github/traefik-certificate-extractor
1
0
Fork 0
mirror of https://github.com/SnowMB/traefik-certificate-extractor.git synced 2025-01-31 12:19:31 +08:00
Code Issues Projects Releases Wiki Activity

include and exclude

Browse Source
This commit is contained in:
Snowyo 2018-08-05 00:48:19 +02:00
parent 96e407a843
commit 890df35826
1 changed files with 16 additions and 8 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

22
extractor.py
View File

@ -84,9 +84,9 @@ def restartContainerWithDomains(domains):
# c.restart() # c.restart()
def createCerts(file, directory, flat): def createCerts(args):
# Read JSON file # Read JSON file
data = json.loads(open(file).read()) data = json.loads(open(args.certificate).read())
# Determine ACME version # Determine ACME version
acme_version = 2 if 'acme-v02' in data['Account']['Registration']['uri'] else 1 acme_version = 2 if 'acme-v02' in data['Account']['Registration']['uri'] else 1
@ -112,6 +112,9 @@ def createCerts(file, directory, flat):
fullchain = c['Certificate'] fullchain = c['Certificate']
sans = c['Domain']['SANs'] sans = c['Domain']['SANs']
if (len(args.include)>0 and name not in args.include) or (len(args.exclude)>0 and name in args.exclude):
continue
# Decode private key, certificate and chain # Decode private key, certificate and chain
privatekey = b64decode(privatekey).decode('utf-8') privatekey = b64decode(privatekey).decode('utf-8')
fullchain = b64decode(fullchain).decode('utf-8') fullchain = b64decode(fullchain).decode('utf-8')
@ -120,11 +123,11 @@ def createCerts(file, directory, flat):
chain = fullchain[start:] chain = fullchain[start:]
# Create domain directory if it doesn't exist # Create domain directory if it doesn't exist
directory = Path(directory) directory = Path(args.directory)
if not directory.exists(): if not directory.exists():
directory.mkdir() directory.mkdir()
if flat: if args.flat:
# Write private key, certificate and chain to flat files # Write private key, certificate and chain to flat files
with (directory / name + '.key').open('w') as f: with (directory / name + '.key').open('w') as f:
f.write(privatekey) f.write(privatekey)
@ -142,7 +145,7 @@ def createCerts(file, directory, flat):
with (directory / name + '.chain.pem').open('w') as f: with (directory / name + '.chain.pem').open('w') as f:
f.write(chain) f.write(chain)
else: else:
directory = directory / name directory = args.directory / name
if not directory.exists(): if not directory.exists():
directory.mkdir() directory.mkdir()
@ -188,11 +191,12 @@ class Handler(FileSystemEventHandler):
with self.lock: with self.lock:
if not self.isWaiting: if not self.isWaiting:
self.isWaiting = True #trigger the work just once (multiple events get fired) self.isWaiting = True #trigger the work just once (multiple events get fired)
self.timer = threading.Timer(0.5, self.doTheWork) self.timer = threading.Timer(2, self.doTheWork)
self.timer.start() self.timer.start()
def doTheWork(self): def doTheWork(self):
domains = createCerts(self.args.certificate, self.args.directory, self.args.flat) print('DEBUG : starting the work')
domains = createCerts(self.args)
if (self.args.restart_container): if (self.args.restart_container):
restartContainerWithDomains(domains) restartContainerWithDomains(domains)
@ -211,6 +215,10 @@ if __name__ == "__main__":
help='outputs all certificates into one folder') help='outputs all certificates into one folder')
parser.add_argument('-r', '--restart_container', action='store_true', parser.add_argument('-r', '--restart_container', action='store_true',
help='uses the docker API to restart containers that are labeled accordingly') help='uses the docker API to restart containers that are labeled accordingly')
group = parser.add_mutually_exclusive_group()
group.add_argument('--include', nargs='*')
group.add_argument('--exclude', nargs='*')
args = parser.parse_args() args = parser.parse_args()
print('DEBUG: watching path: ' + str(args.certificate)) print('DEBUG: watching path: ' + str(args.certificate))