Skip to content
Snippets Groups Projects
Commit 7b6b2981 authored by Hahn Axel (hahn)'s avatar Hahn Axel (hahn)
Browse files

added parameter selftest

parent 32a095a7
No related branches found
No related tags found
No related merge requests found
Hide whitespace changes
Inline Side-by-side
cm.sh
+ 87
6
View file @ 7b6b2981
...@@ -14,6 +14,7 @@ ...@@ -14,6 +14,7 @@
# ---------------------------------------------------------------------- # ----------------------------------------------------------------------
# 2021-02-02 <axel.hahn@iml.unibe.ch> first lines # 2021-02-02 <axel.hahn@iml.unibe.ch> first lines
# 2021-02-10 <axel.hahn@iml.unibe.ch> compare hashes, logging # 2021-02-10 <axel.hahn@iml.unibe.ch> compare hashes, logging
# 2021-02-12 <axel.hahn@iml.unibe.ch> added self test
# ====================================================================== # ======================================================================
...@@ -23,10 +24,11 @@ ...@@ -23,10 +24,11 @@
# #
# ---------------------------------------------------------------------- # ----------------------------------------------------------------------
selfdir="$( dirname $0 )" touchfile="./log/lastchange.txt"
touchfile="${selfdir}/log/lastchange.txt" logfile="./log/certmanager.log"
# logfile="${selfdir}/log/certmanager-$( date +"%Y%m%d" ).log"
logfile="${selfdir}/log/certmanager.log" csrfile="./templates/csr.txt"
line="_______________________________________________________________________________" line="_______________________________________________________________________________"
showdebug=1 showdebug=1
...@@ -163,7 +165,7 @@ function _gencsr(){ ...@@ -163,7 +165,7 @@ function _gencsr(){
rm -f $CM_filecnf $CM_filekey $CM_filecsr rm -f $CM_filecnf $CM_filekey $CM_filecsr
mkdir -p "${CM_dircsr}" 2>/dev/null mkdir -p "${CM_dircsr}" 2>/dev/null
cat ./templates/csr.txt \ cat $csrfile \
| sed "s#__FQDN__#$CM_fqdn#g" \ | sed "s#__FQDN__#$CM_fqdn#g" \
| sed "s#__ALTNAMES__#$altdns#g" \ | sed "s#__ALTNAMES__#$altdns#g" \
> $CM_filecnf || exit 1 > $CM_filecnf || exit 1
...@@ -343,6 +345,79 @@ function public_renew-all(){ ...@@ -343,6 +345,79 @@ function public_renew-all(){
} }
# internal function; helper for selftest to handle a single selftest
# if a given command is successful it shows "OK" or "ERROR" followed
# by the label inparam 2.
# The value _iErrors will be incremented by 1 if an error occured.
# param string command to verify
# param string output label
function _selftestItem(){
local _check=$1
local _label=$2
local _status="OK:"
eval "$_check"
if [ $? -ne 0 ]; then
_status="ERROR: the check failed for the test of -"
_iErrors=$_iErrors+1
fi
echo "$_status $_label"
}
#
# list existing certs
# no params
function public_selftest(){
typeset -i _iErrors=0
echo
echo --- dependencies
_selftestItem "which openssl" "opemssl was found"
_selftestItem "which curl" "curl was found"
echo
echo --- acme.sh client
_selftestItem "ls -ld ${ACME}" "${ACME} exits"
_selftestItem "test -x ${ACME}" "${ACME} is executable"
echo
echo --- acme.sh installation \(may fail in future releases of acme.sh\)
_selftestItem "ls -ld ~/.acme.sh" "internal acme data were found = [acme.sh --install] was done"
_selftestItem "test -w ~/.acme.sh/" "it is writable"
echo
echo --- csr template
_selftestItem "ls -ld ${csrfile}" "csr base template exists"
_selftestItem "test -r ${csrfile}" "it is readable"
echo
echo --- output directory for csr and key
_selftestItem "ls -ld ${CM_dircsr}" "data dir for csr exists"
_selftestItem "test -w ${CM_dircsr}" "it is writable"
echo
echo --- output dir for centralized place of certificates
_selftestItem "ls -ld ${CM_diracme}" "central output dir for certificate data exists"
_selftestItem "test -w ${CM_diracme}" "it is writable"
echo
echo --- logs
_selftestItem "ls -ld ./log/" "Logdir exists"
_selftestItem "test -w" "Logdir is writable"
test -f $logfile && _selftestItem "test -w $logfile" "Logfile $logfile is writable"
test -f $touchfile && _selftestItem "test -w $touchfile" "Logfile $touchfile is writable"
echo
echo --- Errors: $_iErrors
test $_iErrors -eq 0 && echo "OK, this looks fine."
echo
exit $_iErrors
}
# #
# list existing certs # list existing certs
# no params # no params
...@@ -457,7 +532,13 @@ ACTIONs for ALL certs ...@@ -457,7 +532,13 @@ ACTIONs for ALL certs
renew-all renew-all
renew all certificates (fast mode - without --force) renew all certificates (fast mode - without --force)
and update files in ${CM_diracme} and update files in ${CM_diracme}
It is useful for a cronjob It is useful for a cronjob.
other ACTIONs
selftest
check of health with current setup and requirements.
This command is helpful for initial setups.
EOF EOF
fi fi
......
readme.md
+ 7
0
View file @ 7b6b2981
...@@ -17,6 +17,8 @@ source: <https://git-repo.iml.unibe.ch/open-source/iml-certman> ...@@ -17,6 +17,8 @@ source: <https://git-repo.iml.unibe.ch/open-source/iml-certman>
* templates/csr.txt * templates/csr.txt
* set location, company and department * set location, company and department
Verify setup with ``./cm.sh selftest``
## Usage ## Usage
```text ```text
...@@ -74,6 +76,11 @@ ACTIONs for ALL certs ...@@ -74,6 +76,11 @@ ACTIONs for ALL certs
renew all certificates (fast mode - without --force) renew all certificates (fast mode - without --force)
and update files in ./certs and update files in ./certs
other ACTIONs
selftest
check of health with current setup and requirements.
This command is helpful for initial setups.
DEBUG: Using LE STAGE environment ... DEBUG: Using LE STAGE environment ...
DEBUG: You can test and mess around. Do not use certs in production. DEBUG: You can test and mess around. Do not use certs in production.
......
0% or .
You are about to add 0 people to the discussion. Proceed with caution.
Please register or to comment