Not possible to do other nebula-cert commands

jwallden / nebula-snap

Snap package for Nebula overlay networking tool

MIT License

12 stars 4 forks source link

Not possible to do other nebula-cert commands #7

Open Hooloovoo opened 1 year ago

Hooloovoo commented 1 year ago

Many thanks for this -- it is a great way to keep my Nebula installations up to date on Ubuntu.

I wanted to start monitoring for certificate expiry and have been recommended to use:

nebula-cert print -json -path <your-cert-file> | jq ".details.notAfter"

It looks as though the snap commands are hard-coded to specific nebula-cert commands and nebula-cert print is not possible.

jwallden commented 1 year ago

Many apologies for the late reply. It's correct that the commands are hard coded. It's been a while since i worked on this but to my knowledge you need to do it this way in the snap file. I don't have a lot of time these days but after a quick peek I don't think that it would be to hard to add this. No promises on when though so if you do it yourself I'm happy to accept a PR :)

eythian commented 1 year ago

This is a problem because when you set up Nebula on a phone, it pregenerates a public key that you then must sign. However it's not possible to do this, as -out-key is hardcoded and so the command aborts.