From 370f0fd9620a5594cca041557bf1804480f76435 Mon Sep 17 00:00:00 2001 From: David Schroeder Date: Wed, 22 Nov 2023 18:21:33 -0600 Subject: [PATCH] Update nodemgmt-scripts.sh --- nodemgmt-scripts.sh | 92 +++++++++++++++++++++++---------------------- 1 file changed, 48 insertions(+), 44 deletions(-) diff --git a/nodemgmt-scripts.sh b/nodemgmt-scripts.sh index 887b59c9..22367b4e 100755 --- a/nodemgmt-scripts.sh +++ b/nodemgmt-scripts.sh @@ -396,57 +396,61 @@ NODEUPDATE() { } VCENTER-SSL(){ - VCSERVER="https://${NM_VCHOSTNAME}" - CRED="administrator@scity.vs:$(pass iDSVC)" - CURRENTLIVE=/etc/vmware-rhttpproxy/ssl/rui.crt + if [ "${NM_VCHOSTNAME}" != "" ] && [ "${NM_VCUSER}" != "" ] && [ "${NM_VCPASS}" != "" ]; then + VCSERVER="https://${NM_VCHOSTNAME}" + CRED="administrator@scity.vs:$(pass iDSVC)" + CURRENTLIVE=/etc/vmware-rhttpproxy/ssl/rui.crt - CERT=/root/.acme.sh/${NM_VCHOSTNAME}/${NM_VCHOSTNAME}.cer - KEY=/root/.acme.sh/${NM_VCHOSTNAME}/${NM_VCHOSTNAME}.key - CHAIN=/root/.acme.sh/${NM_VCHOSTNAME}/fullchain.cer + CERT=/root/.acme.sh/${NM_VCHOSTNAME}/${NM_VCHOSTNAME}.cer + KEY=/root/.acme.sh/${NM_VCHOSTNAME}/${NM_VCHOSTNAME}.key + CHAIN=/root/.acme.sh/${NM_VCHOSTNAME}/fullchain.cer - echo -en "${idsCL[LightCyan]}Checking days left on vCenter cert... ${idsCL[Default]}" - VCCERTDAYS=$(${NM_FOLDER}/ssl-cert-check/ssl-cert-check -p 443 -s ${NM_VCHOSTNAME} -N) - VCCERTDAYS=${VCCERTDAYS#*=} + echo -en "${idsCL[LightCyan]}Checking days left on vCenter cert... ${idsCL[Default]}" + VCCERTDAYS=$(${NM_FOLDER}/ssl-cert-check/ssl-cert-check -p 443 -s ${NM_VCHOSTNAME} -N) + VCCERTDAYS=${VCCERTDAYS#*=} - if [ "${VCCERTDAYS}" -gt "29" ]; then - if [ "${1}" == "force" ]; then - echo -e "${idsCL[Yellow]}${VCCERTDAYS} days left, forcing certificate update${idsCL[Default]}" - echo + if [ "${VCCERTDAYS}" -gt "29" ]; then + if [ "${1}" == "force" ]; then + echo -e "${idsCL[Yellow]}${VCCERTDAYS} days left, forcing certificate update${idsCL[Default]}" + echo + else + echo -e "${idsCL[Green]}${VCCERTDAYS} days left, Certificate is still valid, no noeed to update${idsCL[Default]}" + echo + exit 0 + fi else - echo -e "${idsCL[Green]}${VCCERTDAYS} days left, Certificate is still valid, no noeed to update${idsCL[Default]}" - echo - exit 0 + echo -e "${idsCL[Yellow]}${VCCERTDAYS} days left, Certificate needs to be updated${idsCL[Default]}" + echo fi + + if ssh -q root@${NM_VCHOSTNAME} [ ! -d /root/.acme.sh ]; then + echo -e "${idsCL[Yellow]}Installing acme.sh scripts on vCenter${idsCL[Default]}\n" + else + echo -e "${idsCL[Green]}Verified acme.sh scripts are installed on vCenter${idsCL[Default]}\n" + fi + + # LIVEMD5=$(ssh root@${NM_VCHOSTNAME} "md5sum $CURRENTLIVE | cut -d\ -f1") + # CURRENTMD5=$(md5sum $CERTDIR/cert.pem | cut -d\ -f1) + # if [ "$LIVEMD5" == "$CURRENTMD5" ] && [ "${1}" != "force" ]; then + # echo -e "${idsCL[Yellow]}Certificates remains the same, no newer certificates exist${idsCL[Default]}" + # echo + # exit 0 + # fi + + echo -e "${idsCL[Green]}Updating certificates on vCenter... ${idsCL[Default]}" + echo -e "${idsCL[LightCyan]}This process make take up to 10mins${idsCL[Default]}" + echo + + # ssh root@${NM_VCHOSTNAME} "(printf '1\n%s\n' '${NM_VCUSER}'; sleep 1; printf '%s\n' '$(pass iDSVC)'; sleep 1; printf '2\n'; sleep 1; printf '%s\n%s\n%s\ny\n\n' '$CERT' '$KEY' '$CHAIN') | setsid /usr/lib/vmware-vmca/bin/certificate-manager" + + + echo + echo -e "${idsCL[Green]}The vCenter certifcate has been updated${idsCL[Default]}" + echo -e "${idsCL[LightCyan]}Don't forget to re-scan the vCenter connection in Veeam${idsCL[Default]}" + echo else - echo -e "${idsCL[Yellow]}${VCCERTDAYS} days left, Certificate needs to be updated${idsCL[Default]}" - echo + echo "${idsCL[Yellow]}vCenter info not configured in 'defaults.local.inc'${idsCL[Default]}\n" fi - - if ssh -q root@${NM_VCHOSTNAME} [ ! -d /root/.acme.sh ]; then - echo -e "${idsCL[Yellow]}Installing acme.sh scripts on vCenter${idsCL[Default]}\n" - else - echo -e "${idsCL[Green]}Verified acme.sh scripts are installed on vCenter${idsCL[Default]}\n" - fi - - # LIVEMD5=$(ssh root@${NM_VCHOSTNAME} "md5sum $CURRENTLIVE | cut -d\ -f1") - # CURRENTMD5=$(md5sum $CERTDIR/cert.pem | cut -d\ -f1) - # if [ "$LIVEMD5" == "$CURRENTMD5" ] && [ "${1}" != "force" ]; then - # echo -e "${idsCL[Yellow]}Certificates remains the same, no newer certificates exist${idsCL[Default]}" - # echo - # exit 0 - # fi - - echo -e "${idsCL[Green]}Updating certificates on vCenter... ${idsCL[Default]}" - echo -e "${idsCL[LightCyan]}This process make take up to 10mins${idsCL[Default]}" - echo - - # ssh root@${NM_VCHOSTNAME} "(printf '1\n%s\n' '${NM_VCUSER}'; sleep 1; printf '%s\n' '$(pass iDSVC)'; sleep 1; printf '2\n'; sleep 1; printf '%s\n%s\n%s\ny\n\n' '$CERT' '$KEY' '$CHAIN') | setsid /usr/lib/vmware-vmca/bin/certificate-manager" - - - echo - echo -e "${idsCL[Green]}The vCenter certifcate has been updated${idsCL[Default]}" - echo -e "${idsCL[LightCyan]}Don't forget to re-scan the vCenter connection in Veeam${idsCL[Default]}" - echo } ADD_LOGROTATE_CRONTAB(){ if ! crontab -l | grep -q "${NM_FOLDER}/tmp-logrotate"; then