Skip to content
GitLab
Explore
Sign in
Primary navigation
Search or go to…
Project
C
certman
Manage
Activity
Members
Labels
Plan
Issues
Issue boards
Milestones
Wiki
Code
Merge requests
Repository
Branches
Commits
Tags
Repository graph
Compare revisions
Snippets
Build
Pipelines
Jobs
Pipeline schedules
Artifacts
Deploy
Releases
Container registry
Model registry
Operate
Environments
Monitor
Incidents
Analyze
Value stream analytics
Contributor analytics
CI/CD analytics
Repository analytics
Model experiments
Help
Help
Support
GitLab documentation
Compare GitLab plans
Community forum
Contribute to GitLab
Provide feedback
Keyboard shortcuts
?
Snippets
Groups
Projects
Show more breadcrumbs
IML Open Source
certman
Commits
5fe2de1a
Commit
5fe2de1a
authored
3 years ago
by
Hahn Axel (hahn)
Browse files
Options
Downloads
Plain Diff
Merge branch 'track-requests' into 'master'
Track requests in a debug.log See merge request
!16
parents
fb625c5b
e0eb6028
Branches
Branches containing commit
No related tags found
1 merge request
!16
Track requests in a debug.log
Changes
3
Hide whitespace changes
Inline
Side-by-side
Showing
3 changed files
cm.sh
+66
-8
66 additions, 8 deletions
cm.sh
docs/20_Configuration.md
+16
-1
16 additions, 1 deletion
docs/20_Configuration.md
inc_config.sh.dist
+12
-0
12 additions, 0 deletions
inc_config.sh.dist
with
94 additions
and
9 deletions
cm.sh
+
66
−
8
View file @
5fe2de1a
...
...
@@ -32,6 +32,7 @@
# 2022-04-07 <axel.hahn@iml.unibe.ch> fix missing key in public_ensure before calling public_add too.
# 2022-04-20 <axel.hahn@iml.unibe.ch> fix multiple domains using domain alias
# 2022-04-21 <axel.hahn@iml.unibe.ch> mix multiple domains using domain alias or not
# 2022-05-19 <axel.hahn@iml.unibe.ch> add timer and debug.log
# ======================================================================
...
...
@@ -44,15 +45,23 @@
logdir
=
"./log"
touchfile
=
"
$logdir
/lastchange.txt"
logfile
=
"
$logdir
/certmanager.log"
debuglogfile
=
"
$logdir
/debug.log"
# CSR USAGE WAS REMOVED
# csrfile="./templates/csr.txt"
line
=
"_______________________________________________________________________________"
showdebug
=
1
writelo
g
=
1
# flag:
show
debug
infos on console (STDOUT)
CM_showdebu
g
=
0
# flag: write a log for created/ renewd/ deleted certs
CM_writelog
=
1
# flag: write a log for executed functions with timer and process count
CM_writedebuglog
=
0
CM_timer_start
=
$(
date
+%s.%N
)
# ----------------------------------------------------------------------
#
...
...
