mirror of
https://github.com/laurivosandi/certidude
synced 2024-12-23 00:25:18 +00:00
cli: Use CERTIDUDE_CONF env variable to load custom configuration
This commit is contained in:
parent
94469f5416
commit
f73885fe70
@ -40,8 +40,6 @@ assert hasattr(crypto.X509Req(), "get_extensions"), "You're running too old vers
|
||||
# keyUsage, extendedKeyUsage - https://www.openssl.org/docs/apps/x509v3_config.html
|
||||
# strongSwan key paths - https://wiki.strongswan.org/projects/1/wiki/SimpleCA
|
||||
|
||||
config = CertificateAuthorityConfig()
|
||||
|
||||
# Parse command-line argument defaults from environment
|
||||
HOSTNAME = socket.gethostname()
|
||||
USERNAME = os.environ.get("USER")
|
||||
@ -60,6 +58,14 @@ if os.getuid() >= 1000:
|
||||
else:
|
||||
FIRST_NAME = gecos
|
||||
|
||||
|
||||
def load_config():
|
||||
path = os.getenv('CERTIDUDE_CONF')
|
||||
if path and os.path.isfile(path):
|
||||
return CertificateAuthorityConfig(path)
|
||||
return CertificateAuthorityConfig()
|
||||
|
||||
|
||||
@click.command("spawn", help="Run privilege isolated signer processes")
|
||||
@click.option("-k", "--kill", default=False, is_flag=True, help="Kill previous instances")
|
||||
@click.option("-n", "--no-interaction", default=True, is_flag=True, help="Don't load password protected keys")
|
||||
@ -95,6 +101,7 @@ def certidude_spawn(kill, no_interaction):
|
||||
os.system("mknod -m 444 %s c 1 9" % os.path.join(chroot_dir, "dev", "urandom"))
|
||||
|
||||
ca_loaded = False
|
||||
config = load_config()
|
||||
for ca in config.all_authorities():
|
||||
socket_path = os.path.join(signer_dir, ca.slug + ".sock")
|
||||
pidfile_path = os.path.join(signer_dir, ca.slug + ".pid")
|
||||
@ -638,6 +645,7 @@ def certidude_list(ca, show_key_type, show_extensions, show_path):
|
||||
click.echo(" | | Key usage: " + j.key_usage)
|
||||
click.echo(" | |")
|
||||
|
||||
config = load_config()
|
||||
for ca in config.all_authorities():
|
||||
click.echo("Certificate authority " + click.style(ca.slug, fg="blue"))
|
||||
# if ca.certificate.email_address:
|
||||
@ -699,11 +707,13 @@ def certidude_list(ca, show_key_type, show_extensions, show_path):
|
||||
|
||||
@click.command("list", help="List Certificate Authorities")
|
||||
@click.argument("ca")
|
||||
@config.pop_certificate_authority()
|
||||
#@config.pop_certificate_authority()
|
||||
def cert_list(ca):
|
||||
|
||||
mapping = {}
|
||||
|
||||
config = load_config()
|
||||
|
||||
click.echo("Listing certificates for: %s" % ca.certificate.subject.CN)
|
||||
|
||||
for serial, reason, timestamp in ca.get_revoked():
|
||||
@ -726,6 +736,7 @@ def cert_list(ca):
|
||||
@click.option("--overwrite", "-o", default=False, is_flag=True, help="Revoke valid certificate with same CN")
|
||||
@click.option("--lifetime", "-l", help="Lifetime")
|
||||
def certidude_sign(common_name, overwrite, lifetime):
|
||||
config = load_config()
|
||||
def iterate():
|
||||
for ca in config.all_authorities():
|
||||
for request in ca.get_requests():
|
||||
|
Loading…
Reference in New Issue
Block a user