]>
git.siccegge.de Git - tooling/letool.git/blob - bin/update
ae6f208811ae118bfdcc0cc3c05b3c1c3d8cb288
2 # -*- coding: utf-8 -*-
3 # (C) Christoph Egger <christoph@christoph-egger.org>
5 from __future__
import print_function
13 from IPython
import embed
15 from cryptography
import x509
16 from cryptography
.hazmat
.backends
import default_backend
18 sys
.path
.append(os
.path
.expanduser("~"))
19 from sicceggetools
.inventory
import Inventory
20 from sicceggetools
.acme
.settings
import Settings
21 from sicceggetools
.acme
.constants
import SERVICETYPES
22 from sicceggetools
.acme
.client
import Client
24 def find_old_certificates():
25 now
= datetime
.datetime
.now()
27 for stype
in SERVICETYPES
:
29 for cert
in glob
.glob("certs/%s/*/cert.pem" % stype
):
30 with
open(cert
) as pem
:
31 certdata
= x509
.load_pem_x509_certificate(pem
.read(), default_backend())
33 if (certdata
.not_valid_after
- now
) < datetime
.timedelta(days
=30):
34 for attribute
in certdata
.subject
:
35 if attribute
.oid
== x509
.OID_COMMON_NAME
:
36 result
[stype
].append((cert
, attribute
.value
))
44 logging
.getLogger().setLevel(logging
.INFO
)
46 # parser = argparse.ArgumentParser()
47 # parser.add_argument('--servicetype', '-s', type=str)
48 # parser.add_argument('certificate', type=str)
49 # args = parser.parse_args()
51 inventory
= Inventory("config/inventory.yaml")
52 settings
= Settings("config/settings.yaml")
54 oldcerts
= find_old_certificates()
56 for stype
in SERVICETYPES
:
57 for path
, name
in oldcerts
[stype
]:
60 client
= Client(inventory
, settings
);
61 client
.get_certificate(name
, stype
)
64 if __name__
== '__main__':