From 0138e167e91164bffc86eee29b4f140a1d03c93e Mon Sep 17 00:00:00 2001
From: thecantero <thecantero@users.noreply.github.com>
Date: Thu, 27 Apr 2017 18:23:43 +0800
Subject: [PATCH 1/6] Update to support Kong-v0.10.x

The previous one is for Kong-v0.9.x only.

This change will allow it to work with v0.10.x.

More info at:
https://github.com/Mashape/kong/blob/4f960abe33fe3d45510944f062e571d63dc3a673/UPGRADE.md#upgrade-to-010x
https://getkong.org/docs/0.10.x/admin-api/#add-certificate
---
 deploy/kong.sh | 39 +++++++++++++++++++++------------------
 1 file changed, 21 insertions(+), 18 deletions(-)

diff --git a/deploy/kong.sh b/deploy/kong.sh
index e1873f35..67eef693 100755
--- a/deploy/kong.sh
+++ b/deploy/kong.sh
@@ -31,14 +31,15 @@ kong_deploy() {
   _debug _cca "$_cca"
   _debug _cfullchain "$_cfullchain"
 
-  #Get uuid linked to the domain
-  uuid=$(_get "$KONG_URL/apis?request_host=$_cdomain" | _normalizeJson | _egrep_o '[0-9a-f]{8}-[0-9a-f]{4}-[0-9a-f]{4}-[0-9a-f]{4}-[0-9a-f]{12}')
-  if [ -z "$uuid" ]; then
-    _err "Unable to get Kong uuid for domain $_cdomain"
-    _err "Make sure that KONG_URL is correctly configured"
-    _err "Make sure that a Kong api request_host match the domain"
-    _err "Kong url: $KONG_URL"
-    return 1
+  #Get ssl_uuid linked to the domain
+  ssl_uuid=$(_get "$KONG_URL/certificates/$_cdomain" | _normalizeJson | _egrep_o '[0-9a-f]{8}-[0-9a-f]{4}-[0-9a-f]{4}-[0-9a-f]{4}-[0-9a-f]{12}')
+  if [ -z "$ssl_uuid" ]; then
+    _debug "Unable to get Kong ssl_uuid for domain $_cdomain"
+    _debug "Make sure that KONG_URL is correctly configured"
+    _debug "Make sure that a Kong certificate match the sni"
+    _debug "Kong url: $KONG_URL"
+    _info "No existing certificate, creating..."
+    #return 1
   fi
   #Save kong url if it's succesful (First run case)
   _saveaccountconf KONG_URL "$KONG_URL"
@@ -48,12 +49,15 @@ kong_deploy() {
   #Set Header
   _H1="Content-Type: multipart/form-data; boundary=$delim"
   #Generate data for request (Multipart/form-data with mixed content)
-  #set name to ssl
-  content="--$delim${nl}Content-Disposition: form-data; name=\"name\"${nl}${nl}ssl"
+  content="--$delim${nl}"
+  if [ -z "$ssl_uuid" ]; then
+    #set sni to domain
+    content="$content{nl}Content-Disposition: form-data; name=\"snis\"${nl}${nl}$_cdomain"
+  fi
   #add key
-  content="$content${nl}--$delim${nl}Content-Disposition: form-data; name=\"config.key\"; filename=\"$(basename "$_ckey")\"${nl}Content-Type: application/octet-stream${nl}${nl}$(cat "$_ckey")"
+  content="$content${nl}--$delim${nl}Content-Disposition: form-data; name=\"key\"; filename=\"$(basename "$_ckey")\"${nl}Content-Type: application/octet-stream${nl}${nl}$(cat "$_ckey")"
   #Add cert
-  content="$content${nl}--$delim${nl}Content-Disposition: form-data; name=\"config.cert\"; filename=\"$(basename "$_cfullchain")\"${nl}Content-Type: application/octet-stream${nl}${nl}$(cat "$_cfullchain")"
+  content="$content${nl}--$delim${nl}Content-Disposition: form-data; name=\"cert\"; filename=\"$(basename "$_cfullchain")\"${nl}Content-Type: application/octet-stream${nl}${nl}$(cat "$_cfullchain")"
   #Close multipart
   content="$content${nl}--$delim--${nl}"
   #Convert CRLF
@@ -61,17 +65,16 @@ kong_deploy() {
   #DEBUG
   _debug header "$_H1"
   _debug content "$content"
-  #Check if ssl plugins is aready enabled (if not => POST else => PATCH)
-  ssl_uuid=$(_get "$KONG_URL/apis/$uuid/plugins" | _egrep_o '"id":"[0-9a-f]{8}-[0-9a-f]{4}-[0-9a-f]{4}-[0-9a-f]{4}-[0-9a-f]{12}"[a-zA-Z0-9\-\,\"_\:]*"name":"ssl"' | _egrep_o '[0-9a-f]{8}-[0-9a-f]{4}-[0-9a-f]{4}-[0-9a-f]{4}-[0-9a-f]{12}')
-  _debug ssl_uuid "$ssl_uuid"
+  #Check if sslcreated (if not => POST else => PATCH)
+
   if [ -z "$ssl_uuid" ]; then
     #Post certificate to Kong
-    response=$(_post "$content" "$KONG_URL/apis/$uuid/plugins" "" "POST")
+    response=$(_post "$content" "$KONG_URL/certificates" "" "POST")
   else
     #patch
-    response=$(_post "$content" "$KONG_URL/apis/$uuid/plugins/$ssl_uuid" "" "PATCH")
+    response=$(_post "$content" "$KONG_URL/certificates/$ssl_uuid" "" "PATCH")
   fi
-  if ! [ "$(echo "$response" | _egrep_o "ssl")" = "ssl" ]; then
+  if ! [ "$(echo "$response" | _egrep_o "created_at")" = "created_at" ]; then
     _err "An error occurred with cert upload. Check response:"
     _err "$response"
     return 1

