
228c8354	39	fi
228c8354	40	else
95cdb4b2	41	Le_Deploy_gcore_cdn_username="$DEPLOY_GCORE_CDN_USERNAME"
95cdb4b2	42	_savedomainconf Le_Deploy_gcore_cdn_username "$Le_Deploy_gcore_cdn_username"
228c8354	43	fi
	44
	45	if [ -z "$DEPLOY_GCORE_CDN_PASSWORD" ]; then
	46	if [ -z "$Le_Deploy_gcore_cdn_password" ]; then
	47	_err "Please define the target password: export DEPLOY_GCORE_CDN_PASSWORD=password"
	48	return 1
228c8354	49	fi
228c8354	50	else
95cdb4b2	51	Le_Deploy_gcore_cdn_password="$DEPLOY_GCORE_CDN_PASSWORD"
95cdb4b2	52	_savedomainconf Le_Deploy_gcore_cdn_password "$Le_Deploy_gcore_cdn_password"
228c8354	53	fi
228c8354	54
228c8354	55	_info "Get authorization token"
4b6e7e6c	56	_request="{\"username\":\"$Le_Deploy_gcore_cdn_username\",\"password\":\"$Le_Deploy_gcore_cdn_password\"}"
228c8354	57	_debug _request "$_request"
8896642e	58	export _H1="Content-Type:application/json"
1fff8dd3	59	_response=$(_post "$_request" "https://api.gcdn.co/auth/jwt/login")
228c8354	60	_debug _response "$_response"
1fff8dd3	61	_regex=".\"access\":\"\([-._0-9A-Za-z]\)\".*$"
b8489464	62	_debug _regex "$_regex"
4b6e7e6c	63	_token=$(echo "$_response" \| sed -n "s/$_regex/\1/p")
228c8354	64	_debug _token "$_token"
89989adc	65
b8489464	66	if [ -z "$_token" ]; then
228c8354	67	_err "Error G-Core Labs API authorization"
	68	return 1
	69	fi
	70
	71	_info "Find CDN resource with cname $_cdomain"
8896642e	72	export _H2="Authorization:Token $_token"
8896642e	73	_response=$(_get "https://api.gcdn.co/resources")
228c8354	74	_debug _response "$_response"
1eaf7c89	75	_regex="\"primary_resource\":null},"
1eaf7c89	76	_debug _regex "$_regex"
7ed7a57d	77	_response=$(echo "$_response" \| sed "s/$_regex/$_regex\n/g")
1eaf7c89	78	_debug _response "$_response"
bea52aa7	79	_regex="^.\"cname\":\"$_cdomain\".$"
b8489464	80	_debug _regex "$_regex"
1eaf7c89	81	_resource=$(echo "$_response" \| _egrep_o "$_regex")
228c8354	82	_debug _resource "$_resource"
1eaf7c89	83	_regex=".\"id\":\([0-9]\).*$"
b8489464	84	_debug _regex "$_regex"
4b6e7e6c	85	_resourceId=$(echo "$_resource" \| sed -n "s/$_regex/\1/p")
228c8354	86	_debug _resourceId "$_resourceId"
252a21e2	87	_regex=".\"sslData\":\([0-9]\).*$"
b8489464	88	_debug _regex "$_regex"
4b6e7e6c	89	_sslDataOld=$(echo "$_resource" \| sed -n "s/$_regex/\1/p")
228c8354	90	_debug _sslDataOld "$_sslDataOld"
252a21e2	91	_regex=".\"originGroup\":\([0-9]\).*$"
b8489464	92	_debug _regex "$_regex"
4b6e7e6c	93	_originGroup=$(echo "$_resource" \| sed -n "s/$_regex/\1/p")
228c8354	94	_debug _originGroup "$_originGroup"
228c8354	95
b8489464	96	if [ -z "$_resourceId" ] \|\| [ -z "$_originGroup" ]; then
228c8354	97	_err "Not found CDN resource with cname $_cdomain"
	98	return 1
	99	fi
	100
	101	_info "Add new SSL certificate"
	102	_date=$(date "+%d.%m.%Y %H:%M:%S")
4b6e7e6c	103	_request="{\"name\":\"$_cdomain ($_date)\",\"sslCertificate\":\"$_fullchain\",\"sslPrivateKey\":\"$_key\"}"
228c8354	104	_debug _request "$_request"
8896642e	105	_response=$(_post "$_request" "https://api.gcdn.co/sslData")
228c8354	106	_debug _response "$_response"
252a21e2	107	_regex=".\"id\":\([0-9]\).*$"
b8489464	108	_debug _regex "$_regex"
4b6e7e6c	109	_sslDataAdd=$(echo "$_response" \| sed -n "s/$_regex/\1/p")
228c8354	110	_debug _sslDataAdd "$_sslDataAdd"
228c8354	111
b8489464	112	if [ -z "$_sslDataAdd" ]; then
228c8354	113	_err "Error new SSL certificate add"
	114	return 1
	115	fi
	116
	117	_info "Update CDN resource"
4b6e7e6c	118	_request="{\"originGroup\":$_originGroup,\"sslData\":$_sslDataAdd}"
228c8354	119	_debug _request "$_request"
8896642e	120	_response=$(_post "$_request" "https://api.gcdn.co/resources/$_resourceId" '' "PUT")
228c8354	121	_debug _response "$_response"
ee38ccca	122	_regex=".\"sslData\":\([0-9]\).*$"
b8489464	123	_debug _regex "$_regex"
4b6e7e6c	124	_sslDataNew=$(echo "$_response" \| sed -n "s/$_regex/\1/p")
228c8354	125	_debug _sslDataNew "$_sslDataNew"
	126
	127	if [ "$_sslDataNew" != "$_sslDataAdd" ]; then
	128	_err "Error CDN resource update"
	129	return 1
	130	fi
	131
	132	if [ -z "$_sslDataOld" ] \|\| [ "$_sslDataOld" = "null" ]; then
95cdb4b2	133	_info "Not found old SSL certificate"
228c8354	134	else
228c8354	135	_info "Delete old SSL certificate"
8896642e	136	_response=$(_post '' "https://api.gcdn.co/sslData/$_sslDataOld" '' "DELETE")
228c8354	137	_debug _response "$_response"
	138	fi
	139
	140	_info "Certificate successfully deployed"
	141	return 0
95cdb4b2	142	}