From 09f6b5ae971c8941e54e9f984ac2a5344a99a1e3 Mon Sep 17 00:00:00 2001
From: =?utf8?q?Felix=20D=C3=B6rre?= <felix@dogcraft.de>
Date: Sat, 22 Apr 2017 16:39:33 -0400
Subject: [PATCH] upd: rename certificate renewal commands + add force mode

Change-Id: Ia98af2321a0d676dc44f987f34262c66d72d7a55
---
 commands                           | 10 +++++++---
 modules/hop/templates/commands.epp |  8 ++++----
 2 files changed, 11 insertions(+), 7 deletions(-)

diff --git a/commands b/commands
index 0a62514..4dd7f4d 100755
--- a/commands
+++ b/commands
@@ -4,12 +4,16 @@ if [[ "$UID" == 0 ]]; then
     echo "Run script as non-root-user"
     exit
 fi
-if [[ "$com" == "ask quiz certs" ]]; then
+if [[ "$com" == "update certs" || "$com" == "force update certs" ]]; then
+    force=false
+    if [[ "$com" == "force update certs" ]]; then
+        force=true
+    fi
     folder=$(mktemp -d)
     # In argument 1 is the path of the certificates to update: $1.crt and $1.key
     function update_cert {
         name=$1
-        if [[ -f $name.crt ]] && openssl x509 -checkend $((365*24*60*60)) -in $name.crt > /dev/null; then
+        if [[ -f $name.crt ]] && openssl x509 -checkend $((365*24*60*60)) -in $name.crt > /dev/null && ! $force; then
             echo "SKIP $name"
         else
             echo "ISSUE $name"
@@ -51,7 +55,7 @@ if [[ "$com" == "ask quiz certs" ]]; then
     [[ -f $folder/web.req ]] && rm $folder/web.req
     [[ -f $folder/web.key ]] && rm $folder/web.key
     rmdir $folder
-elif [[ "$com" == "reload quiz certs" ]]; then
+elif [[ "$com" == "reload certs" ]]; then
     sudo puppet apply /etc/puppet/code/environments/production/manifests --verbose
     sudo lxc-attach -n front-nginx -- puppet agent --verbose --test
     sudo lxc-attach -n quiz -- puppet agent --verbose --test
diff --git a/modules/hop/templates/commands.epp b/modules/hop/templates/commands.epp
index cb1720f..8cedfd9 100755
--- a/modules/hop/templates/commands.epp
+++ b/modules/hop/templates/commands.epp
@@ -1,11 +1,11 @@
 #!/bin/bash
 
 com="$SSH_ORIGINAL_COMMAND"
-if [[ "$com" == "ask quiz certs" ]]; then
-    exec ssh <%=$administrativeUser%>@10.0.3.1 "ask quiz certs"
-elif [[ "$com" == "reload quiz certs" ]]; then
+if [[ "$com" == "update certs" || "$com" == "force update certs" ]]; then
+    exec ssh <%=$administrativeUser%>@10.0.3.1 "$com"
+elif [[ "$com" == "reload certs" ]]; then
     # requires sudo --> requires terminal
-    exec ssh -t <%=$administrativeUser%>@10.0.3.1 "reload quiz certs"
+    exec ssh -t <%=$administrativeUser%>@10.0.3.1 "reload certs"
 elif [[ "$com" == "update crls" ]]; then
     exec ssh  <%=$administrativeUser%>@10.0.3.1 "update crls"
 else
-- 
2.39.2