Update nodemgmt-scripts.sh
This commit is contained in:
@@ -1675,32 +1675,48 @@ NODEUPDATE() {
|
||||
}
|
||||
|
||||
VCENTER-SSL(){
|
||||
CERTDIR='/etc/letsencrypt/live/vcenter.scity.us'
|
||||
SERVER='https://vcenter.scity.us'
|
||||
CRED="administrator@scity.vs:$(pass iDSVC)"
|
||||
VCHOSTNAME='vcenter.scity.us'
|
||||
CERTDIR='/etc/letsencrypt/live/${VCHOSTNAME}'
|
||||
SERVER='https://${VCHOSTNAME}'
|
||||
CRED="administrator@scity.vs:$(pass iDSVC)"
|
||||
|
||||
echo -en "${idsCL[LightCyan]}Checking if certificate needs to be updated on vCenter... ${idsCL[Default]}"
|
||||
VCCERTDAYS=$(${FOLDER}/ssl-cert-check/ssl-cert-check -p 443 -s ${VCHOSTNAME} -N)
|
||||
|
||||
if [ ${VCCERTDAYS} -lt 30 ]; then
|
||||
echo -e "${idsCL[Green]}Certificate is still valid for ${VCCERTDAYS} days yet, no noeed to update${idsCL[Default]}"
|
||||
exit 0
|
||||
else
|
||||
echo -e "${idsCL[Green]}Certificate needds to be updated${idsCL[Default]}"
|
||||
echo
|
||||
fi
|
||||
|
||||
echo -en "${idsCL[LightCyan]}Updating certificate on vCenter... ${idsCL[Default]}"
|
||||
|
||||
# Step 1a - Get the session ID.
|
||||
SESSION_ID=$(curl -s -X POST --header 'Content-Type: application/json' --header 'Accept: application/json' --header 'vmware-use-header-authn: test' --header 'vmware-api-session-id: null' -u $CRED "$SERVER/rest/com/vmware/cis/session" --insecure | python3 -c "import sys, json; print(json.load(sys.stdin)['value'])")
|
||||
echo "Session ID: $SESSION_ID"
|
||||
|
||||
# Step 1b - Get both the certificate and private key into the format we need. Newlines must be converted into \n using awk or a similar command
|
||||
PRIVKEY=$(awk -v ORS='\\n' '1' "$CERTDIR/privkey.pem")
|
||||
CERT=$(awk -v ORS='\\n' '1' "$CERTDIR/cert.pem")
|
||||
|
||||
# Step 1c - Build the JSON request body. You can find this on your VCA appliance in the testing section.
|
||||
REQUEST_BODY="{ \"spec\" : { \"cert\" : \"$CERT\", \"key\" : \"$PRIVKEY\" } }"
|
||||
|
||||
# Step 2 - Update the certificate using the request body
|
||||
echo "Updating cert..."
|
||||
curl --insecure -X PUT "$SERVER/rest/vcenter/certificate-management/vcenter/tls" \
|
||||
-H "vmware-api-session-id: $SESSION_ID" \
|
||||
-H "Content-type: application/json" \
|
||||
-d "$REQUEST_BODY"
|
||||
|
||||
# Step 3 - Close the session
|
||||
echo "Deleting session..."
|
||||
curl --insecure -X DELETE "$SERVER/rest/com/vmware/cis/session" -H "vmware-api-session-id: $SESSION_ID"
|
||||
echo "Done!"
|
||||
echo -e "${idsCL[Green]}Done${idsCL[Default]}"
|
||||
echo
|
||||
echo -en "${idsCL[LightCyan]}Stopping vCenter services... ${idsCL[Default]}"
|
||||
ssh -i ~/.ssh/id_rsa root@vcenter.scity.us 'service-control --stop --all'
|
||||
echo -e "${idsCL[Green]}Done${idsCL[Default]}"
|
||||
echo -en "${idsCL[LightCyan]}Starting vCenter services... ${idsCL[Default]}"
|
||||
ssh -i ~/.ssh/id_rsa root@vcenter.scity.us 'service-control --start --all'
|
||||
echo -e "${idsCL[Green]}Done${idsCL[Default]}"
|
||||
echo
|
||||
echo -e "${idsCL[Green]}The vCenter certifcate has been updated${idsCL[Default]}"
|
||||
|
||||
}
|
||||
ADD_LOGROTATE_CRONTAB(){
|
||||
if ! crontab -l | grep -q '/opt/idssys/nodemgmt/tmp-logrotate'; then
|
||||
|
||||
Reference in New Issue
Block a user