Created
December 12, 2020 01:52
-
-
Save peterc/3808c3ba2d161f5df70fe8857c398035 to your computer and use it in GitHub Desktop.
Copy a TLS certificate and private key from DNSimple to Linode Object Storage
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
# dnsimple_ssl_to_linode_object_storage.rb | |
# Copy a certificate stored on DNSimple to Linode Object Storage | |
# | |
# Depends on 'http' gem | |
# | |
# Requires environment settings as such: | |
# LINODE_TOKEN=[API token] | |
# LINODE_REGION=[region of your object storage bucket] | |
# DNSIMPLE_TOKEN=[API token] | |
# DNSIMPLE_DOMAIN=example.com | |
# LINODE_DOMAIN=bucket.example.com | |
# DNSIMPLE_ID=[account ID, usually a number] | |
# CERTIFICATE_ID=[get from the end of the URL | |
# when you hover over the cert in the DNSimple admin!] | |
require 'json' | |
require 'http' | |
# Fetch TLS certificates and private key from DNSimple | |
res = HTTP["Content-Type" => "application/json", "Authorization" => "Bearer #{ENV['DNSIMPLE_TOKEN']}"].get("https://api.dnsimple.com/v2/#{ENV['DNSIMPLE_ID']}/domains/#{ENV['DNSIMPLE_DOMAIN']}/certificates/#{ENV['CERTIFICATE_ID']}/download") | |
raise "Failed to get certificate" unless res.code == 200 | |
certs = JSON.parse(res.body.to_s)['data'] | |
cert = certs['server'] + certs['chain'].join("\n") | |
res = HTTP["Content-Type" => "application/json", "Authorization" => "Bearer #{ENV['DNSIMPLE_TOKEN']}"].get("https://api.dnsimple.com/v2/#{ENV['DNSIMPLE_ID']}/domains/#{ENV['DNSIMPLE_DOMAIN']}/certificates/#{ENV['CERTIFICATE_ID']}/private_key") | |
raise "Failed to get private key" unless res.code == 200 | |
pkey = JSON.parse(res.body.to_s)['data']['private_key'] | |
# Delete existing SSL certificate on Linode Object Storage, if any | |
res = HTTP["Content-Type" => "application/json", "Authorization" => "Bearer #{ENV['LINODE_TOKEN']}"].delete("https://api.linode.com/v4/object-storage/buckets/#{ENV['LINODE_REGION']}/#{ENV['LINODE_DOMAIN']}/ssl") | |
raise "Couldn't delete existing certificate" unless res.code == 200 | |
# Upload SSL certificate to Linode Object Storage | |
res = HTTP["Content-Type" => "application/json", "Authorization" => "Bearer #{ENV['LINODE_TOKEN']}"].post("https://api.linode.com/v4/object-storage/buckets/#{ENV['LINODE_REGION']}/#{ENV['LINODE_DOMAIN']}/ssl", json: {"certificate" => cert, "private_key" => pkey}) | |
raise "Couldn't upload certificate" unless res.code == 200 | |
puts res.body.to_s |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment