From 209f39e0ed617bf2ce1c9dbd432ebd1bdaa247f9 Mon Sep 17 00:00:00 2001
From: tv <tv@krebsco.de>
Date: Sun, 6 Apr 2025 19:32:21 +0200
Subject: allow overriding vault URLs

---
 request_cert.sh | 7 +++++--
 1 file changed, 5 insertions(+), 2 deletions(-)

diff --git a/request_cert.sh b/request_cert.sh
index 97524c9..4d0a34e 100644
--- a/request_cert.sh
+++ b/request_cert.sh
@@ -14,11 +14,14 @@
 
 set -eu
 
+AUTH_VAULT_URL=${AUTH_VAULT_URL-https://vault.dings:8199}
+CERT_VAULT_URL=${CERT_VAULT_URL-https://vault.dings:8200}
+
 if [ -z "${VAULT_TOKEN-}" ]; then
    read -p USER: LDAPUSER
    read -s -p PASSWORD: LPDAPASSWD
    login_request_data=$(jq -c -n --arg password "$LDAPUSER" '{$password}'
-   login_response_data=$(curl -Ssf -H "Content-Type: application/json" -d "$login_request_data" https://vault.dings:8199/v1/auth/ldap/login/$LDAPUSER)
+   login_response_data=$(curl -Ssf -H "Content-Type: application/json" -d "$login_request_data" "$AUTH_VAULT_URL/v1/auth/ldap/login/$LDAPUSER")
    VAULT_TOKEN=$(echo "$login_response_data" | jq -r ".auth.client_token")
    echo $VAULT_TOKEN
 fi
@@ -59,7 +62,7 @@ fi
 
 mkdir $CN
 
-cert_response_data=$(echo "$cert_request_data" | curl -Ssf -H "X-Vault-Token: $VAULT_TOKEN" -d @- https://vault.dings:8200/v1/pki_rz_q-ca_2021aa/issue/rz-drv)
+cert_response_data=$(echo "$cert_request_data" | curl -Ssf -H "X-Vault-Token: $VAULT_TOKEN" -d @- "$CERT_VAULT_URL/v1/pki_rz_q-ca_2021aa/issue/rz-drv")
 
 echo "$cert_response_data" > $CN/$CN.json
 echo "$cert_response_data" | jq -r '.data.certificate' > $CN/$CN.cer
-- 
cgit v1.2.3