From de3bac53bfb99e1b192bed48a1c5dcf694e2a606 Mon Sep 17 00:00:00 2001
From: thecantero <thecantero@users.noreply.github.com>
Date: Thu, 27 Apr 2017 20:06:47 +0800
Subject: [PATCH 2/6] update README

---
 deploy/README.md | 5 ++++-
 1 file changed, 4 insertions(+), 1 deletion(-)

diff --git a/deploy/README.md b/deploy/README.md
index d8c2f57c..232fdb4a 100644
--- a/deploy/README.md
+++ b/deploy/README.md
@@ -21,8 +21,11 @@ acme.sh --deploy -d example.com --deploy-hook cpanel
 ## 2. Deploy ssl cert on kong proxy engine based on api.
 
 Before you can deploy your cert, you must [issue the cert first](https://github.com/Neilpang/acme.sh/wiki/How-to-issue-a-cert).
+Currently supports Kong-v0.10.x.
 
-(TODO)
+```sh
+acme.sh --deploy -d ftp.example.com --deploy-hook kong
+```
 
 ## 3. Deploy the cert to remote server through SSH access.
 

From 4b02ee5b468814b2a19e9dd783b458264acbe776 Mon Sep 17 00:00:00 2001
From: thecantero <thecantero@users.noreply.github.com>
Date: Thu, 27 Apr 2017 20:38:08 +0800
Subject: [PATCH 3/6] Typo fix

---
 deploy/kong.sh | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/deploy/kong.sh b/deploy/kong.sh
index 67eef693..79dc3916 100755
--- a/deploy/kong.sh
+++ b/deploy/kong.sh
@@ -67,7 +67,7 @@ kong_deploy() {
   _debug content "$content"
   #Check if sslcreated (if not => POST else => PATCH)
 
-  if [ -z "$ssl_uuid" ]; then
+  if [ ! -z "$ssl_uuid" ]; then
     #Post certificate to Kong
     response=$(_post "$content" "$KONG_URL/certificates" "" "POST")
   else

From c140fe9bae8926e3724545330505edc3e1355833 Mon Sep 17 00:00:00 2001
From: thecantero <thecantero@users.noreply.github.com>
Date: Thu, 27 Apr 2017 20:39:53 +0800
Subject: [PATCH 4/6] Typo Fix

