readme.md

@@ -26,6 +26,5 @@ Sammlung von Werkzeugen für die Erstellung und Untersuchung von TLS-Zertifikate
 ### Anweisungen
 
 - siehe:
-	- `tls-get -h`
 	- `tls-verify -h`
 

source/get.py

@@ -1,144 +0,0 @@
-import sys as _sys
-import os as _os
-import json as _json
-import pathlib as _pathlib
-import argparse as _argparse
-
-import helpers.file as __file
-	
-
-def main():
-	## args
-	argument_parser = _argparse.ArgumentParser(
-		prog = "tls-get"
-	)
-	argument_parser.add_argument(
-		"-c",
-		"--conf-path",
-		type = str,
-		dest = "conf_path",
-		metavar = "<conf-path>",
-		default = _os.path.join(str(_pathlib.Path.home()), ".tls-get-conf.json"),
-	)
-	argument_parser.add_argument(
-		dest = "domain",
-		metavar = "<domain>",
-		help = "the domain for which the TLS certificate shall be generated"
-	)
-	argument_parser.add_argument(
-		"-t",
-		"--target-directory",
-		dest = "target_directory",
-		type = str,
-		metavar = "<target-directory>",
-		default = "/etc/ssl",
-	)
-	argument_parser.add_argument(
-		"-x",
-		"--challenge-prefix",
-		dest = "challenge_prefix",
-		type = str,
-		metavar = "<challenge-prefix>",
-		default = "_acme-challenge",
-		help = "which subdomain to use for ACME challanges",
-	)
-	argument_parser.add_argument(
-		"-f",
-		"--force",
-		dest = "force",
-		action = "store_true",
-		default = False,
-		help = "whether to force the certificate renewal",
-	)
-	argument_parser.add_argument(
-		"-w",
-		"--delay",
-		dest = "delay",
-		type = float,
-		default = 60.0,
-		metavar = "<delay>",
-		help = "seconds to wait at end of certbot auth hook",
-	)
-	argument_parser.add_argument(
-		"-q",
-		"--dry-run",
-		dest = "dry_run",
-		action = "store_true",
-		default = False,
-		help = "whether to only print the command on stdout instead of executing it",
-	)
-	args = argument_parser.parse_args()
-	
-	## vars
-	conf = _json.loads(__file.read(args.conf_path))
-	le_dir = "/etc/letsencrypt/live"
-	
-	## exec
-	command_certbot = " ".join(
-		[
-			"certbot",
-			"certonly",
-			("--email='%s'" % conf["acme_account"]["email"]),
-			# ("--work-dir='%s'" % conf["misc"]["working_directory"]),
-			"--preferred-challenges='dns'",
-			"--non-interactive",
-			"--agree-tos",
-			("--domain='%s'" % args.domain),
-		]
-		+
-		(
-			["--force-renewal"]
-			if args.force else
-			[]
-		)
-		+
-		[
-			"--manual",
-			(
-				"--manual-auth-hook='%s'"
-				% " ".join(
-					[
-						"/usr/local/bin/inwx",
-						("--username=\"%s\"" % conf["inwx_account"]["username"]),
-						("--password=\"%s\"" % conf["inwx_account"]["password"]),
-						"certbot-hook",
-						("--delay=%.4f" % args.delay),
-					]
-				)
-			),
-			(
-				"--post-hook='%s'"
-				% " ".join(
-					[
-						"/usr/local/bin/inwx",
-						("--username=\"%s\"" % conf["inwx_account"]["username"]),
-						("--password=\"%s\"" % conf["inwx_account"]["password"]),
-						"delete",
-						("--domain=\"%s\"" % (args.challenge_prefix + "." + args.domain)),
-						("--type=\"TXT\""),
-					]
-				)
-			),
-		]
-	)
-	if (args.dry_run):
-		_sys.stdout.write(command_certbot + "\n")
-	else:
-		_os.system(command_certbot)
-		subjects = [
-			{"source_name": "privkey", "target_directory": "private"},
-			{"source_name": "cert", "target_directory": "certs"},
-			{"source_name": "chain", "target_directory": "chains"},
-			{"source_name": "fullchain", "target_directory": "fullchains"},
-		]
-		for subject in subjects:
-			_os.system(
-				"mkdir --parents %s && cp --dereference %s %s"
-				% (
-					_os.path.join(args.target_directory, subject["target_directory"]),
-					_os.path.join(le_dir, args.domain, "%s.pem" % subject["source_name"]),
-					_os.path.join(args.target_directory, subject["target_directory"], "%s.pem" % args.domain),
-				)
-			)
-	
-

