-
Notifications
You must be signed in to change notification settings - Fork 3
/
le-supermicro-ipmi.sh
executable file
·41 lines (35 loc) · 1.37 KB
/
le-supermicro-ipmi.sh
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
#!/usr/bin/env bash
set -e
if ! [ -z ${DEBUG+x} ]; then
set -x
fi
if [ -z ${IPMI_USERNAME+x} ]; then
echo "IPMI_USERNAME not set!"
exit 1
fi
if [ -z ${IPMI_PASSWORD+x} ]; then
echo "IPMI_PASSWORD not set!"
exit 1
fi
if [ -z ${IPMI_DOMAIN+x} ]; then
echo "IPMI_DOMAIN not set!"
exit 1
fi
if [ -z ${LE_EMAIL+x} ]; then
echo "LE_EMAIL not set!"
exit 1
fi
#Check if the certificate is expiring soon
set +e
echo | openssl s_client -servername $IPMI_DOMAIN -connect $IPMI_DOMAIN:443 2>/dev/null | openssl x509 -noout -checkend 2592000
if [ "$?" == "1" ]; then
set -e
#Expiring in less than one month. We need to renew
# Sign the request and obtain a certificate
if [[ -f ".lego/certificates/$IPMI_DOMAIN.crt" ]]; then
lego --key-type rsa2048 --server ${LE_SERVER-https://acme-v02.api.letsencrypt.org/directory} --email $LE_EMAIL --dns ${DNS_PROVIDER-cloudflare} --accept-tos --domains $IPMI_DOMAIN renew
else
lego --key-type rsa2048 --server ${LE_SERVER-https://acme-v02.api.letsencrypt.org/directory} --email $LE_EMAIL --dns ${DNS_PROVIDER-cloudflare} --accept-tos --domains $IPMI_DOMAIN run
fi
python3 supermicro-ipmi-updater.py --ipmi-url http://$IPMI_DOMAIN --cert-file .lego/certificates/$IPMI_DOMAIN.crt --key-file .lego/certificates/$IPMI_DOMAIN.key --username $IPMI_USERNAME --password $IPMI_PASSWORD --model X10
fi