From 4239897b726618357b21c20a8d285575a0185a7d Mon Sep 17 00:00:00 2001 From: danb35 Date: Mon, 7 Apr 2025 08:50:34 -0400 Subject: [PATCH] Allow multi-host configuration Allow including multiple hosts' configuration in `deploy_config`, with thanks to jjrushford from the TrueNAS forum. --- README_truenas.md | 18 ++++++++++++++++++ deploy_truenas.py | 14 +++++++++++--- 2 files changed, 29 insertions(+), 3 deletions(-) diff --git a/README_truenas.md b/README_truenas.md index deb58c2..ffd650d 100644 --- a/README_truenas.md +++ b/README_truenas.md @@ -60,6 +60,24 @@ An API key is required for authentication. [Generate a new API token in the UI] api_key = 1-DXcZ19sZoZFdGATIidJ8vMP6dxk3nHWz3XX876oxS7FospAGMQjkOft0h4itJDSP ``` +You can optionally configure more than one TrueNAS host in `deploy_config`. To do so, add a second (or subsequent) header with a label for that host. The file would look something like this: + +``` +[nas01] +api_key = YourReallySecureAPIKey +privkey_path = /some/other/path +fullchain_path = /some/other/other/path +connect_host = nas01.baz.bar.foo + +[nas02] +api_key = YourReallySecureAPIKey +privkey_path = /some/other/path +fullchain_path = /some/other/other/path +connect_host = nas02.baz.bar.foo +``` + +Then run the script, specifying the label name, e.g., `deploy_truenas.py nas02`. If the label name is not specified, it defaults to `deploy` as had been required with previous versions of this script. + Once you've prepared `deploy_config`, you can run `deploy_truenas.py`. The intended use is that it would be called by your ACME client after issuing a certificate. With acme.sh, for example, you'd add `--reloadcmd "/path/to/deploy_truenas.py"` to your command. There is an optional paramter, `-c` or `--config`, that lets you specify the path to your configuration file. By default the script will try to use `deploy_config` in the script working directoy: diff --git a/deploy_truenas.py b/deploy_truenas.py index 92c2570..3d52451 100644 --- a/deploy_truenas.py +++ b/deploy_truenas.py @@ -27,15 +27,23 @@ from truenas_api_client import Client from OpenSSL import crypto -parser = argparse.ArgumentParser(description='Import and activate a SSL/TLS certificate into TrueNAS.') +parser = argparse.ArgumentParser(description='Import and activate a SSL/TLS certificate into TrueNAS.',exit_on_error=False) parser.add_argument('-c', '--config', default=(os.path.join(os.path.dirname(os.path.realpath(__file__)), 'deploy_config')), help='Path to config file, defaults to deploy_config.') -args = parser.parse_args() +parser.add_argument('label', help='Use the specified config section, default is "deploy"', nargs='?', default='deploy') +try: + args = parser.parse_args() +except argparse.ArgumentError: + parser.print_usage() if os.path.isfile(args.config): config = configparser.ConfigParser() config.read(args.config) - deploy = config['deploy'] + try: + deploy = config[args.label] + except KeyError: + print("\nlabel", args.label, "not found in the config file\n") + sys.exit(1) else: print("Config file", args.config, "does not exist!") sys.exit(1)