Created
May 17, 2019 14:46
-
-
Save ekohl/e22b230798a2553c6e698b817fbb5c9a to your computer and use it in GitHub Desktop.
A script that wraps curl with the right connection details
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
#!/usr/bin/env ruby | |
# | |
# This script wraps curl with the right connection details so you don't need to | |
# care about it. | |
# | |
# The first argument is the path on the host, including the first slash: | |
# | |
# ./fp-curl /features | |
# ./fp-curl /v2/features | jq . | |
# ./fp-curl /puppet/ca/host.example.com -X DELETE | |
require 'openssl' | |
require 'uri' | |
require 'yaml' | |
raise Exception, "Usage: #{$0} /path [other]" unless ARGV.any? | |
SETTINGS_FILE = '/etc/foreman-proxy/settings.yml' | |
settings = YAML.load(File.read(SETTINGS_FILE)) | |
raise Exception, 'Unable to read settings' unless settings | |
certificate = OpenSSL::X509::Certificate.new(File.read(settings[:ssl_certificate])) | |
cn = certificate.subject.to_a.find { |name, data, type| name == 'CN' } | |
raise Exception, 'No CN found in certificate' unless cn | |
uri = URI::HTTPS.build({:host => cn[1], :port => settings[:https_port], :path => ARGV.shift}) | |
command = [ | |
'curl', | |
'--cacert', settings[:ssl_ca_file], | |
'--key', settings[:ssl_private_key], | |
'--cert', settings[:ssl_certificate], | |
uri.to_s, | |
] + ARGV | |
system(*command) | |
puts | |
exit $?.exitstatus |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment