3 # Deploy certificates to a proxmox virtual environment node using the API.
5 # Environment variables that can be set are:
6 # `DEPLOY_PROXMOXVE_SERVER`: The hostname of the proxmox ve node. Defaults to
8 # `DEPLOY_PROXMOXVE_SERVER_PORT`: The port number the management interface is on.
10 # `DEPLOY_PROXMOXVE_NODE_NAME`: The name of the node we'll be connecting to.
11 # Defaults to the host portion of the server
13 # `DEPLOY_PROXMOXVE_USER`: The user we'll connect as. Defaults to root.
14 # `DEPLOY_PROXMOXVE_USER_REALM`: The authentication realm the user authenticates
15 # with. Defaults to pam.
16 # `DEPLOY_PROXMOXVE_API_TOKEN_NAME`: The name of the API token created for the
17 # user account. Defaults to acme.
18 # `DEPLOY_PROXMOXVE_API_TOKEN_KEY`: The API token. Required.
27 _debug _cdomain
"$_cdomain"
28 _debug2 _ckey
"$_ckey"
29 _debug _ccert
"$_ccert"
31 _debug _cfullchain
"$_cfullchain"
34 _getdeployconf DEPLOY_PROXMOXVE_SERVER
35 if [ -z "$DEPLOY_PROXMOXVE_SERVER" ]; then
36 _target_hostname
="$_cdomain"
38 _target_hostname
="$DEPLOY_PROXMOXVE_SERVER"
39 _savedeployconf DEPLOY_PROXMOXVE_SERVER
"$DEPLOY_PROXMOXVE_SERVER"
41 _debug2 DEPLOY_PROXMOXVE_SERVER
"$_target_hostname"
43 _getdeployconf DEPLOY_PROXMOXVE_SERVER_PORT
44 if [ -z "$DEPLOY_PROXMOXVE_SERVER_PORT" ]; then
47 _target_port
="$DEPLOY_PROXMOXVE_SERVER_PORT"
48 _savedeployconf DEPLOY_PROXMOXVE_SERVER_PORT
"$DEPLOY_PROXMOXVE_SERVER_PORT"
50 _debug2 DEPLOY_PROXMOXVE_SERVER_PORT
"$_target_port"
52 _getdeployconf DEPLOY_PROXMOXVE_NODE_NAME
53 if [ -z "$DEPLOY_PROXMOXVE_NODE_NAME" ]; then
54 _node_name
=$
(echo "$_target_hostname" | cut
-d.
-f1)
56 _node_name
="$DEPLOY_PROXMOXVE_NODE_NAME"
57 _savedeployconf DEPLOY_PROXMOXVE_NODE_NAME
"$DEPLOY_PROXMOXVE_NODE_NAME"
59 _debug2 DEPLOY_PROXMOXVE_NODE_NAME
"$_node_name"
62 _target_url
="https://${_target_hostname}:${_target_port}/api2/json/nodes/${_node_name}/certificates/custom"
63 _debug TARGET_URL
"$_target_url"
65 # More "sane" defaults.
66 _getdeployconf DEPLOY_PROXMOXVE_USER
67 if [ -z "$DEPLOY_PROXMOXVE_USER" ]; then
68 _proxmoxve_user
="root"
70 _proxmoxve_user
="$DEPLOY_PROXMOXVE_USER"
71 _savedeployconf DEPLOY_PROXMOXVE_USER
"$DEPLOY_PROXMOXVE_USER"
73 _debug2 DEPLOY_PROXMOXVE_USER
"$_proxmoxve_user"
75 _getdeployconf DEPLOY_PROXMOXVE_USER_REALM
76 if [ -z "$DEPLOY_PROXMOXVE_USER_REALM" ]; then
77 _proxmoxve_user_realm
="pam"
79 _proxmoxve_user_realm
="$DEPLOY_PROXMOXVE_USER_REALM"
80 _savedeployconf DEPLOY_PROXMOXVE_USER_REALM
"$DEPLOY_PROXMOXVE_USER_REALM"
82 _debug2 DEPLOY_PROXMOXVE_USER_REALM
"$_proxmoxve_user_realm"
84 _getdeployconf DEPLOY_PROXMOXVE_API_TOKEN_NAME
85 if [ -z "$DEPLOY_PROXMOXVE_API_TOKEN_NAME" ]; then
86 _proxmoxve_api_token_name
="acme"
88 _proxmoxve_api_token_name
="$DEPLOY_PROXMOXVE_API_TOKEN_NAME"
89 _savedeployconf DEPLOY_PROXMOXVE_API_TOKEN_NAME
"$DEPLOY_PROXMOXVE_API_TOKEN_NAME"
91 _debug2 DEPLOY_PROXMOXVE_API_TOKEN_NAME
"$_proxmoxve_api_token_name"
94 _getdeployconf DEPLOY_PROXMOXVE_API_TOKEN_KEY
95 if [ -z "$DEPLOY_PROXMOXVE_API_TOKEN_KEY" ]; then
96 _err
"API key not provided."
99 _proxmoxve_api_token_key
="$DEPLOY_PROXMOXVE_API_TOKEN_KEY"
100 _savedeployconf DEPLOY_PROXMOXVE_API_TOKEN_KEY
"$DEPLOY_PROXMOXVE_API_TOKEN_KEY"
102 _debug2 DEPLOY_PROXMOXVE_API_TOKEN_KEY _proxmoxve_api_token_key
104 # PVE API Token header value. Used in "Authorization: PVEAPIToken".
105 _proxmoxve_header_api_token
="${_proxmoxve_user}@${_proxmoxve_user_realm}!${_proxmoxve_api_token_name}=${_proxmoxve_api_token_key}"
106 _debug2
"Auth Header" _proxmoxve_header_api_token
108 # Ugly. I hate putting heredocs inside functions because heredocs don't
109 # account for whitespace correctly but it _does_ work and is several times
110 # cleaner than anything else I had here.
112 # This dumps the json payload to a variable that should be passable to the
117 "certificates": "$(tr '\n' ':' <"$_cfullchain" | sed 's/:/\\n/g')",
118 "key": "$(tr '\n' ':' <"$_ckey" | sed 's/:/\\n/g')",
119 "node":"$_node_name",
125 _debug2 Payload
"$_json_payload"
127 # Push certificates to server.
128 export _HTTPS_INSECURE
=1
129 export _H1
="Authorization: PVEAPIToken=${_proxmoxve_header_api_token}"
130 _post
"$_json_payload" "$_target_url" "" POST
"application/json"