diff options
| author | tv <tv@krebsco.de> | 2025-04-06 19:32:21 +0200 |
|---|---|---|
| committer | tv <tv@krebsco.de> | 2025-04-06 20:01:13 +0200 |
| commit | 209f39e0ed617bf2ce1c9dbd432ebd1bdaa247f9 (patch) | |
| tree | 6c16bb344b2449f375cf8f17966e0b35b78d4f90 | |
| parent | 6c412bbc0caebd0c2a69399e424f7e64f068cfdf (diff) | |
allow overriding vault URLs
| -rw-r--r-- | request_cert.sh | 7 |
1 files changed, 5 insertions, 2 deletions
diff --git a/request_cert.sh b/request_cert.sh index 97524c9..4d0a34e 100644 --- a/request_cert.sh +++ b/request_cert.sh @@ -14,11 +14,14 @@ set -eu +AUTH_VAULT_URL=${AUTH_VAULT_URL-https://vault.dings:8199} +CERT_VAULT_URL=${CERT_VAULT_URL-https://vault.dings:8200} + if [ -z "${VAULT_TOKEN-}" ]; then read -p USER: LDAPUSER read -s -p PASSWORD: LPDAPASSWD login_request_data=$(jq -c -n --arg password "$LDAPUSER" '{$password}' - login_response_data=$(curl -Ssf -H "Content-Type: application/json" -d "$login_request_data" https://vault.dings:8199/v1/auth/ldap/login/$LDAPUSER) + login_response_data=$(curl -Ssf -H "Content-Type: application/json" -d "$login_request_data" "$AUTH_VAULT_URL/v1/auth/ldap/login/$LDAPUSER") VAULT_TOKEN=$(echo "$login_response_data" | jq -r ".auth.client_token") echo $VAULT_TOKEN fi @@ -59,7 +62,7 @@ fi mkdir $CN -cert_response_data=$(echo "$cert_request_data" | curl -Ssf -H "X-Vault-Token: $VAULT_TOKEN" -d @- https://vault.dings:8200/v1/pki_rz_q-ca_2021aa/issue/rz-drv) +cert_response_data=$(echo "$cert_request_data" | curl -Ssf -H "X-Vault-Token: $VAULT_TOKEN" -d @- "$CERT_VAULT_URL/v1/pki_rz_q-ca_2021aa/issue/rz-drv") echo "$cert_response_data" > $CN/$CN.json echo "$cert_response_data" | jq -r '.data.certificate' > $CN/$CN.cer |