mirror of
https://github.com/SnowMB/traefik-certificate-extractor.git
synced 2025-01-19 06:19:33 +08:00
added initial args
This commit is contained in:
Snowyo
parent
85357f6d5c
commit
75987ced3c
113
extractor.py
113
extractor.py
@ -3,23 +3,80 @@ import os
|
|||||||
import errno
|
import errno
|
||||||
import time
|
import time
|
||||||
import json
|
import json
|
||||||
import docker
|
#import docker
|
||||||
|
import argparse
|
||||||
|
from argparse import ArgumentTypeError as err
|
||||||
from base64 import b64decode
|
from base64 import b64decode
|
||||||
from watchdog.observers import Observer
|
from watchdog.observers import Observer
|
||||||
from watchdog.events import FileSystemEventHandler
|
from watchdog.events import FileSystemEventHandler
|
||||||
from pathlib import Path
|
from pathlib import Path
|
||||||
|
|
||||||
|
class PathType(object):
|
||||||
|
def __init__(self, exists=True, type='file', dash_ok=True):
|
||||||
|
'''exists:
|
||||||
|
True: a path that does exist
|
||||||
|
False: a path that does not exist, in a valid parent directory
|
||||||
|
None: don't care
|
||||||
|
type: file, dir, symlink, None, or a function returning True for valid paths
|
||||||
|
None: don't care
|
||||||
|
dash_ok: whether to allow "-" as stdin/stdout'''
|
||||||
|
|
||||||
def restartContainerWithDomain(domain):
|
assert exists in (True, False, None)
|
||||||
client = docker.from_env()
|
assert type in ('file','dir','symlink',None) or hasattr(type,'__call__')
|
||||||
container = client.containers.list(filters = {"label" : "com.github.SnowMB.traefik-certificate-extractor.restart_domain"})
|
|
||||||
for c in container:
|
self._exists = exists
|
||||||
# print(c.labels['com.github.SnowMB.traefik-certificate-extractor.restart_domain'])
|
self._type = type
|
||||||
domains = str.split(c.labels["com.github.SnowMB.traefik-certificate-extractor.restart_domain"], ',')
|
self._dash_ok = dash_ok
|
||||||
if domain in domains:
|
|
||||||
print('restarting container ' + c.id)
|
def __call__(self, string):
|
||||||
c.restart()
|
if string=='-':
|
||||||
|
# the special argument "-" means sys.std{in,out}
|
||||||
|
if self._type == 'dir':
|
||||||
|
raise err('standard input/output (-) not allowed as directory path')
|
||||||
|
elif self._type == 'symlink':
|
||||||
|
raise err('standard input/output (-) not allowed as symlink path')
|
||||||
|
elif not self._dash_ok:
|
||||||
|
raise err('standard input/output (-) not allowed')
|
||||||
|
else:
|
||||||
|
e = os.path.exists(string)
|
||||||
|
if self._exists==True:
|
||||||
|
if not e:
|
||||||
|
raise err("path does not exist: '%s'" % string)
|
||||||
|
|
||||||
|
if self._type is None:
|
||||||
|
pass
|
||||||
|
elif self._type=='file':
|
||||||
|
if not os.path.isfile(string):
|
||||||
|
raise err("path is not a file: '%s'" % string)
|
||||||
|
elif self._type=='symlink':
|
||||||
|
if not os.path.symlink(string):
|
||||||
|
raise err("path is not a symlink: '%s'" % string)
|
||||||
|
elif self._type=='dir':
|
||||||
|
if not os.path.isdir(string):
|
||||||
|
raise err("path is not a directory: '%s'" % string)
|
||||||
|
elif not self._type(string):
|
||||||
|
raise err("path not valid: '%s'" % string)
|
||||||
|
else:
|
||||||
|
if self._exists==False and e:
|
||||||
|
raise err("path exists: '%s'" % string)
|
||||||
|
|
||||||
|
p = os.path.dirname(os.path.normpath(string)) or '.'
