Skip to content
GitLab
Explore
Sign in
Primary navigation
Search or go to…
Project
I
Infoblox Dns Helperscripts
Manage
Activity
Members
Labels
Plan
Issues
Issue boards
Milestones
Wiki
Code
Merge requests
Repository
Branches
Commits
Tags
Repository graph
Compare revisions
Snippets
Build
Pipelines
Jobs
Pipeline schedules
Artifacts
Deploy
Releases
Package registry
Container registry
Model registry
Operate
Environments
Terraform modules
Monitor
Incidents
Analyze
Value stream analytics
Contributor analytics
CI/CD analytics
Repository analytics
Model experiments
Help
Help
Support
GitLab documentation
Compare GitLab plans
GitLab community forum
Contribute to GitLab
Provide feedback
Keyboard shortcuts
?
Snippets
Groups
Projects
Show more breadcrumbs
IML Open Source
Infoblox Dns Helperscripts
Commits
7b6b2981
Commit
7b6b2981
authored
4 years ago
by
Hahn Axel (hahn)
Browse files
Options
Downloads
Patches
Plain Diff
added parameter selftest
parent
32a095a7
Branches
Branches containing commit
No related tags found
1 merge request
!1
Update docs
Changes
2
Show whitespace changes
Inline
Side-by-side
Showing
2 changed files
cm.sh
+87
-6
87 additions, 6 deletions
cm.sh
readme.md
+7
-0
7 additions, 0 deletions
readme.md
with
94 additions
and
6 deletions
cm.sh
+
87
−
6
View file @
7b6b2981
...
...
@@ -14,6 +14,7 @@
# ----------------------------------------------------------------------
# 2021-02-02 <axel.hahn@iml.unibe.ch> first lines
# 2021-02-10 <axel.hahn@iml.unibe.ch> compare hashes, logging
# 2021-02-12 <axel.hahn@iml.unibe.ch> added self test
# ======================================================================
...
...
@@ -23,10 +24,11 @@
#
# ----------------------------------------------------------------------
selfdir
=
"
$(
dirname
$0
)
"
touchfile
=
"
${
selfdir
}
/log/lastchange.txt"
# logfile="${selfdir}/log/certmanager-$( date +"%Y%m%d" ).log"
logfile
=
"
${
selfdir
}
/log/certmanager.log"
touchfile
=
"./log/lastchange.txt"
logfile
=
"./log/certmanager.log"
csrfile
=
"./templates/csr.txt"
line
=
"_______________________________________________________________________________"
showdebug
=
1
...
...
@@ -163,7 +165,7 @@ function _gencsr(){
rm
-f
$CM_filecnf
$CM_filekey
$CM_filecsr
mkdir
-p
"
${
CM_dircsr
}
"
2>/dev/null
cat
./templates/csr.txt
\
cat
$csrfile
\
|
sed
"s#__FQDN__#
$CM_fqdn
#g"
\
|
sed
"s#__ALTNAMES__#
$altdns
#g"
\
>
$CM_filecnf
||
exit
1
...
...
@@ -343,6 +345,79 @@ function public_renew-all(){
}
# internal function; helper for selftest to handle a single selftest
# if a given command is successful it shows "OK" or "ERROR" followed
# by the label inparam 2.
# The value _iErrors will be incremented by 1 if an error occured.
# param string command to verify
# param string output label
function
_selftestItem
(){
local
_check
=
$1
local
_label
=
$2
local
_status
=
"OK:"
eval
"
$_check
"
if
[
$?
-ne
0
]
;
then
_status
=
"ERROR: the check failed for the test of -"
_iErrors
=
$_iErrors
+1
fi
echo
"
$_status
$_label
"
}
#
# list existing certs
# no params
function
public_selftest
(){
typeset
-i
_iErrors
=
0
echo
echo
---
dependencies
_selftestItem
"which openssl"
"opemssl was found"
_selftestItem
"which curl"
"curl was found"
echo
echo
---
acme.sh client
_selftestItem
"ls -ld
${
ACME
}
"
"
${
ACME
}
exits"
_selftestItem
"test -x
${
ACME
}
"
"
${
ACME
}
is executable"
echo
echo
---
acme.sh installation
\(
may fail
in
future releases of acme.sh
\)
_selftestItem
"ls -ld ~/.acme.sh"
"internal acme data were found = [acme.sh --install] was done"
_selftestItem
"test -w ~/.acme.sh/"
"it is writable"
echo
echo
---
csr template
_selftestItem
"ls -ld
${
csrfile
}
"
"csr base template exists"
_selftestItem
"test -r
${
csrfile
}
"
"it is readable"
echo
echo
---
output directory
for
csr and key
_selftestItem
"ls -ld
${
CM_dircsr
}
"
"data dir for csr exists"
_selftestItem
"test -w
${
CM_dircsr
}
"
"it is writable"
echo
echo
---
output
dir
for
centralized place of certificates
_selftestItem
"ls -ld
${
CM_diracme
}
"
"central output dir for certificate data exists"
_selftestItem
"test -w
${
CM_diracme
}
"
"it is writable"
echo
echo
---
logs
_selftestItem
"ls -ld ./log/"
"Logdir exists"
_selftestItem
"test -w"
"Logdir is writable"
test
-f
$logfile
&&
_selftestItem
"test -w
$logfile
"
"Logfile
$logfile
is writable"
test
-f
$touchfile
&&
_selftestItem
"test -w
$touchfile
"
"Logfile
$touchfile
is writable"
echo
echo
---
Errors:
$_iErrors
test
$_iErrors
-eq
0
&&
echo
"OK, this looks fine."
echo
exit
$_iErrors
}
#
# list existing certs
# no params
...
...
@@ -457,7 +532,13 @@ ACTIONs for ALL certs
renew-all
renew all certificates (fast mode - without --force)
and update files in
${
CM_diracme
}
It is useful for a cronjob
It is useful for a cronjob.
other ACTIONs
selftest
check of health with current setup and requirements.
This command is helpful for initial setups.
EOF
fi
...
...
This diff is collapsed.
Click to expand it.
readme.md
+
7
−
0
View file @
7b6b2981
...
...
@@ -17,6 +17,8 @@ source: <https://git-repo.iml.unibe.ch/open-source/iml-certman>
*
templates/csr.txt
*
set location, company and department
Verify setup with
``./cm.sh selftest``
## Usage
```
text
...
...
@@ -74,6 +76,11 @@ ACTIONs for ALL certs
renew all certificates (fast mode - without --force)
and update files in ./certs
other ACTIONs
selftest
check of health with current setup and requirements.
This command is helpful for initial setups.
DEBUG: Using LE STAGE environment ...
DEBUG: You can test and mess around. Do not use certs in production.
...
...
This diff is collapsed.
Click to expand it.
Preview
0%
Loading
Try again
or
attach a new file
.
Cancel
You are about to add
0
people
to the discussion. Proceed with caution.
Finish editing this message first!
Save comment
Cancel
Please
register
or
sign in
to comment
