Skip to content

Allow multi-host configuration #79

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Merged
danb35 merged 1 commit into from
Apr 7, 2025
Merged

Allow multi-host configuration #79

Show file tree
Hide file tree
Changes from all commits
Commits
Show all changes
1 commit
Select commit
File filter

Filter by extension

Filter by extension
Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
18 changes: 18 additions & 0 deletions README_truenas.md
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -60,6 +60,24 @@ An API key is required for authentication. [Generate a new API token in the UI]
api_key = 1-DXcZ19sZoZFdGATIidJ8vMP6dxk3nHWz3XX876oxS7FospAGMQjkOft0h4itJDSP
```

You can optionally configure more than one TrueNAS host in `deploy_config`. To do so, add a second (or subsequent) header with a label for that host. The file would look something like this:

```
[nas01]
api_key = YourReallySecureAPIKey
privkey_path = /some/other/path
fullchain_path = /some/other/other/path
connect_host = nas01.baz.bar.foo

[nas02]
api_key = YourReallySecureAPIKey
privkey_path = /some/other/path
fullchain_path = /some/other/other/path
connect_host = nas02.baz.bar.foo
```

Then run the script, specifying the label name, e.g., `deploy_truenas.py nas02`. If the label name is not specified, it defaults to `deploy` as had been required with previous versions of this script.

Once you've prepared `deploy_config`, you can run `deploy_truenas.py`. The intended use is that it would be called by your ACME client after issuing a certificate. With acme.sh, for example, you'd add `--reloadcmd "/path/to/deploy_truenas.py"` to your command.

There is an optional paramter, `-c` or `--config`, that lets you specify the path to your configuration file. By default the script will try to use `deploy_config` in the script working directoy:
Expand Down
14 changes: 11 additions & 3 deletions deploy_truenas.py
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -27,15 +27,23 @@
from truenas_api_client import Client
from OpenSSL import crypto

parser = argparse.ArgumentParser(description='Import and activate a SSL/TLS certificate into TrueNAS.')
parser = argparse.ArgumentParser(description='Import and activate a SSL/TLS certificate into TrueNAS.',exit_on_error=False)
parser.add_argument('-c', '--config', default=(os.path.join(os.path.dirname(os.path.realpath(__file__)),
'deploy_config')), help='Path to config file, defaults to deploy_config.')
args = parser.parse_args()
parser.add_argument('label', help='Use the specified config section, default is "deploy"', nargs='?', default='deploy')
try:
args = parser.parse_args()
except argparse.ArgumentError:
parser.print_usage()

if os.path.isfile(args.config):
config = configparser.ConfigParser()
config.read(args.config)
deploy = config['deploy']
try:
deploy = config[args.label]
except KeyError:
print("\nlabel", args.label, "not found in the config file\n")
sys.exit(1)
else:
print("Config file", args.config, "does not exist!")
sys.exit(1)
Expand Down