maska/traefik-certs-dumper
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

feat: use domain as sub-dir.

Browse Source
This commit is contained in:
Fernandez Ludovic 2019-02-20 09:46:39 +01:00
parent 081f8e9087
commit 0eebb36906
3 changed files with 38 additions and 17 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

41
dumper.go
View File

@ -45,7 +45,7 @@ type Account struct {
KeyType certcrypto.KeyType KeyType certcrypto.KeyType
} }
func dump(acmeFile, dumpPath string, crtExt, keyExt string, subDir bool) error { func dump(acmeFile, dumpPath string, crtExt, keyExt string, domainSubDir bool) error {
f, err := os.Open(acmeFile) f, err := os.Open(acmeFile)
if err != nil { if err != nil {
return err return err
@ -60,29 +60,29 @@ func dump(acmeFile, dumpPath string, crtExt, keyExt string, subDir bool) error {
return err return err
} }
err = os.MkdirAll(filepath.Join(dumpPath, withSubDir(subDir, certsSubDir)), 0755) if !domainSubDir {
if err != nil { if err = os.MkdirAll(filepath.Join(dumpPath, certsSubDir), 0755); err != nil {
return err return err
} }
}
err = os.MkdirAll(filepath.Join(dumpPath, withSubDir(subDir, keysSubDir)), 0755) if err = os.MkdirAll(filepath.Join(dumpPath, keysSubDir), 0755); err != nil {
if err != nil {
return err return err
} }
privateKeyPem := extractPEMPrivateKey(data.Account) privateKeyPem := extractPEMPrivateKey(data.Account)
err = ioutil.WriteFile(filepath.Join(dumpPath, withSubDir(subDir, keysSubDir), "letsencrypt"+keyExt), privateKeyPem, 0666) err = ioutil.WriteFile(filepath.Join(dumpPath, keysSubDir, "letsencrypt"+keyExt), privateKeyPem, 0666)
if err != nil { if err != nil {
return err return err
} }
for _, cert := range data.Certificates { for _, cert := range data.Certificates {
err = ioutil.WriteFile(filepath.Join(dumpPath, withSubDir(subDir, keysSubDir), cert.Domain.Main+keyExt), cert.Key, 0666) err := writeCert(dumpPath, cert, crtExt, domainSubDir)
if err != nil { if err != nil {
return err return err
} }
err = ioutil.WriteFile(filepath.Join(dumpPath, withSubDir(subDir, certsSubDir), cert.Domain.Main+crtExt), cert.Certificate, 0666) err = writeKey(dumpPath, cert, keyExt, domainSubDir)
if err != nil { if err != nil {
return err return err
} }
@ -91,11 +91,28 @@ func dump(acmeFile, dumpPath string, crtExt, keyExt string, subDir bool) error {
return nil return nil
} }
func withSubDir(sub bool, name string) string { func writeCert(dumpPath string, cert *Certificate, ext string, domainSubDir bool) error {
if sub { certPath := filepath.Join(dumpPath, keysSubDir, cert.Domain.Main+ext)
return name if domainSubDir {
certPath = filepath.Join(dumpPath, cert.Domain.Main, "certificate"+ext)
if err := os.MkdirAll(filepath.Join(dumpPath, cert.Domain.Main), 0755); err != nil {
return err
} }
return "" }
return ioutil.WriteFile(certPath, cert.Key, 0666)
}
func writeKey(dumpPath string, cert *Certificate, ext string, domainSubDir bool) error {
keyPath := filepath.Join(dumpPath, certsSubDir, cert.Domain.Main+ext)
if domainSubDir {
keyPath = filepath.Join(dumpPath, cert.Domain.Main, "privatekey"+ext)
if err := os.MkdirAll(filepath.Join(dumpPath, cert.Domain.Main), 0755); err != nil {
return err
}
}
return ioutil.WriteFile(keyPath, cert.Certificate, 0666)
} }
func extractPEMPrivateKey(account *Account) []byte { func extractPEMPrivateKey(account *Account) []byte {

4
main.go
View File

@ -26,7 +26,7 @@ func main() {
dumpPath := cmd.Flag("dest").Value.String() dumpPath := cmd.Flag("dest").Value.String()
crtExt := cmd.Flag("crt-ext").Value.String() crtExt := cmd.Flag("crt-ext").Value.String()
keyExt := cmd.Flag("key-ext").Value.String() keyExt := cmd.Flag("key-ext").Value.String()
subDir, _ := strconv.ParseBool(cmd.Flag("use-subdir").Value.String()) subDir, _ := strconv.ParseBool(cmd.Flag("domain-subdir").Value.String())
err := dump(acmeFile, dumpPath, crtExt, keyExt, subDir) err := dump(acmeFile, dumpPath, crtExt, keyExt, subDir)
if err != nil { if err != nil {
@ -39,7 +39,7 @@ func main() {
dumpCmd.Flags().String("dest", "./dump", "Path to store the dump content.") dumpCmd.Flags().String("dest", "./dump", "Path to store the dump content.")
dumpCmd.Flags().String("crt-ext", ".crt", "The file extension of the generated certificates.") dumpCmd.Flags().String("crt-ext", ".crt", "The file extension of the generated certificates.")
dumpCmd.Flags().String("key-ext", ".key", "The file extension of the generated private keys.") dumpCmd.Flags().String("key-ext", ".key", "The file extension of the generated private keys.")
dumpCmd.Flags().Bool("use-subdir", true, "Use separated directories for certificates and keys.") dumpCmd.Flags().Bool("domain-subdir", false, "Use domain as sub-directory.")
rootCmd.AddCommand(dumpCmd) rootCmd.AddCommand(dumpCmd)
var versionCmd = &cobra.Command{ var versionCmd = &cobra.Command{

8
readme.md
View File

@ -32,10 +32,10 @@ Usage:
Flags: Flags:
--crt-ext string The file extension of the generated certificates. (default ".crt") --crt-ext string The file extension of the generated certificates. (default ".crt")
--dest string Path to store the dump content. (default "./dump") --dest string Path to store the dump content. (default "./dump")
--domain-subdir Use domain as sub-directory.
-h, --help help for dump -h, --help help for dump
--key-ext string The file extension of the generated private keys. (default ".key") --key-ext string The file extension of the generated private keys. (default ".key")
--source string Path to 'acme.json' file. (default "./acme.json") --source string Path to 'acme.json' file. (default "./acme.json")
--use-subdir Use separated directories for certificates and keys. (default true)
``` ```
## Examples ## Examples
@ -53,10 +53,14 @@ traefik-certs-dumper dump --crt-ext=.pem --key-ext=.pem
``` ```
```bash ```bash
traefik-certs-dumper dump --use-subdir=false traefik-certs-dumper dump --domain-subdir=true
``` ```
- https://github.com/containous/traefik/issues/4381 - https://github.com/containous/traefik/issues/4381
- https://github.com/containous/traefik/issues/2418 - https://github.com/containous/traefik/issues/2418
- https://github.com/containous/traefik/issues/3847 - https://github.com/containous/traefik/issues/3847
- https://github.com/SvenDowideit/traefik-certdumper - https://github.com/SvenDowideit/traefik-certdumper
```bash
traefik-certs-dumper dump --use-subdir=false --crt-ext=.pem --key-ext=.pem --dest="/home/your_user/.homeassistant/"
```