---
 deploy/kong.sh | 8 ++------
 1 file changed, 2 insertions(+), 6 deletions(-)

diff --git a/deploy/kong.sh b/deploy/kong.sh
index 79dc3916..9d1f40a7 100755
--- a/deploy/kong.sh
+++ b/deploy/kong.sh
@@ -1,6 +1,3 @@
-#!/usr/bin/env sh
-
-# This deploy hook will deploy ssl cert on kong proxy engine based on api request_host parameter.
 # Note that ssl plugin should be available on Kong instance
 # The hook will match cdomain to request_host, in case of multiple domain it will always take the first
 # one (acme.sh behaviour).
@@ -49,10 +46,9 @@ kong_deploy() {
   #Set Header
   _H1="Content-Type: multipart/form-data; boundary=$delim"
   #Generate data for request (Multipart/form-data with mixed content)
-  content="--$delim${nl}"
   if [ -z "$ssl_uuid" ]; then
     #set sni to domain
-    content="$content{nl}Content-Disposition: form-data; name=\"snis\"${nl}${nl}$_cdomain"
+    content="--$delim${nl}Content-Disposition: form-data; name=\"snis\"${nl}${nl}$_cdomain"
   fi
   #add key
   content="$content${nl}--$delim${nl}Content-Disposition: form-data; name=\"key\"; filename=\"$(basename "$_ckey")\"${nl}Content-Type: application/octet-stream${nl}${nl}$(cat "$_ckey")"
@@ -67,7 +63,7 @@ kong_deploy() {
   _debug content "$content"
   #Check if sslcreated (if not => POST else => PATCH)
 
-  if [ ! -z "$ssl_uuid" ]; then
+  if [ -z "$ssl_uuid" ]; then
     #Post certificate to Kong
     response=$(_post "$content" "$KONG_URL/certificates" "" "POST")
   else

From 824ffa24f497a69bd4b0cb0cf10520b27d326514 Mon Sep 17 00:00:00 2001
From: Andre Cantero <thecantero@gmail.com>
Date: Fri, 28 Apr 2017 00:21:21 +0800
Subject: [PATCH 5/6] Add shebang

---
 deploy/kong.sh | 1 +
 1 file changed, 1 insertion(+)

diff --git a/deploy/kong.sh b/deploy/kong.sh
index 9d1f40a7..dce92096 100755
--- a/deploy/kong.sh
+++ b/deploy/kong.sh
@@ -1,3 +1,4 @@
+#!/usr/bin/env sh
 # Note that ssl plugin should be available on Kong instance
 # The hook will match cdomain to request_host, in case of multiple domain it will always take the first
 # one (acme.sh behaviour).

From 1231b71245588f107bc9667c16925afeac0f4e4e Mon Sep 17 00:00:00 2001
From: Andre Cantero <thecantero@gmail.com>
Date: Fri, 28 Apr 2017 00:25:30 +0800
Subject: [PATCH 6/6] Update the notes

---
 deploy/kong.sh | 10 +++-------
 1 file changed, 3 insertions(+), 7 deletions(-)

diff --git a/deploy/kong.sh b/deploy/kong.sh
index dce92096..d3a6bc47 100755
--- a/deploy/kong.sh
+++ b/deploy/kong.sh
@@ -1,11 +1,7 @@
 #!/usr/bin/env sh
-# Note that ssl plugin should be available on Kong instance
-# The hook will match cdomain to request_host, in case of multiple domain it will always take the first
-# one (acme.sh behaviour).
-# If ssl config already exist it will update only cert and key not touching other parameter
-# If ssl config doesn't exist it will only upload cert and key and not set other parameter
-# Not that we deploy full chain
-# See https://getkong.org/plugins/dynamic-ssl/ for other options
+# If certificate already exist it will update only cert and key not touching other parameter
+# If certificate  doesn't exist it will only upload cert and key and not set other parameter
+# Note that we deploy full chain
 # Written by Geoffroi Genot <ggenot@voxbone.com>
 
 ########  Public functions #####################