ssl-gandi-gitlab-certs-builder
v1.0.2
Published
Library ssl-gandi-gitlab-certs-builder description
Downloads
29
Readme
ssl-gandi-gitlab-certs-builder
This tools retrieve through Gandi HTTP API, latest certificate using environment variables or command line arguments, and certificate from your gandi account, and place them into a folder.
It can be used in CI to update a certificates.
Master
Dev
Table of Contents
Changelog
- View Changelog
Environment Variables
Set these environment while running the script to download the list of SSL certificate from gandi into ./ssl
.
GANDI_RPC
: Gandi RPC API Url (Default tohttps://rpc.gandi.net:443/xmlrpc/
)GANDI_CA
: Gandi CA url (Default tohttps://v4.gandi.net/static/CAs/GandiStandardSSLCA2.pem
)GANDI_API_KEY
: API Key (Required)GANDI_CN
: CN of the certificate on your Gandi account (Required)PRIVATE_KEY
: Gitlab Key URL (Required)PRIVATE_TOKEN
: Gitlab private token to read the key (Required)DEST_CA_FILENAME
: Destination ca filename without extension (Default tonull
)DEST_FILENAME
: Destination for key/crt/combined filename without extension (Default tonull
)DEST_DIRECTORY
: Destination for key/crt/combined filename without extension (Default tossl
)
It will download and build certificate in ./ssl
.
If you have not set DEST_CA_FILENAME
and DEST_FILENAME
, it will use original name from URL.
ssl/${ca.filename}
: Store the CA without changing the filename.ssl/${key.filename}
: Store the key without changing the filename.ssl/${key.filename.replace(/.(key|pem)/, '.crt')}
: Store the crt without changing the filename.ssl/${key.filename.replace(/.(key|pem)/, '.combined.crt')}
: Store the combined crt without changing the filename.
You can then use any script to set roles and permissions according to your application.
It is also possible to use a Dockerfile
to build a container with latest certificate in it.
Command line arguments
You can override any enviroment by using the command line arguments:
--DEST_DIRECTORY=alpha
Installation
You can install it globally and use it as a command line tool.
npm install -g ssl-gandi-gitlab-certs-builder
Or you can import any components
import GandiCertDownloader from 'ssl-gandi-gitlab-certs-builder';
Usage
gandi-ssl --GANDI_API_KEY=gandiApiKey --GANDI_CN=gandiSslCn --PRIVATE_KEY=http://gitlab.com/test/ssl/raw/master/wildcard.domain.com.key --PRIVATE_TOKEN=gitlabApiKey
Example with *.kopaxgroup.com
:
gandi-ssl --GANDI_CN=*.kopaxgroup.com --PRIVATE_KEY="http://private:31584/api/v4/projects/54/repository/files/ssl%2Fwildcard.kopaxgroup.com.key/raw?ref=dev" --PRIVATE_TOKEN=$PRIVATE_TOKEN --GANDI_API_KEY=$GANDI_API_KEY