Update nodemgmt-scripts.sh
This commit is contained in:
@@ -396,57 +396,61 @@ NODEUPDATE() {
|
|||||||
}
|
}
|
||||||
|
|
||||||
VCENTER-SSL(){
|
VCENTER-SSL(){
|
||||||
VCSERVER="https://${NM_VCHOSTNAME}"
|
if [ "${NM_VCHOSTNAME}" != "" ] && [ "${NM_VCUSER}" != "" ] && [ "${NM_VCPASS}" != "" ]; then
|
||||||
CRED="administrator@scity.vs:$(pass iDSVC)"
|
VCSERVER="https://${NM_VCHOSTNAME}"
|
||||||
CURRENTLIVE=/etc/vmware-rhttpproxy/ssl/rui.crt
|
CRED="administrator@scity.vs:$(pass iDSVC)"
|
||||||
|
CURRENTLIVE=/etc/vmware-rhttpproxy/ssl/rui.crt
|
||||||
|
|
||||||
CERT=/root/.acme.sh/${NM_VCHOSTNAME}/${NM_VCHOSTNAME}.cer
|
CERT=/root/.acme.sh/${NM_VCHOSTNAME}/${NM_VCHOSTNAME}.cer
|
||||||
KEY=/root/.acme.sh/${NM_VCHOSTNAME}/${NM_VCHOSTNAME}.key
|
KEY=/root/.acme.sh/${NM_VCHOSTNAME}/${NM_VCHOSTNAME}.key
|
||||||
CHAIN=/root/.acme.sh/${NM_VCHOSTNAME}/fullchain.cer
|
CHAIN=/root/.acme.sh/${NM_VCHOSTNAME}/fullchain.cer
|
||||||
|
|
||||||
echo -en "${idsCL[LightCyan]}Checking days left on vCenter cert... ${idsCL[Default]}"
|
echo -en "${idsCL[LightCyan]}Checking days left on vCenter cert... ${idsCL[Default]}"
|
||||||
VCCERTDAYS=$(${NM_FOLDER}/ssl-cert-check/ssl-cert-check -p 443 -s ${NM_VCHOSTNAME} -N)
|
VCCERTDAYS=$(${NM_FOLDER}/ssl-cert-check/ssl-cert-check -p 443 -s ${NM_VCHOSTNAME} -N)
|
||||||
VCCERTDAYS=${VCCERTDAYS#*=}
|
VCCERTDAYS=${VCCERTDAYS#*=}
|
||||||
|
|
||||||
if [ "${VCCERTDAYS}" -gt "29" ]; then
|
if [ "${VCCERTDAYS}" -gt "29" ]; then
|
||||||
if [ "${1}" == "force" ]; then
|
if [ "${1}" == "force" ]; then
|
||||||
echo -e "${idsCL[Yellow]}${VCCERTDAYS} days left, forcing certificate update${idsCL[Default]}"
|
echo -e "${idsCL[Yellow]}${VCCERTDAYS} days left, forcing certificate update${idsCL[Default]}"
|
||||||
echo
|
echo
|
||||||
|
else
|
||||||
|
echo -e "${idsCL[Green]}${VCCERTDAYS} days left, Certificate is still valid, no noeed to update${idsCL[Default]}"
|
||||||
|
echo
|
||||||
|
exit 0
|
||||||
|
fi
|
||||||
else
|
else
|
||||||
echo -e "${idsCL[Green]}${VCCERTDAYS} days left, Certificate is still valid, no noeed to update${idsCL[Default]}"
|
echo -e "${idsCL[Yellow]}${VCCERTDAYS} days left, Certificate needs to be updated${idsCL[Default]}"
|
||||||
echo
|
echo
|
||||||
exit 0
|
|
||||||
fi
|
fi
|
||||||
|
|
||||||
|
if ssh -q root@${NM_VCHOSTNAME} [ ! -d /root/.acme.sh ]; then
|
||||||
|
echo -e "${idsCL[Yellow]}Installing acme.sh scripts on vCenter${idsCL[Default]}\n"
|
||||||
|
else
|
||||||
|
echo -e "${idsCL[Green]}Verified acme.sh scripts are installed on vCenter${idsCL[Default]}\n"
|
||||||
|
fi
|
||||||
|
|
||||||
|
# LIVEMD5=$(ssh root@${NM_VCHOSTNAME} "md5sum $CURRENTLIVE | cut -d\ -f1")
|
||||||
|
# CURRENTMD5=$(md5sum $CERTDIR/cert.pem | cut -d\ -f1)
|
||||||
|
# if [ "$LIVEMD5" == "$CURRENTMD5" ] && [ "${1}" != "force" ]; then
|
||||||
|
