shell/synology
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity
Files
main
synology/certifs_info.sh
Bruno21 9336502f68 1st commit
2025-01-03 07:39:33 +01:00

194 lines
5.4 KiB
Bash
Executable File
Raw Permalink Blame History

#!/usr/bin/env bash
redbold="\033[1;31m"
red="\033[0;31m"
greenbold="\033[1;32m"
green="\033[0;32m"
yellowbold="\033[1;33m"
yellow="\033[0;33m"
bold="\033[1m"
#bold_under="\033[1;4m"
italic="\033[3m"
underline="\033[4m"
reset="\033[0m"
# Requierements:
# - script must run with sudo
# - jq 1.7.1 mini (/bin/jq = 1.5 (dsm 7.2.2); /opt/bin/jq = 1.7.1 (opkg))
if [[ $EUID -ne 0 ]]; then
echo "$0 is not running as root. Try using sudo."
exit 2
fi
dsm=$(cat /etc.defaults/VERSION)
build=$(echo "$dsm" | grep buildnumber | awk -F"=" '{print $2}')
os=$(echo "$dsm" | grep os_name | awk -F"=" '{print $2}')
version=$(echo "$dsm" | grep productversion | awk -F"=" '{print $2}')
information="${os//\"/} ${version//\"/} build ${build//\"/}"
echo -e "$information"
# Supprimer les ""
#display_name="${display_name//\"/}"
vers_jq=$(jq -V | awk -F"-" '{print $2}')
echo -e "jq version ${vers_jq}\n"
# GNU sort
version_greater_equal() {
printf '%s\n%s\n' "$2" "$1" | sort --check=quiet --version-sort
}
version_greater_equal "${vers_jq}" 1.7.1 || { echo -e "Need ${italic}jq v1.7.1${reset} or above !"; echo -e "Maybe you should use ${italic}opkg install jq${reset}"; exit 1; }
certifs_archive=/usr/syno/etc/certificate/_archive
#certifs_archive=/Users/bruno/Downloads
#services="$certifs_archive/SERVICES"
#[ -f "$services" ] && ser=$(cat "$services") || { echo -e "${red}No $services file found !${reset}"; exit 1; }
info="$certifs_archive/INFO"
[ -f "$info" ] && inf=$(cat "$info") || { echo -e "${red}No $info file found !${reset}"; exit 1; }
default="$certifs_archive/DEFAULT"
[ -f "$default" ] && def=$(cat "$default") || { echo -e "${red}No $default file found !${reset}"; exit 1; }
rp=()
ap=()
ot=()
echo -e "${greenbold}Reading $info${reset}\n"
echo -e "${yellow}Certificates's list...${reset}\n"
liste_cert=$(echo "$inf" | jq -r 'keys[]')
printf "| ${bold}%-7s${reset} | ${bold}%-53s${reset} | ${bold}%-25s${reset} \n" "Certif." "Description" "Date limite"
while read certif; do
filter=".$certif"
desc=$(echo "$inf" | jq -r $filter | jq -r '.desc')
ssl=$(openssl x509 -enddate -subject -noout -in $certifs_archive/$certif/cert.pem)
notafter=$(echo "$ssl" | grep notAfter | awk -F"=" '{print $2}')
subject=$(echo "$ssl" | grep subject | awk -F"=" '{print $1}')
timestamp_current=$(date +"%s")
timestamp_end=$(date --date="$notafter" +"%s")
left=$(($((timestamp_end - timestamp_current))/(60*60*24)))
end="$notafter ($left days left)"
[ "$certif" == "$def" ] && printf "| ${green}%-7s${reset} | ${green}%-53s${reset} | ${green}%-25s${reset} \n" "$certif" "$desc" "$end (default)" || printf "| %-7s | %-53s | %-25s \n" "$certif" "$desc" "$end"
if [ "$certif" == "$def" ]; then
echo
ls -ld "$certifs_archive/$def"/*
# ls -ld * .*
echo
echo -e "${italic}cert.pem${reset} est le certificat de l'utilisateur final."
echo -e "${italic}chain.pem${reset} est le reste de la chaîne. Il s'agit uniquement du certificat racine de LetsEncrypt."
echo -e "${italic}fullchain.pem${reset} est cert.pem et chain.pem combinés."
echo -e "${italic}privkey.pem${reset} est une clé privée RSA générée avec le certificat."
fi
done <<< "$liste_cert"
echo -e "\n\n${yellow}Certificates and Subscriber...${reset}\n"
while read certif; do
filter=".$certif"
desc=$(echo "$inf" | jq -r $filter | jq -r '.desc')
printf "| ${yellowbold}%-7s${reset} | ${yellowbold}%-60s${reset} \n" "Certif." "Description"
printf "| ${yellowbold}%-7s${reset} | ${yellowbold}%-60s${reset} \n\n" "$certif" "$desc" # ok
serv=$(echo "$inf" | jq -r $filter | jq -r '.services[]')
printf "|${bold} %-40s ${reset}|${bold} %-20s ${reset}|${bold} %-60s ${reset}\n" "Display_name" "Subscriber" "Service"
while read line; do
display_name=$(echo "$line" | jq -r '.display_name')
service=$(echo "$line" | jq -r '.service')
subscriber=$(echo "$line" | jq -r '.subscriber')
#echo "$display_name"
#echo "$service"
#echo "$subscriber"
printf "| %-40s | %-20s | %-60s \n" "$display_name" "$subscriber" "$service"
if [[ "$subscriber" == *ReverseProxy* ]]; then
rp+=("$display_name")
elif [[ "$subscriber" == *AppPortal* ]]; then
if [[ "$display_name" == *photos-nas.ovh* ]]; then
a=$(echo "$display_name" | awk -F" - " '{print $1}' | xargs)
b=$(echo "$display_name" | awk -F" - " '{print $2}' | xargs)
ap+=("$a")
rp+=("$b")
fi
else
if [[ "$display_name" == *photos-nas.ovh* ]]; then
if [[ "$display_name" =~ :[0-9]{1,5}$ ]]; then
c=$(echo "$display_name" | awk -F":" '{print $1}')
rp+=("$c")
else
rp+=("$display_name")
fi
else
ot+=("$display_name")
fi
fi
done < <(jq -c <<< "$serv")
echo -e "\n\n"
done <<< "$liste_cert"
echo -e "\n\n"
IFS=$'\n'
reverseproxy=($(sort <<<"${rp[*]}"))
appportal=($(sort <<<"${ap[*]}"))
others=($(sort <<<"${ot[*]}"))
unset IFS
printf "| %-3s | ${bold}%-60s${reset} \n" "" "Reverse Proxy"
i=1
for val in ${!reverseproxy[@]}
do
printf "| %-3s | %-60s \n" "$i" "${reverseproxy[$val]}"
((i++))
done
echo -e "${italic}${#reverseproxy[@]} lines${reset}\n"
printf "| %-3s | ${bold}%-60s${reset} \n" "" "AppPortal"
i=1
for val in ${!appportal[@]}
do
printf "| %-3s | %-60s \n" "$i" "${appportal[$val]}"
((i++))
done
echo -e "${italic}${#appportal[@]} lines${reset}\n"
printf "| %-3s | ${bold}%-60s${reset} \n" "" "Others"
i=1
for val in ${!others[@]}
do
printf "| %-3s | %-60s \n" "$i" "${others[$val]}"
((i++))
done
echo -e "${italic}${#others[@]} lines${reset}\n"
Reference in New Issue View Git Blame Copy Permalink