source/helpers/file.py

@@ -1,7 +0,0 @@
-def file_read(path):
-	handle = open(path, "r")
-	content = handle.read()
-	handle.close()
-	return content
-	
-

todo.md

@@ -1 +0,0 @@
-- in einem Programm vereinigen (`tls-utils get …`, `tls-utils verify …`, …)

tools/build

@@ -2,56 +2,35 @@
 
 ## consts
 
-dir_source=source
+dir_source="source"
-dir_temp=/tmp/tls-utils-temp
+dir_temp="/tmp/tls-utils-temp"
-dir_build=/tmp/tls-utils
+dir_build="/tmp/tls-utils"
+
+
+## vars
+
+path_verify=${dir_build}/tls-verify
 
 
 ## exec
 
-### exec:get
-
-echo "-- get …"
-
-path_app=${dir_build}/tls-get
-
-rm ${dir_temp} --force --recursive
-mkdir ${dir_temp} --parents
-cp ${dir_source}/. ${dir_temp}/ --recursive --update
-for dir in $(find ${dir_temp} -mindepth 1 -type d) ; do touch ${dir}/__init__.py ; done
-echo '' > ${dir_temp}/__main__.py
-echo 'from get import *' >> ${dir_temp}/__main__.py
-echo 'if __name__ == "__main__": main()' >> ${dir_temp}/__main__.py
-
-mkdir ${dir_build} --parents
-# rm ${path_app}.zip --force
-cd ${dir_temp} && python3 -m zipfile -c ${path_app}.zip . ; cd - > /dev/null
-echo '#!/usr/bin/env python3' > ${path_app}
-cat ${path_app}.zip >> ${path_app}
-rm ${path_app}.zip
-chmod +x ${path_app}
-
-
 ### exec:verify
 
-echo "-- verify …"
-
-path_app=${dir_build}/tls-verify
-
 rm ${dir_temp} --force --recursive
 mkdir ${dir_temp} --parents
-cp ${dir_source}/. ${dir_temp}/ --recursive --update
+cp ${dir_source}/. ${dir_temp}/ --recursive --update --verbose
 for dir in $(find ${dir_temp} -mindepth 1 -type d) ; do touch ${dir}/__init__.py ; done
 echo '' > ${dir_temp}/__main__.py
 echo 'from verify import *' >> ${dir_temp}/__main__.py
 echo 'if __name__ == "__main__": main()' >> ${dir_temp}/__main__.py
 
 mkdir ${dir_build} --parents
-# rm ${path_app}.zip --force
+# rm ${path_verify}.zip --force
-cd ${dir_temp} && python3 -m zipfile -c ${path_app}.zip . ; cd - > /dev/null
+cd ${dir_temp}
-echo '#!/usr/bin/env python3' > ${path_app}
+python3 -m zipfile -c ${path_verify}.zip .
-cat ${path_app}.zip >> ${path_app}
+cd -
-rm ${path_app}.zip
+echo '#!/usr/bin/env python3' > ${path_verify}
-chmod +x ${path_app}
+cat ${path_verify}.zip >> ${path_verify}
-
+rm ${path_verify}.zip
+chmod +x ${path_verify}