Created
September 7, 2022 13:04
-
-
Save atta/18b033ae5d26b1d5dd0c32aa4d5e4f22 to your computer and use it in GitHub Desktop.
cron for custom domains
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
#/usr/bin/bash | |
DNS_DOMAIN=${1:-'pages.my.cloud'} | |
MAPFILE=${2:-'/etc/haproxy/map/buckets.map'} | |
RELOAD=0 | |
map() { | |
MAP="${1} $(echo $2 | tr '/' ':')" | |
if ! grep -Fqx "${MAP}" "${MAPFILE}" ; then | |
echo "${MAP}" >> "${MAPFILE}" | |
RELOAD=1 | |
fi | |
} | |
acme() { | |
acme.sh \ | |
--issue \ | |
--stateless \ | |
-d "${1}" \ | |
--keylength 4096 | |
if [ "$?" == "0" ]; then | |
acme.sh \ | |
--install-cert \ | |
-d ${1} \ | |
--reloadcmd "cat \$CERT_KEY_PATH \$CERT_FULLCHAIN_PATH > /etc/haproxy/ssl/${1}" | |
RELOAD=1 | |
fi | |
} | |
for BUCKET in $(radosgw-admin buckets list --allow-unordered | jq -er '.[]'); do | |
DNS_ALIAS="$(radosgw-admin bucket stats --bucket ${BUCKET} | \ | |
jq -er 'select(.tagset != null).tagset | to_entries[] | select(.key=="dns-alias").value')" | |
if [ "${DNS_ALIAS}" != "" ]; then | |
DNS_CNAME="$(dig +nocmd "${DNS_ALIAS}" cname +noall +answer | awk '{ print $NF }')" | |
echo "${BUCKET} ${DNS_ALIAS} ${DNS_CNAME}" | |
if [ "$(echo $BUCKET | tr '/' '_').${DNS_DOMAIN}." == "${DNS_CNAME}" ]; then | |
echo "found ${DNS_CNAME} for ${DNS_ALIAS}" | |
map "${DNS_CNAME}" "${BUCKET}" | |
acme "${DNS_ALIAS}" | |
fi | |
fi | |
done | |
if [ $RELOAD -eq 1 ]; then | |
echo "reload" | |
systemctl reload haproxy | |
fi |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment