tf-debian-vm/files/get_cert.sh

#!/bin/bash
set -euo pipefail
IFS=$'\n\t'

eval "$(jq -r '@sh "PUBKEY=\(.pubkey) HOST=\(.host) CAHOST=\(.cahost) CASCRIPT=\(.cascript) CAKEY=\(.cakey)"')"

# TODO: Can this be done more eye-pleasingly?
set +e
CERT=$(ssh -o ConnectTimeout=3 -o ConnectionAttempts=1 root@$CAHOST '"'"$CASCRIPT"'" "'"$CAKEY"'" host "'"$PUBKEY"'" "'"$HOST"'".dmz')
retval=$?
set -e

if [ retval -neq 0 ]; then
	CERT=""
fi

jq -n --arg cert "$CERT" '{"cert":$cert}'
init 2023-04-05 14:48:38 +00:00			`#!/bin/bash`
			`set -euo pipefail`
			`IFS=$'\n\t'`

support multiple SSH CA key pairs 2023-04-25 15:50:02 +00:00			`eval "$(jq -r '@sh "PUBKEY=\(.pubkey) HOST=\(.host) CAHOST=\(.cahost) CASCRIPT=\(.cascript) CAKEY=\(.cakey)"')"`
init 2023-04-05 14:48:38 +00:00
			`# TODO: Can this be done more eye-pleasingly?`
do not crash on cert error 2023-04-21 19:25:33 +00:00			`set +e`
support multiple SSH CA key pairs 2023-04-25 15:50:02 +00:00			`CERT=$(ssh -o ConnectTimeout=3 -o ConnectionAttempts=1 root@$CAHOST '"'"$CASCRIPT"'" "'"$CAKEY"'" host "'"$PUBKEY"'" "'"$HOST"'".dmz')`
do not crash on cert error 2023-04-21 19:25:33 +00:00			`retval=$?`
			`set -e`

			`if [ retval -neq 0 ]; then`
			`CERT=""`
			`fi`
init 2023-04-05 14:48:38 +00:00
			`jq -n --arg cert "$CERT" '{"cert":$cert}'`