From 4d0425a017dd1d9436cef21bea2643f9e3da55aa Mon Sep 17 00:00:00 2001
From: crupest <crupest@outlook.com>
Date: Fri, 25 Nov 2022 14:12:26 +0800
Subject: Make certbot better.

---
 docker/auto-certbot/get-cert-domains.py | 38 +++++++++++++++++++++++++++++++++
 1 file changed, 38 insertions(+)
 create mode 100755 docker/auto-certbot/get-cert-domains.py

(limited to 'docker/auto-certbot/get-cert-domains.py')

diff --git a/docker/auto-certbot/get-cert-domains.py b/docker/auto-certbot/get-cert-domains.py
new file mode 100755
index 0000000..3ba9462
--- /dev/null
+++ b/docker/auto-certbot/get-cert-domains.py
@@ -0,0 +1,38 @@
+#!/usr/bin/env python3
+
+import sys
+import os
+from os.path import *
+from cryptography.x509 import *
+from cryptography.x509.oid import ExtensionOID
+
+# Check only one argument
+if len(sys.argv) != 2:
+    print("You should only specify one argument, aka, the path of cert.",
+          file=sys.stderr)
+    exit(1)
+
+cert_path = sys.argv[1]
+
+if not exists(cert_path):
+    print("Cert file does not exist.", file=sys.stderr)
+    exit(2)
+
+if not isfile(cert_path):
+    print("Cert path is not a file.")
+    exit(3)
+
+if not 'CRUPEST_DOMAIN' in os.environ:
+    print("Please set CRUPEST_DOMAIN environment variable to root domain.", file=sys.stderr)
+    exit(4)
+
+root_domain = os.environ['CRUPEST_DOMAIN']
+
+with open(cert_path) as f:
+    cert = load_pem_x509_certificate(f.read())
+    ext = cert.extensions.get_extension_for_oid(
+        ExtensionOID.SUBJECT_ALTERNATIVE_NAME)
+    domains: list = ext.value.get_values_for_type(DNSName)
+    domains.remove(root_domain)
+    domains = [root_domain, *domains]
+    print('\n'.join(domains))
-- 
cgit v1.2.3