Skip to content

Instantly share code, notes, and snippets.

Embed
What would you like to do?
#!/usr/bin/env python3
import argparse
import os
from proxmoxer import ProxmoxAPI
parser = argparse.ArgumentParser()
parser.add_argument("--host",
action='append',
help="Proxmox node to distribute certificate to.")
parser.add_argument("--proxmox_username",
help="Proxmox username attached to API Key.")
parser.add_argument("--cert_path",
default="/certs/",
help="Directory which contains certificate data.")
parser.add_argument("--envvar_api_token_secret",
default="PROXMOX_API_TOKENSECRET",
help="Environment variable which contains API token secret.")
parser.add_argument("--envvar_api_token_id",
default="PROXMOX_API_TOKENID",
help="Environment variable which contains API token ID.")
parser.add_argument("--refresh_days",
default=7,
help="Interval (days) in which a new certificate is pushed to Proxmox hosts."
)
args = parser.parse_args()
tls_key = ""
tls_crt = ""
refresh_secs = args.refresh_days * 24 * 3600
with open(f"{args.cert_path}/tls.key", 'r') as f:
tls_key = f.read()
with open(f"{args.cert_path}/tls.crt", 'r') as f:
tls_crt = f.read()
api_id = os.getenv(args.envvar_api_token_id)
api_secret = os.getenv(args.envvar_api_token_secret)
while True:
for host in args.host:
print(f"Updating certificate on Proxmox node {host}.")
proxmox = ProxmoxAPI(host,
verify_ssl=False,
user=args.proxmox_username,
token_name=api_id, # this is the token ID
token_value=api_secret) # this is the token secret
print(f"proxmox: {proxmox}.")
node = host.split(".")[0]
cert_args = {
'certificates': tls_crt,
'key:': tls_key,
}
print(f"cert_args: {cert_args}")
update_output = proxmox.nodes(node).certificates.custom.post(**cert_args)
print(f"Certificate Update Output: {update_output}.")
time.sleep(refresh_secs)
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment