rlbr
/
certificate_provision
1
0
Fork 0
Code Issues Pull Requests Releases Wiki Activity
Copy certificate from master to slaves
You can not select more than 25 topics Topics must start with a letter or number, can include dashes ('-') and can be up to 35 characters long.
6 Commits
2 Branches
1 Tag
5.0 KiB
Tree: 7d236fa099
Branches Tags
${ item.name }
tag.create_tag%!(EXTRA string=${ searchTerm })
Create branch ${ searchTerm }
from '7d236fa099'
${ noResults }
certificate_provision/copy_cert.py

84 lines
2.9 KiB
Raw Normal View History

Initial commit
7 years ago
Added implementations for all functions
7 years ago
Added function names that will be needed to copy certificate
7 years ago
Added implementations for all functions
7 years ago
Added the script to put the certificate where it needs to go
7 years ago
Added implementations for all functions
7 years ago
Initial commit
7 years ago
Added function names that will be needed to copy certificate
7 years ago
Added implementations for all functions
7 years ago
Added function names that will be needed to copy certificate
7 years ago
Added implementations for all functions
7 years ago
Added function names that will be needed to copy certificate
7 years ago
Added implementations for all functions
7 years ago
Added function names that will be needed to copy certificate
7 years ago
Added implementations for all functions
7 years ago
Added function names that will be needed to copy certificate
7 years ago
Changed arg prefix as to not conflict with win-acme
7 years ago
Added help to arguments and remote directory argument for storage
7 years ago
Changed arg prefix as to not conflict with win-acme
7 years ago
Added function names that will be needed to copy certificate
7 years ago
Added the script to put the certificate where it needs to go
7 years ago
  1. #!/usr/bin/python
  2. import paramiko
  3. import argparse
  4. import os
  5. import posixpath
  6. from subprocess import list2cmdline
  9. def connection_from_config(name):
  10. """Create a connection from a Host entry in the .ssh/config file"""
  11. config = paramiko.config.SSHConfig()
  12. cp = os.path.expanduser('~/.ssh/config')
  13. with open(cp) as file:
  14. config.parse(file)
  15. info = config.lookup(name)
  16. info['username'] = info.pop('user')
  17. info['key_filename'] = info.pop('identityfile')
  18. info['port'] = int(info['port'])
  19. client = paramiko.client.SSHClient()
  20. client.load_host_keys(os.path.expanduser('~/.ssh/known_hosts'))
  21. client.connect(**info)
  22. return client
  25. def scp(connection: paramiko.sftp_client.SFTPClient, src, dst):
  26. """Function to copy files from src to dst using connection"""
  27. connection.put(src, dst)
  30. def exec_remote(connection: paramiko.SSHClient, command):
  31. """Function to execute specified command on conection"""
  32. if not isinstance(command, str):
  33. command = list2cmdline(command)
  34. stdin, stdout, stderr = connection.exec_command(command)
  35. return stdout, stderr
  38. if __name__ == "__main__":
  39. parser = argparse.ArgumentParser(prefix_chars="*")
  40. parser.add_argument(
  41. 'cert_path', help="location of the certificate to install")
  42. parser.add_argument(
  43. 'key_path', help="localtion of the private key to install")
  44. parser.add_argument(
  45. 'store_path',
  46. help="directory to store the private key and certificate")
  47. parser.add_argument('*d', '**dry', action='store_true')
  48. args = parser.parse_args()
  49. # Connect to host
  50. router = connection_from_config('router')
  51. stdout, stderr = exec_remote(router, ['ls', args.store_path])
  52. # Check to see if remote directory exists
  53. if stdout.channel.recv_exit_status() == 0:
  54. files = list(filter(bool, stdout.read().decode().split('\n')))
  55. # Delete old certificate and key
  56. for file in files:
  57. if file in ('cert.pem', 'key.pem'):
  58. if args.dry:
  59. print("Removing {}".format(
  60. posixpath.join(args.store_path, file)))
  61. else:
  62. exec_remote(
  63. router, ['rm', posixpath.join(
  64. args.store_path, file)]
  65. )
  66. else:
  67. # Create missing directory
  68. if args.dry:
  69. print("Creating missing dir {}".format(args.store_path))
  70. else:
  71. exec_remote(router, ['mkdir', args.store_path])
  72. sftp = router.open_sftp()
  73. # Copy certificate and key to store_path
  74. for src, dst in zip(
  75. [args.cert_path, args.key_path],
  76. [posixpath.join(args.store_path, "cert.pem"),
  77. posixpath.join(args.store_path, "key.pem")]
  78. ):
  79. if args.dry:
  80. print("{} -> {}".format(src, dst))
  81. else:
  82. scp(sftp, src, dst)
  83. sftp.close()
  84. router.close()