Mirrors/dokku
1
0
Fork 0
mirror of https://github.com/dokku/dokku.git synced 2025-12-29 00:25:08 +01:00
Code Issues Packages Projects Releases Wiki Activity
Files
98a20e36cd897b728ef461d6d5d8e641650baf81
dokku/plugins/certs/internal-functions
Kazuhiro NISHIYAMA c1cef4f99e Fix certs:help 
`certs` requires `app` argument like `certs:info`.
2017-02-27 23:04:54 +09:00

72 lines
3.2 KiB
Bash
Executable File
Raw Blame History

#!/usr/bin/env bash
set -eo pipefail; [[ $DOKKU_TRACE ]] && set -x
source "$PLUGIN_CORE_AVAILABLE_PATH/common/functions"
source "$PLUGIN_AVAILABLE_PATH/certs/functions"
certs_help_content_func() {
declare desc="return certs plugin help content"
cat<<help_content
certs <app>, [DEPRECATED] Alternative for certs:report
certs:add <app> CRT KEY, Add an ssl endpoint to an app. Can also import from a tarball on stdin
certs:chain CRT [CRT ...], [NOT IMPLEMENTED] Print the ordered and complete chain for the given certificate
certs:generate <app> DOMAIN, Generate a key and certificate signing request (and self-signed certificate)
certs:info <app>, [DEPRECATED] Alternative for certs:report
certs:key <app> CRT KEY [KEY ...], [NOT IMPLEMENTED] Print the correct key for the given certificate
certs:remove <app>, Remove an SSL Endpoint from an app
certs:report [<app>] [<flag>], Displays an ssl report for one or more apps
certs:rollback <app>, [NOT IMPLEMENTED] Rollback an SSL Endpoint for an app
certs:update <app> CRT KEY, Update an SSL Endpoint on an app. Can also import from a tarball on stdin
help_content
}
certs_help_cmd() {
if [[ $1 = "certs:help" ]] ; then
echo -e 'Usage: dokku certs[:COMMAND]'
echo ''
echo 'Manage Dokku apps SSL (TLS) certs.'
echo ''
echo 'Additional commands:'
certs_help_content_func | sort | column -c2 -t -s,
elif [[ $(ps -o command= $PPID) == *"--all"* ]]; then
certs_help_content_func
else
cat<<help_desc
certs, Manage Dokku apps SSL (TLS) certs
help_desc
fi
}
certs_info_cmd() {
# This is here because it's used in both the info and the default
declare desc="prints SSL certificate info for app"
local cmd="certs:info"
[[ -z $2 ]] && dokku_log_fail "Please specify an app to run the command on"
verify_app_name "$2"
local APP="$2"
local APP_SSL_PATH="$DOKKU_ROOT/$APP/tls"
if is_ssl_enabled "$APP"; then
dokku_log_info1 "Fetching SSL Endpoint info for $APP..."
dokku_log_info1 "Certificate details:"
dokku_log_info2 "Common Name(s): "
for domain in $(get_ssl_hostnames "$APP" | xargs); do
dokku_log_info2 " $domain"
done
dokku_log_info2 "Expires At: $(openssl x509 -in "$APP_SSL_PATH/server.crt" -noout -text | grep "Not After :" | awk -F " : " '{ print $2 }')"
dokku_log_info2 "Issuer: $(openssl x509 -in "$APP_SSL_PATH/server.crt" -noout -text | grep "Issuer:" | xargs | sed -e "s/Issuer: //g")"
dokku_log_info2 "Starts At: $(openssl x509 -in "$APP_SSL_PATH/server.crt" -noout -text | grep "Not Before:" | awk -F ": " '{ print $2 }')"
dokku_log_info2 "Subject: $(openssl x509 -in "$APP_SSL_PATH/server.crt" -noout -subject | sed -e "s:subject= ::g"| sed -e "s:^/::g" | sed -e "s:/:; :g")"
local SSL_VERIFY_OUTPUT="$(openssl verify -verbose -purpose sslserver "$APP_SSL_PATH/server.crt" | awk -F ':' '{ print $2 }' | tail -1 | xargs || true)"
if [[ "$SSL_VERIFY_OUTPUT" == "OK" ]]; then
local SSL_SELF_SIGNED="verified by a certificate authority."
else
local SSL_SELF_SIGNED="self signed."
fi
dokku_log_info2 "SSL certificate is $SSL_SELF_SIGNED"
else
dokku_log_info1 "$APP does not have an SSL endpoint"
fi
}
Reference in New Issue View Git Blame Copy Permalink