|
||||||
|
if not os.path.isdir(p):
|
||||||
|
raise err("parent path is not a directory: '%s'" % p)
|
||||||
|
elif not os.path.exists(p):
|
||||||
|
raise err("parent directory does not exist: '%s'" % p)
|
||||||
|
|
||||||
|
return string
|
||||||
|
|
||||||
|
|
||||||
|
#def restartContainerWithDomain(domain):
|
||||||
|
# client = docker.from_env()
|
||||||
|
# container = client.containers.list(filters = {"label" : "com.github.SnowMB.traefik-certificate-extractor.restart_domain"})
|
||||||
|
# for c in container:
|
||||||
|
# domains = str.split(c.labels["com.github.SnowMB.traefik-certificate-extractor.restart_domain"], ',')
|
||||||
|
# if domain in domains:
|
||||||
|
# print('restarting container ' + c.id)
|
||||||
|
# c.restart()
|
||||||
|
|
||||||
|
|
||||||
|
|
||||||
@ -104,8 +161,8 @@ def createCerts(file):
|
|||||||
|
|
||||||
class Handler(FileSystemEventHandler):
|
class Handler(FileSystemEventHandler):
|
||||||
|
|
||||||
def __init__(self):
|
def __init__(self, args):
|
||||||
self.filename = 'acme.json'
|
self.args = args
|
||||||
|
|
||||||
def on_created(self, event):
|
def on_created(self, event):
|
||||||
self.handle(event)
|
self.handle(event)
|
||||||
@ -116,32 +173,25 @@ class Handler(FileSystemEventHandler):
|
|||||||
def handle(self, event):
|
def handle(self, event):
|
||||||
# Check if it's a JSON file
|
# Check if it's a JSON file
|
||||||
print ('DEBUG : event fired')
|
print ('DEBUG : event fired')
|
||||||
if not event.is_directory and event.src_path.endswith(self.filename):
|
if not event.is_directory and event.src_path.endswith(str(self.args.FILE)):
|
||||||
print('Certificates changed')
|
print('Certificates changed')
|
||||||
|
|
||||||
createCerts(event.src_path)
|
createCerts(event.src_path)
|
||||||
|
|
||||||
|
|
||||||
if __name__ == "__main__":
|
if __name__ == "__main__":
|
||||||
# Determine path to watch
|
parser = argparse.ArgumentParser(description='Extract traefik letsencrypt certificates.')
|
||||||
val = sys.argv[1] if len(sys.argv) > 1 else './data/acme.json'
|
parser.add_argument('FILE', nargs='?', default='acme.json', type= PathType(exists=True), help='file that contains the traefik certificates (default acme.json)')
|
||||||
|
parser.add_argument('OUTPUT', nargs='?', default='.', type=PathType(type='dir'), help='output folder')
|
||||||
|
parser.add_argument('-f', '--flat',action='store_true', help='outputs all certificates into one folder')
|
||||||
|
args = parser.parse_args()
|
||||||
|
|
||||||
path = Path(val)
|
print('DEBUG: watching path: ' + str(args.FILE))
|
||||||
|
print('DEBUG: output path: ' + str(args.OUTPUT))
|
||||||
if not path.exists() or path.is_dir():
|
|
||||||
print ('ERROR ' + str(path) + ' does not exist.')
|
|
||||||
sys.exit(1)
|
|
||||||
|
|
||||||
print('watching path: ' + str(path))
|
|
||||||
|
|
||||||
# Create output directories if it doesn't exist
|
# Create output directories if it doesn't exist
|
||||||
try:
|
try:
|
||||||
os.makedirs('certs')
|
os.makedirs(args.OUTPUT)
|
||||||
except OSError as error:
|
|
||||||
if error.errno != errno.EEXIST:
|
|
||||||
raise
|
|
||||||
try:
|
|
||||||
os.makedirs('certs_flat')
|
|
||||||
except OSError as error:
|
except OSError as error:
|
||||||
if error.errno != errno.EEXIST:
|
if error.errno != errno.EEXIST:
|
||||||
raise
|
raise
|
||||||
@ -149,12 +199,11 @@ if __name__ == "__main__":
|
|||||||
|
|
||||||
|
|
||||||
# Create event handler and observer
|
# Create event handler and observer
|
||||||
event_handler = Handler()
|
event_handler = Handler(args)
|
||||||
event_handler.filename = str(path.name)
|
|
||||||
observer = Observer()
|
observer = Observer()
|
||||||
|
|
||||||
# Register the directory to watch
|
# Register the directory to watch
|
||||||
observer.schedule(event_handler, str(path.parent))
|
observer.schedule(event_handler, str(args.FILE.parent))
|
||||||
|
|
||||||
# Main loop to watch the directory
|
# Main loop to watch the directory
|
||||||
observer.start()
|
observer.start()
|
||||||
|
|||||||
Loading…
x
Reference in New Issue
Block a user