# echo -e "${idsCL[Yellow]}Certificates remains the same, no newer certificates exist${idsCL[Default]}"
|
||||||
|
# echo
|
||||||
|
# exit 0
|
||||||
|
# fi
|
||||||
|
|
||||||
|
echo -e "${idsCL[Green]}Updating certificates on vCenter... ${idsCL[Default]}"
|
||||||
|
echo -e "${idsCL[LightCyan]}This process make take up to 10mins${idsCL[Default]}"
|
||||||
|
echo
|
||||||
|
|
||||||
|
# ssh root@${NM_VCHOSTNAME} "(printf '1\n%s\n' '${NM_VCUSER}'; sleep 1; printf '%s\n' '$(pass iDSVC)'; sleep 1; printf '2\n'; sleep 1; printf '%s\n%s\n%s\ny\n\n' '$CERT' '$KEY' '$CHAIN') | setsid /usr/lib/vmware-vmca/bin/certificate-manager"
|
||||||
|
|
||||||
|
|
||||||
|
echo
|
||||||
|
echo -e "${idsCL[Green]}The vCenter certifcate has been updated${idsCL[Default]}"
|
||||||
|
echo -e "${idsCL[LightCyan]}Don't forget to re-scan the vCenter connection in Veeam${idsCL[Default]}"
|
||||||
|
echo
|
||||||
else
|
else
|
||||||
echo -e "${idsCL[Yellow]}${VCCERTDAYS} days left, Certificate needs to be updated${idsCL[Default]}"
|
echo "${idsCL[Yellow]}vCenter info not configured in 'defaults.local.inc'${idsCL[Default]}\n"
|
||||||
echo
|
|
||||||
fi
|
fi
|
||||||
|
|
||||||
if ssh -q root@${NM_VCHOSTNAME} [ ! -d /root/.acme.sh ]; then
|
|
||||||
echo -e "${idsCL[Yellow]}Installing acme.sh scripts on vCenter${idsCL[Default]}\n"
|
|
||||||
else
|
|
||||||
echo -e "${idsCL[Green]}Verified acme.sh scripts are installed on vCenter${idsCL[Default]}\n"
|
|
||||||
fi
|
|
||||||
|
|
||||||
# LIVEMD5=$(ssh root@${NM_VCHOSTNAME} "md5sum $CURRENTLIVE | cut -d\ -f1")
|
|
||||||
# CURRENTMD5=$(md5sum $CERTDIR/cert.pem | cut -d\ -f1)
|
|
||||||
# if [ "$LIVEMD5" == "$CURRENTMD5" ] && [ "${1}" != "force" ]; then
|
|
||||||
# echo -e "${idsCL[Yellow]}Certificates remains the same, no newer certificates exist${idsCL[Default]}"
|
|
||||||
# echo
|
|
||||||
# exit 0
|
|
||||||
# fi
|
|
||||||
|
|
||||||
echo -e "${idsCL[Green]}Updating certificates on vCenter... ${idsCL[Default]}"
|
|
||||||
echo -e "${idsCL[LightCyan]}This process make take up to 10mins${idsCL[Default]}"
|
|
||||||
echo
|
|
||||||
|
|
||||||
# ssh root@${NM_VCHOSTNAME} "(printf '1\n%s\n' '${NM_VCUSER}'; sleep 1; printf '%s\n' '$(pass iDSVC)'; sleep 1; printf '2\n'; sleep 1; printf '%s\n%s\n%s\ny\n\n' '$CERT' '$KEY' '$CHAIN') | setsid /usr/lib/vmware-vmca/bin/certificate-manager"
|
|
||||||
|
|
||||||
|
|
||||||
echo
|
|
||||||
echo -e "${idsCL[Green]}The vCenter certifcate has been updated${idsCL[Default]}"
|
|
||||||
echo -e "${idsCL[LightCyan]}Don't forget to re-scan the vCenter connection in Veeam${idsCL[Default]}"
|
|
||||||
echo
|
|
||||||
}
|
}
|
||||||
ADD_LOGROTATE_CRONTAB(){
|
ADD_LOGROTATE_CRONTAB(){
|
||||||
if ! crontab -l | grep -q "${NM_FOLDER}/tmp-logrotate"; then
|
if ! crontab -l | grep -q "${NM_FOLDER}/tmp-logrotate"; then
|
||||||
|
|||||||
Reference in New Issue
Block a user