Raphaël G. Git Repositories - acme/blob - letsconf

   1 #! /usr/bin/php
   2 <?php
   3
   4 # Verify filename
   5 if (count($argv) != 2) {
   6         echo 'Usage: genconfig /etc/acmepl/config'."\n";
   7         exit(1);
   8 }
   9
  10 # Directory do not exists
  11 if (!is_dir(dirname($argv[1]))) {
  12         echo 'Directory '.dirname($argv[1]).' do not exists'."\n";
  13         exit(1);
  14 }
  15
  16 # Directory do not exists
  17 if (file_exists($argv[1]) && !in_array(filetype($argv[1]), array('file','link'))) {
  18         echo 'File '.$argv[1].' exists and is not a file'."\n";
  19         exit(1);
  20 }
  21
  22 # Symlink target do not exists
  23 if (is_link($argv[1]) && !file_exists($argv[1])) {
  24         # Read final link
  25         $target = $argv[1];
  26         # Extract last link
  27         do {
  28                 # Update to next link
  29                 $target = readlink($target);
  30         } while (is_link($target));
  31         echo 'Symlink '.$argv[1].' target '.$target.' do not exists'."\n";
  32         exit(1);
  33 }
  34
  35 # Not writable
  36 if (
  37         (is_file($argv[1]) && !is_writable($argv[1])) ||
  38         (!file_exists($argv[1]) && !is_writable(dirname($argv[1])))
  39 ) {
  40         echo 'Unable to open '.$argv[1].' for writing'."\n";
  41         exit(1);
  42 }
  43
  44 // Generate config
  45 $config = json_encode(
  46         // Root array
  47         array(
  48                 //Thumbprint file
  49                 'thumbprint' => '/etc/acmepl/thumbprint',
  50                 //Certificate array
  51                 'certificates' => array(
  52                         // Certificate object
  53                         array(
  54                                 // Public cert
  55                                 //XXX: required
  56                                 'cert' => '/etc/pki/tls/certs/httpd.pem',
  57                                 // Private key
  58                                 //XXX: required
  59                                 'key' => '/etc/pki/tls/private/httpd.pem',
  60                                 // Mail address
  61                                 //XXX: required
  62                                 'mail' => 'webmaster@example.com',
  63                                 // Root domain
  64                                 //XXX: required
  65                                 'domain' => 'www.example.com',
  66                                 // Domain list
  67                                 //XXX: required
  68                                 'domains' => array(
  69                                         'example.com',
  70                                         #...
  71                                 ),
  72                                 // Production certificate
  73                                 //XXX: optional
  74                                 //XXX: set to 1 for production
  75                                 'prod' => 0
  76                         ),
  77                         // Other certificate
  78                         array(
  79                                 'cert' => '/etc/ssl/certs/apache.crt',
  80                                 'key' => '/etc/ssl/private/apache.key',
  81                                 'mail' => 'postmaster@example.com',
  82                                 'domain' => 'mail.example.com',
  83                                 'domains' => array(
  84                                         'imap.example.com',
  85                                         'smtp.example.com'
  86                                 ),
  87                                 'prod' => 0
  88                         ),
  89                         #...
  90                 )
  91         ),
  92         // Product a nice result
  93         JSON_PRETTY_PRINT|JSON_UNESCAPED_SLASHES
  94 );
  95
  96 # Send to stdout
  97 if ($argv[1] == '-') {
  98         echo $config;
  99 # Save to file
 100 } else {
 101         file_put_contents($argv[1], $config);
 102 }