voltron/NodeMgmt
1
1
Fork 0
Code Issues Pull Requests Releases 1 Activity

Update nodemgmt-scripts.sh

Browse Source
This commit is contained in:
David Schroeder
2019-02-06 16:01:46 -06:00
parent 8032907206
commit 6e65d3f794
1 changed files with 41 additions and 13 deletions
Download Patch File Download Diff File Expand all files Collapse all files

54
nodemgmt-scripts.sh
View File

@@ -78,17 +78,22 @@ NEWCERT(){
do_with_root chown -R root:letsencrypt /etc/letsencrypt do_with_root chown -R root:letsencrypt /etc/letsencrypt
do_with_root chmod -R 6775 /etc/letsencrypt do_with_root chmod -R 6775 /etc/letsencrypt
echo -en "${idsCL[LightYellow]}Waiting for certifcate replication between the nodes... ${idsCL[Default]}" echo -en "${idsCL[LightYellow]}Waiting for certifcate replication between the nodes... ${idsCL[Default]}"
until [ "${same}" = "true" ]; do until [ "${synccomplete}" = "true" ]; do
same1=`ssh root@10.5.10.52 "cat /etc/letsencrypt/live/${NEW_CERT}/fullchain.pem" | diff - /etc/letsencrypt/live/${NEW_CERT}/fullchain.pem` synccomplete=true
same2=`ssh root@10.5.10.53 "cat /etc/letsencrypt/live/${NEW_CERT}/fullchain.pem" | diff - /etc/letsencrypt/live/${NEW_CERT}/fullchain.pem` for nip in "${NODE_HOSTS[@]}"
if [ "${same1}" = "" ] && [ "${same2}" = "" ] do
then same="true" if [[ $(/sbin/ip -o -4 addr list ens192 | awk '{print $4}' | cut -d/ -f1) == *"${nip}"* ]]; then NCMD=''
else same="false" else NCMD="ssh root@${nip}"
fi fi
done if [ "${NCMD}" != "" ]; then
check=`${NCMD} "cat /etc/letsencrypt/cert-renewal.lastrun" | diff - /etc/letsencrypt/cert-renewal.lastrun`
if [ "${check}" != "" ]; then
synccomplete=false
fi
fi
done
echo -e "${idsCL[Green]}Completed${idsCL[Default]}" echo -e "${idsCL[Green]}Completed${idsCL[Default]}"
echo
#sleep 20
SERVICE nginx reload SERVICE nginx reload
echo -e "${idsCL[Green]}Certificate has been successfully created for '${idsCL[Yellow]}${NEW_CERT}${idsCL[Green]}'...${idsCL[Default]}" echo -e "${idsCL[Green]}Certificate has been successfully created for '${idsCL[Yellow]}${NEW_CERT}${idsCL[Green]}'...${idsCL[Default]}"
else else
@@ -113,9 +118,32 @@ CERTRENEW(){
do_with_root $CERT_DAEMON renew --webroot -w /var/www/html 2>&1 | tee /opt/idssys/nodemgmt/cert-renewal.lastrun do_with_root $CERT_DAEMON renew --webroot -w /var/www/html 2>&1 | tee /opt/idssys/nodemgmt/cert-renewal.lastrun
do_with_root chown -R root:letsencrypt /etc/letsencrypt 2>&1 | tee -a /opt/idssys/nodemgmt/cert-renewal.lastrun do_with_root chown -R root:letsencrypt /etc/letsencrypt 2>&1 | tee -a /opt/idssys/nodemgmt/cert-renewal.lastrun
do_with_root chmod -R 6775 /etc/letsencrypt 2>&1 | tee -a /opt/idssys/nodemgmt/cert-renewal.lastrun do_with_root chmod -R 6775 /etc/letsencrypt 2>&1 | tee -a /opt/idssys/nodemgmt/cert-renewal.lastrun
echo -e "${idsCL[LightYellow]}Waiting for certifcate replication between the nodes...${idsCL[Default]}" yes | cp -rfH /opt/idssys/nodemgmt/cert-renewal.lastrun /etc/letsencrypt/cert-renewal.lastrun
echo "" echo -en "${idsCL[LightYellow]}Waiting for certifcate replication between the nodes... ${idsCL[Default]}"
sleep 20
until [ "${synccomplete}" = "true" ]; do
synccomplete=true
for nip in "${NODE_HOSTS[@]}"
do
if [[ $(/sbin/ip -o -4 addr list ens192 | awk '{print $4}' | cut -d/ -f1) == *"${nip}"* ]]; then NCMD=''
else NCMD="ssh root@${nip}"
fi
if [ "${NCMD}" != "" ]; then
check=`${NCMD} "cat /etc/letsencrypt/cert-renewal.lastrun" | diff - /etc/letsencrypt/cert-renewal.lastrun`
if [ "${check}" != "" ]; then
synccomplete=false
fi
fi
done
#same1=`ssh root@10.5.10.52 "cat /etc/letsencrypt/cert-renewal.lastrun" | diff - /etc/letsencrypt/cert-renewal.lastrun`
#same2=`ssh root@10.5.10.53 "cat /etc/letsencrypt/cert-renewal.lastrun" | diff - /etc/letsencrypt/cert-renewal.lastrun`
#if [ "${same1}" = "" ] && [ "${same2}" = "" ]
# then same="true"
# else same="false"
#fi
done
SERVICE nginx reload 2>&1 | tee -a /opt/idssys/nodemgmt/cert-renewal.lastrun SERVICE nginx reload 2>&1 | tee -a /opt/idssys/nodemgmt/cert-renewal.lastrun
} }
NIGHTLYRENEW(){ NIGHTLYRENEW(){