Add .env and README

.gitignore

@@ -0,0 +1 @@
+.env

README.md

@@ -1,2 +1,58 @@
-# certman
+# Certwarden Certificate Management
 
+A bash script for managing SSL/TLS certificates through the Certwarden API. This tool provides a simple interface for downloading, installing, and managing certificates on your system.
+
+## Features
+
+- Download certificates and private keys from Certwarden server
+- Automatic installation with proper permissions
+- List installed certificates
+- Check certificate expiration dates
+- Interactive menu-driven interface
+- Automated mode support through environment variables
+
+## Prerequisites
+
+The script requires the following dependencies:
+- `curl`: For API interactions
+- `jq`: For JSON processing
+- `openssl`: For certificate operations
+
+## Installation
+
+1. Clone this repository:
+```bash
+git clone <repository-url>
+cd certman
+```
+
+2. Make the script executable:
+```bash
+chmod +x certman.sh
+```
+
+
+3. Create a `.env` file with your configuration:
+```bash
+CERTWARDEN_SERVER="certwarden.dmz.skyfritt.net"
+API_KEY=""
+
+CERT_NAME="$(hostname).crt" # defaults to hostname
+CERT_PATH="/etc/ssl/certs"
+KEY_PATH="/etc/ssl/private"
+
+AUTO_MODE="false"
+TEMP_PATH="/tmp/cert_temp"
+```
+
+### Environment Variables Explained
+
+| Variable | Description | Default Value | Required |
+|----------|-------------|---------------|----------|
+| CERTWARDEN_SERVER | Certwarden API server hostname | certwarden.dmz.skyfritt.net | Yes |
+| API_KEY | Your Certwarden API key | Empty | Yes for auto mode |
+| CERT_NAME | Certificate name to manage | $(hostname).crt | Yes |
+| CERT_PATH | Directory for certificate storage | /etc/ssl/certs | Yes |
+| KEY_PATH | Directory for private key storage | /etc/ssl/private | Yes |
+| AUTO_MODE | Enable automated operation | false | No |
+| TEMP_PATH | Temporary directory for downloads | /tmp/cert_temp | Yes |

certman.sh

@@ -1,21 +1,16 @@
 #!/bin/bash
 
-# Certificate Management Script for Certwarden
+if [ -f .env ]; then
-# Version: 1.0
+    source .env
+else
+    echo "No .env file found."
+fi
 
-# Configuration
-CERTWARDEN_SERVER="your-certwarden-server.com"
-CERT_PATH="/etc/ssl/certs"
-KEY_PATH="/etc/ssl/private"
-TEMP_PATH="/tmp/cert_temp"
-
-# Color codes for output
 GREEN='\033[0;32m'
 RED='\033[0;31m'
 BLUE='\033[0;34m'
 NC='\033[0m' # No Color
 
-# Function to check if required commands exist
 check_requirements() {
     local required_commands=("curl" "jq")
     for cmd in "${required_commands[@]}"; do
@@ -27,7 +22,6 @@ check_requirements() {
     done
 }
 
-# Function to validate API key format
 validate_api_key() {
     local api_key=$1
     if [[ ! $api_key =~ ^[A-Za-z0-9_-]{32,}$ ]]; then
@@ -36,16 +30,13 @@ validate_api_key() {
     return 0
 }
 
-# Function to create directories if they don't exist
 setup_directories() {
-    mkdir -p "$CERT_PATH" "$KEY_PATH" "$TEMP_PATH"
+    if ! mkdir -p "$CERT_PATH" "$KEY_PATH" "$TEMP_PATH"; then
-    if [ $? -ne 0 ]; then
         echo -e "${RED}Error: Failed to create required directories${NC}"
         exit 1
     fi
 }
 
-# Function to download certificate and key
 download_certificate() {
     local cert_name=$1
     local api_key=$2
@@ -75,7 +66,6 @@ download_certificate() {
     return 0
 }
 
-# Function to install certificate and key
 install_certificate() {
     local cert_name=$1
 
@@ -83,11 +73,11 @@ install_certificate() {
     if sudo mv "$TEMP_PATH/$cert_name.crt" "$CERT_PATH/" && \
        sudo mv "$TEMP_PATH/$cert_name.key" "$KEY_PATH/"; then
         echo -e "${GREEN}Certificate and key installed successfully${NC}"
-        
+
         # Set appropriate permissions
         sudo chmod 644 "$CERT_PATH/$cert_name.crt"
         sudo chmod 600 "$KEY_PATH/$cert_name.key"
-        
+
         return 0
     else
         echo -e "${RED}Failed to install certificate and key${NC}"
@@ -97,27 +87,43 @@ install_certificate() {
 
 # Main menu function
 main_menu() {
+    # If in auto mode and we have cert name and API key, process automatically
+    if [ "$AUTO_MODE" = "true" ] && [ -n "$CERT_NAME" ] && [ -n "$API_KEY" ]; then
+        if validate_api_key "$API_KEY"; then
+            if download_certificate "$CERT_NAME" "$API_KEY"; then
+                install_certificate "$CERT_NAME"
+            fi
+        else
+            echo -e "${RED}Invalid API key format in .env file${NC}"
+        fi
+        exit 0
+    fi
+
     while true; do
         echo -e "\n${BLUE}Certwarden Certificate Management${NC}"
         echo "1. Download and install new certificate"
         echo "2. List installed certificates"
         echo "3. Check certificate expiration"
         echo "4. Exit"
-        
+
-        read -p "Select an option (1-4): " choice
+        read -r -p "Select an option (1-4): " choice
 
         case $choice in
             1)
-                read -p "Enter certificate name: " cert_name
+                if [ -z "$CERT_NAME" ]; then
-                read -p "Enter API key: " api_key
+                    read -r -p "Enter certificate name: " CERT_NAME
+                fi
+                if [ -z "$API_KEY" ]; then
+                    read -r -p "Enter API key: " API_KEY
+                fi
 
-                if ! validate_api_key "$api_key"; then
+                if ! validate_api_key "$API_KEY"; then
                     echo -e "${RED}Invalid API key format${NC}"
                     continue
                 fi
 
-                if download_certificate "$cert_name" "$api_key"; then
+                if download_certificate "$CERT_NAME" "$API_KEY"; then
-                    install_certificate "$cert_name"
+                    install_certificate "$CERT_NAME"
                 fi
                 ;;
             2)