2021-04-26 09:00:42 -05:00
|
|
|
#!/usr/bin/env bash
|
|
|
|
|
|
|
|
function CheckSSLCert() {
|
2024-02-20 20:05:39 +01:00
|
|
|
if [ -z "${SSL_CERT_SECRET:-}" ]; then
|
2021-04-26 09:00:42 -05:00
|
|
|
# No cert was passed
|
2024-01-30 09:05:47 +01:00
|
|
|
debug "User did not provide a SSL_CERT_SECRET"
|
2021-04-26 09:00:42 -05:00
|
|
|
else
|
|
|
|
# User has provided a cert file to upload
|
2024-01-30 09:05:47 +01:00
|
|
|
debug "User configured a SSL_CERT_SECRET"
|
2021-04-26 09:00:42 -05:00
|
|
|
InstallSSLCert
|
|
|
|
fi
|
|
|
|
}
|
2024-01-30 09:05:47 +01:00
|
|
|
|
2021-04-26 09:00:42 -05:00
|
|
|
function InstallSSLCert() {
|
2024-01-30 09:05:47 +01:00
|
|
|
local CERT_FILE
|
2021-04-26 09:00:42 -05:00
|
|
|
CERT_FILE='/tmp/cert.crt'
|
2024-01-30 09:05:47 +01:00
|
|
|
local CERT_ROOT
|
2021-04-26 09:00:42 -05:00
|
|
|
CERT_ROOT='/usr/local/share/ca-certificates'
|
2024-01-30 09:05:47 +01:00
|
|
|
local FILE_NAME
|
2021-04-26 09:00:42 -05:00
|
|
|
FILE_NAME=$(basename "${CERT_FILE}" 2>&1)
|
|
|
|
|
|
|
|
echo "${SSL_CERT_SECRET}" >>"${CERT_FILE}"
|
|
|
|
|
2024-01-30 09:05:47 +01:00
|
|
|
local CERT_DESTINATION
|
|
|
|
CERT_DESTINATION="${CERT_ROOT}/${FILE_NAME}"
|
|
|
|
info "Moving certificate to ${CERT_DESTINATION}"
|
|
|
|
local COPY_CMD
|
|
|
|
if ! COPY_CMD=$(mv -v "${CERT_FILE}" "${CERT_DESTINATION}" 2>&1); then
|
|
|
|
fatal "Failed to move cert to ${CERT_DESTINATION}. Output: ${COPY_CMD}"
|
2021-04-26 09:00:42 -05:00
|
|
|
fi
|
2024-01-30 09:05:47 +01:00
|
|
|
debug "Move certificate output: ${COPY_CMD}"
|
2021-04-26 09:00:42 -05:00
|
|
|
|
2024-01-30 09:05:47 +01:00
|
|
|
info "Update cert store to consider the new certificate"
|
|
|
|
local UPDATE_CMD
|
|
|
|
if ! UPDATE_CMD=$(update-ca-certificates 2>&1); then
|
|
|
|
fatal "Failed to add the certificate to the trust store. Output: ${UPDATE_CMD}"
|
2021-04-26 09:00:42 -05:00
|
|
|
fi
|
2024-01-30 09:05:47 +01:00
|
|
|
debug "Cert store update output: ${UPDATE_CMD}"
|
2021-04-26 09:00:42 -05:00
|
|
|
}
|