@@ -313,36 +322,61 @@ function _testUser(){
}
# set update message into access log file
# global bool CM_writedebuglog flag to write access log.
# param string(s) message
function
_debuglog
(){
if
[
${
CM_writedebuglog
}
-eq
1
]
;
then
local
_sProcesses
typeset
-i
local
_iProcesses
typeset
-i
local
_iPos
_sProcesses
=
$(
ps
-ef
|
grep
"bash.*
$0
"
|
grep
-v
"ssh.*@"
|
grep
-v
"grep"
|
sort
-k
2
-n
)
_iProcesses
=
$(
echo
"
$_sProcesses
"
|
wc
-l
)
_iPos
=
$(
echo
"
$_sProcesses
"
|
grep
-n
"
$$
"
|
head
-1
|
cut
-f
1
-d
':'
)
echo
"
$(
date
)
$CM_fqdn
[
$$
] |
$(
show_timer
)
| pos
$_iPos
of
$_iProcesses
processes |
$*
"
>>
${
debuglogfile
}
fi
}
# set update message in a file
# param string(s) message
function
_update
(){
echo
"[
$(
date
)
]
$*
"
>
${
touchfile
}
test
${
writelog
}
&&
echo
"[
$(
date
)
]
$*
"
>>
${
logfile
}
test
${
CM_
writelog
}
-ne
0
&&
echo
"[
$(
date
)
]
$*
"
>>
${
logfile
}
}
# "neverending" loop that waits until the current process is
# the one with lowest PID
function
_wait_for_free_slot
(){
local
_bWait
=
true
_debuglog
"start in _wait_for_free_slot"
typeset
-i
local
_iFirstPID
=
0
_wd
"--- Need to wait until own process PID
$$
is on top ... "
local
_sProcesses
_wd
"--- Need to wait until own process PID
$$
is on top ... "
while
[
$_bWait
=
true
]
;
do
_iFirstPID
=
$(
ps
-ef
|
grep
"bash.*
$0
"
|
grep
-v
"ssh.*@"
|
grep
-v
"grep"
|
sort
-k
2
-n
|
head
-1
|
awk
'{ print $2}'
)
_sProcesses
=
$(
ps
-ef
|
grep
"bash.*
$0
"
|
grep
-v
"ssh.*@"
|
grep
-v
"grep"
|
sort
-k
2
-n
)
# _iFirstPID=$( ps -ef | grep "bash.*$0" | grep -v "ssh.*@" | grep -v "grep" | sort -k 2 -n | head -1 | awk '{ print $2}' )
_iFirstPID
=
$(
echo
"
$_sProcesses
"
|
head
-1
|
awk
'{ print $2}'
)
if
[
$_iFirstPID
-eq
$$
]
;
then
_bWait
=
false
_wd
"OK. Go!"
else
_wd
"- all instances"
test
${
showdebug
}
&&
ps
-ef
|
grep
"bash.*
$0
"
|
grep
-v
"ssh.*@"
|
grep
-v
"grep"
|
sort
-k
2
-n
_debuglog
"waiting in _wait_for_free_slot"
# test ${CM_showdebug} && ps -ef | grep "bash.*$0" | grep -v "ssh.*@" | grep -v "grep" | sort -k 2 -n
test
${
CM_showdebug
}
-ne
0
&&
echo
"
$_sProcesses
"
sleep
10
fi
done
_debuglog
"end _wait_for_free_slot"
}
# write debug output if showdebug is set to 1
# write debug output if
CM_
showdebug is set to 1
function
_wd
(){
test
${
showdebug
}
&&
echo
"DEBUG:
$*
"
test
${
CM_
showdebug
}
-ne
0
&&
echo
"DEBUG:
$*
"
}
# set environment for a single certificate based on FQDN
...
...
@@ -387,6 +421,21 @@ function _testFqdncount(){
exit
1
fi
}
# get time in sec and milliseconds since start
# no parameter is required
function
show_timer
(){
local
timer_end
=
$(
date
+%s.%N
)
local
totaltime
=
$(
awk
"BEGIN {print
$timer_end
-
$CM_timer_start
}"
)
local
sec_time
=
$(
echo
$totaltime
|
cut
-f
1
-d
"."
)
test
-z
"
$sec_time
"
&&
sec_time
=
0
local
ms_time
=
$(
echo
$totaltime
|
cut
-f
2
-d
"."
|
cut
-c
1-3
)
echo
"
$sec_time
.
$ms_time
sec"
}
# ----------------------------------------------------------------------
#
# PUBLIC FUNCTIONS
...
...
@@ -399,6 +448,7 @@ function _testFqdncount(){
function
public_add
(){
local
_params
=
""
_debuglog
"start public_add"
_wait_for_free_slot
_requiresFqdn
_certMustNotExist
...
...
@@ -434,6 +484,7 @@ function public_add(){
_certMatching
_update
"added
$CM_fqdn
$*
"
_debuglog
"end public_add"
}
# CSR USAGE WAS REMOVED
...
...
@@ -508,6 +559,7 @@ function public_ensure(){
# public function to delete a cert
#
function
public_delete
(){
_debuglog
"start public_delete"
_wait_for_free_slot
_requiresFqdn
_certMustExist
...
...
@@ -522,6 +574,7 @@ function public_delete(){
# CSR USAGE WAS REMOVED
rm
-rf
${
CM_dircerts
}
${
CM_filecnf
}
${
CM_filekey
}
${
CM_filecsr
}
~/.acme.sh/
${
CM_fqdn
}
&&
echo
OK
_update
"deleted
${
CM_fqdn
}
"
_debuglog
"end public_delete"
}
...
...
@@ -576,6 +629,7 @@ function public_list-old(){
# public function - renew a certificate
# param string fqdn of domain to renew
function
public_renew
(){
_debuglog
"start public_renew"
_wait_for_free_slot
_requiresFqdn
_certMustExist
...
...
@@ -598,6 +652,7 @@ function public_renew(){
_wd
"Error ocured."
exit
$_rc
esac
_debuglog
"end public_renew"
}
#
...
...
@@ -788,7 +843,10 @@ if [ $# -gt 0 -a $? -eq 0 ]; then
_setenv
$CM_fqdn
_wd
"A C T I O N -->>
$action
<<--"
_debuglog
">>> START public_
$action
$CM_fqdn
$*
"
eval
"public_
$action
$*
"
_debuglog
">>> DONE public_
$action
$CM_fqdn
$*
"
else
self
=
$(
basename
$0
)
cat
<<
EOF
...
...
This diff is collapsed.
Click to expand it.
docs/20_Configuration.md
+
16
−
1
View file @
5fe2de1a
...
...
@@ -29,6 +29,9 @@ variable expansion.
| CM_certmatch | regex | matcher to identify domains with dns access; all other domains will use dns alias mode | "
\.
example
\.
com" |
| CM_challenge_alias | string | domain for validation with dns alias mode | "example.com" |
| CM_user | string | force a user to execute cm.sh | default: none (=any user can run cm.sh) |
| CM_showdebug | 0
\|
1 | flag: show debug infos on console (STDOUT) | default: 0 |
| CM_writelog | 0
\|
1 | flag: write a log for created/ renewd/ deleted certs | default: 1 |
| CM_writedebuglog | 0
\|
1 | flag: write a log for executed functions with timer and process count | default: 0 |
## inc_config.sh.dist
...
...
@@ -84,5 +87,17 @@ export ACME=../acme.sh/acme.sh
# like Ansible or puppet; default: none (=any user can run cm.sh)
# export CM_user="ansible"
# flag: show debug infos on console (STDOUT)
# default: 0
export
CM_showdebug
=
1
# flag: write a log for created/ renewd/ deleted certs
# default: 1
# export CM_writelog=1
# flag: write a log for executed functions with timer and process count
# default: 0
# export CM_writedebuglog=0
# ----------------------------------------------------------------------
```
\ No newline at end of file
```
This diff is collapsed.
Click to expand it.
inc_config.sh.dist
+
12
−
0
View file @
5fe2de1a
...
...
@@ -49,4 +49,16 @@ export ACME=../acme.sh/acme.sh
# like Ansible or puppet; default: none (=any user can run cm.sh)
# export CM_user="ansible"
# flag: show debug infos on console (STDOUT)
# default: 0
export CM_showdebug=1
# flag: write a log for created/ renewd/ deleted certs
# default: 1
# export CM_writelog=1
# flag: write a log for executed functions with timer and process count
# default: 0
# export CM_writedebuglog=0
# ----------------------------------------------------------------------
This diff is collapsed.
Click to expand it.
Preview
0%
Loading
Try again
or
attach a new file
.
Cancel
You are about to add
0
people
to the discussion. Proceed with caution.
Finish editing this message first!
Save comment
Cancel
Please
register
or
sign in
to comment