github/traefik-certificate-extractor
1
0
Fork 0
mirror of https://github.com/SnowMB/traefik-certificate-extractor.git synced 2025-11-03 03:15:36 +08:00
Code Issues Projects Releases Wiki Activity

refactoring and integrate args in program

Browse Source
This commit is contained in:
Snowyo
2018-08-04 23:26:46 +02:00
parent cbface8332
commit 70f63b7b6f
1 changed files with 51 additions and 52 deletions
Download Patch File Download Diff File Expand all files Collapse all files

93
extractor.py
View File

@@ -73,15 +73,14 @@ class PathType(object):
return string return string
def restartContainerWithDomain(domain): def restartContainerWithDomain(domains):
return client = docker.from_env()
# client = docker.from_env() container = client.containers.list(filters = {"label" : "com.github.SnowMB.traefik-certificate-extractor.restart_domain"})
# container = client.containers.list(filters = {"label" : "com.github.SnowMB.traefik-certificate-extractor.restart_domain"}) for c in container:
# for c in container: restartDomains = str.split(c.labels["com.github.SnowMB.traefik-certificate-extractor.restart_domain"], ',')
# domains = str.split(c.labels["com.github.SnowMB.traefik-certificate-extractor.restart_domain"], ',') if not domains.isdisjoint(restartDomains):
# if domain in domains: print('restarting container ' + c.id)
# print('restarting container ' + c.id) c.restart()
# c.restart()
def createCerts(file, directory, flat): def createCerts(file, directory, flat):
@@ -98,6 +97,8 @@ def createCerts(file, directory, flat):
certs = data['Certificates'] certs = data['Certificates']
# Loop over all certificates # Loop over all certificates
names = []
for c in certs: for c in certs:
if acme_version == 1: if acme_version == 1:
name = c['Certificate']['Domain'] name = c['Certificate']['Domain']
@@ -117,50 +118,50 @@ def createCerts(file, directory, flat):
cert = fullchain[0:start] cert = fullchain[0:start]
chain = fullchain[start:] chain = fullchain[start:]
# Create domain directory if it doesn't exist # Create domain directory if it doesn't exist
directory = 'certs/' + name + '/' directory = Path(directory)
try: if not directory.exists():
os.makedirs(directory) directory.mkdir()
except OSError as error:
if error.errno != errno.EEXIST:
raise
# Write private key, certificate and chain to file
with open(directory + 'privkey.pem', 'w') as f:
f.write(privatekey)
with open(directory + 'cert.pem', 'w') as f:
f.write(cert)
with open(directory + 'chain.pem', 'w') as f:
f.write(chain)
with open(directory + 'fullchain.pem', 'w') as f:
f.write(fullchain)
if flat:
# Write private key, certificate and chain to flat files # Write private key, certificate and chain to flat files
directory = 'certs_flat/' with (directory / name + '.key').open('w') as f:
with open(directory + name + '.key', 'w') as f:
f.write(privatekey) f.write(privatekey)
with open(directory + name + '.crt', 'w') as f: with (directory / name + '.crt').open('w') as f:
f.write(fullchain) f.write(fullchain)
with open(directory + name + '.chain.pem', 'w') as f: with (directory / name + '.chain.pem').open('w') as f:
f.write(chain) f.write(chain)
if sans: if sans:
for name in sans: for name in sans:
with open(directory + name + '.key', 'w') as f: with (directory / name + '.key').open('w') as f:
f.write(privatekey) f.write(privatekey)
with open(directory + name + '.crt', 'w') as f: with (directory / name + '.crt').open('w') as f:
f.write(fullchain) f.write(fullchain)
with open(directory + name + '.chain.pem', 'w') as f: with (directory / name + '.chain.pem').open('w') as f:
f.write(chain) f.write(chain)
else:
directory = directory / name
if not directory.exists():
directory.mkdir()
# Write private key, certificate and chain to file
with (directory / 'privkey.pem').open('w') as f:
f.write(privatekey)
with (directory / 'cert.pem').open('w') as f:
f.write(cert)
with (directory / 'chain.pem').open('w') as f:
f.write(chain)
with (directory / 'fullchain.pem').open('w') as f:
f.write(fullchain)
print('Extracted certificate for: ' + name + print('Extracted certificate for: ' + name +
(', ' + ', '.join(sans) if sans else '')) (', ' + ', '.join(sans) if sans else ''))
restartContainerWithDomain(name) names.append(name)
return names
class Handler(FileSystemEventHandler): class Handler(FileSystemEventHandler):
@@ -177,10 +178,13 @@ class Handler(FileSystemEventHandler):
def handle(self, event): def handle(self, event):
# Check if it's a JSON file # Check if it's a JSON file
print('DEBUG : event fired') print('DEBUG : event fired')
if not event.is_directory and event.src_path.endswith(str(self.args.FILE)): if not event.is_directory and event.src_path.endswith(str(self.args.certificate)):
print('Certificates changed') print('Certificates changed')
createCerts(event.src_path) domains = createCerts(
event.src_path, self.args.directory, self.args.flat)
if (self.args.restart_container):
restartContainerWithDomains(domains)
if __name__ == "__main__": if __name__ == "__main__":
@@ -192,18 +196,13 @@ if __name__ == "__main__":
type=PathType(type='dir'), help='output folder') type=PathType(type='dir'), help='output folder')
parser.add_argument('-f', '--flat', action='store_true', parser.add_argument('-f', '--flat', action='store_true',
help='outputs all certificates into one folder') help='outputs all certificates into one folder')
parser.add_argument('-r', '--restart_container', action='store_true',
help='uses the docker API to restart containers that are labeled accordingly')
args = parser.parse_args() args = parser.parse_args()
print('DEBUG: watching path: ' + str(args.certificate)) print('DEBUG: watching path: ' + str(args.certificate))
print('DEBUG: output path: ' + str(args.directory)) print('DEBUG: output path: ' + str(args.directory))
# Create output directories if it doesn't exist
try:
os.makedirs(args.directory)
except OSError as error:
if error.errno != errno.EEXIST:
raise
# Create event handler and observer # Create event handler and observer
event_handler = Handler(args) event_handler = Handler(args)
observer = Observer() observer = Observer()