]> Raphaël G. Git Repositories - acme/blob - letsconf
869c90b18538e377e7e3f511f94c74b5a9031f6c
[acme] / letsconf
1 #! /usr/bin/perl
2
3 # This program is free software: you can redistribute it and/or modify
4 # it under the terms of the GNU General Public License as published by
5 # the Free Software Foundation, either version 3 of the License, or
6 # (at your option) any later version.
7 #
8 # This program is distributed in the hope that it will be useful,
9 # but WITHOUT ANY WARRANTY; without even the implied warranty of
10 # MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
11 # GNU General Public License for more details.
12 #
13 # You should have received a copy of the GNU General Public License
14 # along with this program. If not, see <http://www.gnu.org/licenses/>.
15 #
16 # Copyright (C) 2016 - 2017 Raphaël Gertz <acmepl@rapsys.eu>
17
18 # Best practice
19 use strict;
20 use warnings;
21
22 # Load required modules
23 use JSON;
24 use Tie::IxHash;
25
26 # Load POSIX
27 use POSIX qw(EXIT_SUCCESS EXIT_FAILURE);
28
29 # XXX: Debug
30 use Data::Dumper;
31
32 # Init redhat
33 my @redhat = ();
34
35 # Init debian
36 my @debian = ();
37
38 # Init root
39 my %root = ();
40 tie(%root, 'Tie::IxHash', thumbprint => '/etc/acmepl/thumbprint', certificates => []);
41
42 # Init prod
43 my $prod = 0;
44
45 # Strip and enable prod
46 @ARGV = map { if ($_ eq '-p') { $prod = 1; (); } else { $_; } } @ARGV;
47
48 # Strip and enable debug
49 for (my $i = 0; $i <= $#ARGV; $i++) {
50 # Match redhat types
51 if ($ARGV[$i] =~ /^(?:(\-d|\-\-redhat)(?:=([^-][a-zA-Z0-9_\.,-]+))?)$/) {
52 if (defined($2)) {
53 push(@redhat, split(',', $2));
54 # Extract next parameter
55 } elsif(defined($ARGV[$i+1]) && $ARGV[$i+1] =~ /^([^-][a-zA-Z0-9_\.,-]+)$/) {
56 push(@redhat, split(',', $1));
57 $i++;
58 # Set default
59 } else {
60 push(@redhat, ('example.com'));
61 }
62 # Match debian types
63 } elsif ($ARGV[$i] =~ /^(?:(\-r|\-\-debian)(?:=([^-][a-zA-Z0-9_\.,-]+))?)$/) {
64 if (defined($2)) {
65 push(@debian, split(',', $2));
66 # Extract next parameter
67 } elsif(defined($ARGV[$i+1]) && $ARGV[$i+1] =~ /^([^-][a-zA-Z0-9_\.,-]+)$/) {
68 push(@debian, split(',', $1));
69 $i++;
70 # Set default
71 } else {
72 push(@debian, ('example.com'));
73 }
74 }
75 }
76
77 # Show usage
78 if (scalar(@ARGV) < 1) {
79 print "Usage: $0 [(-d|--debian)[=example.com[,...]] [(-r|--redhat)[=example.com[,...]]] [...]\n";
80 exit EXIT_FAILURE;
81 }
82
83 # Append redhat style examples
84 foreach my $key (@redhat) {
85 tie(%{$root{certificates}[$#{$root{certificates}}+1]}, 'Tie::IxHash', (
86 # Public cert
87 #XXX: required
88 cert => '/etc/pki/tls/certs/'.$key.'.pem',
89 # Private key
90 #XXX: required
91 key => '/etc/pki/tls/private/'.$key.'.pem',
92 # Mail address
93 #XXX: required
94 mail => 'webmaster@'.$key,
95 # Root domain
96 #XXX: required
97 domain => 'www.'.$key,
98 # Domain list
99 #XXX: required
100 domains => [
101 $key,
102 '...'
103 ],
104 # Production certificate
105 #XXX: optional
106 #XXX: set to 1 for production
107 prod => $prod
108 ));
109 }
110
111 # Append debian style examples
112 foreach my $key (@debian) {
113 tie(%{$root{certificates}[$#{$root{certificates}}+1]}, 'Tie::IxHash', (
114 # Public cert
115 #XXX: required
116 cert => '/etc/ssl/certs/'.$key.'.crt',
117 # Private key
118 #XXX: required
119 key => '/etc/ssl/private/'.$key.'.key',
120 # Mail address
121 #XXX: required
122 mail => 'webmaster@'.$key,
123 # Root domain
124 #XXX: required
125 domain => 'www.'.$key,
126 # Domain list
127 #XXX: required
128 domains => [
129 $key,
130 '...'
131 ],
132 # Production certificate
133 #XXX: optional
134 #XXX: set to 1 for production
135 prod => $prod
136 ));
137 }
138
139 # Display configuration template
140 print to_json(\%root, {pretty => 1});
141
142 # Exit with success
143 exit EXIT_SUCCESS;