You can not select more than 25 topics Topics must start with a letter or number, can include dashes ('-') and can be up to 35 characters long.

473 lines
17 KiB

8 years ago
8 years ago
8 years ago
8 years ago
8 years ago
8 years ago
8 years ago
8 years ago
8 years ago
8 years ago
8 years ago
8 years ago
8 years ago
8 years ago
8 years ago
8 years ago
4 years ago
8 years ago
8 years ago
4 years ago
8 years ago
8 years ago
8 years ago
8 years ago
8 years ago
  1. #!/usr/bin/env sh
  2. # Script to deploy certificates to remote server by SSH
  3. # Note that SSH must be able to login to remote host without a password...
  4. # SSH Keys must have been exchanged with the remote host. Validate and
  5. # test that you can login to USER@SERVER from the host running acme.sh before
  6. # using this script.
  7. #
  8. # The following variables exported from environment will be used.
  9. # If not set then values previously saved in domain.conf file are used.
  10. #
  11. # Only a username is required. All others are optional.
  12. #
  13. # The following examples are for QNAP NAS running QTS 4.2
  14. # export DEPLOY_SSH_CMD="" # defaults to "ssh -T"
  15. # export DEPLOY_SSH_USER="admin" # required
  16. # export DEPLOY_SSH_SERVER="qnap" # defaults to domain name
  17. # export DEPLOY_SSH_KEYFILE="/etc/stunnel/stunnel.pem"
  18. # export DEPLOY_SSH_CERTFILE="/etc/stunnel/stunnel.pem"
  19. # export DEPLOY_SSH_CAFILE="/etc/stunnel/uca.pem"
  20. # export DEPLOY_SSH_FULLCHAIN=""
  21. # export DEPLOY_SSH_REMOTE_CMD="/etc/init.d/stunnel.sh restart"
  22. # export DEPLOY_SSH_BACKUP="" # yes or no, default to yes or previously saved value
  23. # export DEPLOY_SSH_BACKUP_PATH=".acme_ssh_deploy" # path on remote system. Defaults to .acme_ssh_deploy
  24. # export DEPLOY_SSH_MULTI_CALL="" # yes or no, default to no or previously saved value
  25. # export DEPLOY_SSH_USE_SCP="" yes or no , default to no
  26. # export DEPLOY_SSH_SCP_CMD="" defaults to "scp -T -q "
  27. #
  28. ######## Public functions #####################
  29. #domain keyfile certfile cafile fullchain
  30. ssh_deploy() {
  31. _cdomain="$1"
  32. _ckey="$2"
  33. _ccert="$3"
  34. _cca="$4"
  35. _cfullchain="$5"
  36. _deploy_ssh_servers=""
  37. _debug _cdomain "$_cdomain"
  38. _debug _ckey "$_ckey"
  39. _debug _ccert "$_ccert"
  40. _debug _cca "$_cca"
  41. _debug _cfullchain "$_cfullchain"
  42. # USER is required to login by SSH to remote host.
  43. _getdeployconf DEPLOY_SSH_USER
  44. _debug2 DEPLOY_SSH_USER "$DEPLOY_SSH_USER"
  45. if [ -z "$DEPLOY_SSH_USER" ]; then
  46. if [ -z "$Le_Deploy_ssh_user" ]; then
  47. _err "DEPLOY_SSH_USER not defined."
  48. return 1
  49. fi
  50. else
  51. Le_Deploy_ssh_user="$DEPLOY_SSH_USER"
  52. _savedomainconf Le_Deploy_ssh_user "$Le_Deploy_ssh_user"
  53. fi
  54. # SERVER is optional. If not provided then use _cdomain
  55. _getdeployconf DEPLOY_SSH_SERVER
  56. _debug2 DEPLOY_SSH_SERVER "$DEPLOY_SSH_SERVER"
  57. if [ -n "$DEPLOY_SSH_SERVER" ]; then
  58. Le_Deploy_ssh_server="$DEPLOY_SSH_SERVER"
  59. _savedomainconf Le_Deploy_ssh_server "$Le_Deploy_ssh_server"
  60. elif [ -z "$Le_Deploy_ssh_server" ]; then
  61. Le_Deploy_ssh_server="$_cdomain"
  62. fi
  63. # CMD is optional. If not provided then use ssh
  64. _getdeployconf DEPLOY_SSH_CMD
  65. _debug2 DEPLOY_SSH_CMD "$DEPLOY_SSH_CMD"
  66. if [ -n "$DEPLOY_SSH_CMD" ]; then
  67. Le_Deploy_ssh_cmd="$DEPLOY_SSH_CMD"
  68. _savedomainconf Le_Deploy_ssh_cmd "$Le_Deploy_ssh_cmd"
  69. elif [ -z "$Le_Deploy_ssh_cmd" ]; then
  70. Le_Deploy_ssh_cmd="ssh -T"
  71. fi
  72. # USE_SCP is optional. If not provided then default to previously saved
  73. # value (which may be undefined... equivalent to "no").
  74. if [ "$DEPLOY_SSH_USE_SCP" = "yes" ]; then
  75. Le_Deploy_ssh_use_scp="yes"
  76. _savedomainconf Le_Deploy_ssh_use_scp "$Le_Deploy_ssh_use_scp"
  77. elif [ "$DEPLOY_SSH_USE_SCP" = "no" ]; then
  78. Le_Deploy_ssh_use_scp=""
  79. _cleardomainconf Le_Deploy_ssh_use_scp
  80. fi
  81. # SCP_CMD is optional. If not provided then use scp
  82. if [ -n "$DEPLOY_SSH_SCP_CMD" ]; then
  83. Le_Deploy_ssh_scp_cmd="$DEPLOY_SSH_SCP_CMD"
  84. _savedomainconf Le_Deploy_ssh_scp_cmd "$Le_Deploy_ssh_scp_cmd"
  85. elif [ -z "$Le_Deploy_ssh_scp_cmd" ]; then
  86. Le_Deploy_ssh_scp_cmd="scp -T"
  87. fi
  88. # BACKUP is optional. If not provided then default to previously saved value or yes.
  89. _getdeployconf DEPLOY_SSH_BACKUP
  90. _debug2 DEPLOY_SSH_BACKUP "$DEPLOY_SSH_BACKUP"
  91. if [ "$DEPLOY_SSH_BACKUP" = "no" ]; then
  92. Le_Deploy_ssh_backup="no"
  93. elif [ -z "$Le_Deploy_ssh_backup" ] || [ "$DEPLOY_SSH_BACKUP" = "yes" ]; then
  94. Le_Deploy_ssh_backup="yes"
  95. fi
  96. _savedomainconf Le_Deploy_ssh_backup "$Le_Deploy_ssh_backup"
  97. # BACKUP_PATH is optional. If not provided then default to previously saved value or .acme_ssh_deploy
  98. _getdeployconf DEPLOY_SSH_BACKUP_PATH
  99. _debug2 DEPLOY_SSH_BACKUP_PATH "$DEPLOY_SSH_BACKUP_PATH"
  100. if [ -n "$DEPLOY_SSH_BACKUP_PATH" ]; then
  101. Le_Deploy_ssh_backup_path="$DEPLOY_SSH_BACKUP_PATH"
  102. elif [ -z "$Le_Deploy_ssh_backup_path" ]; then
  103. Le_Deploy_ssh_backup_path=".acme_ssh_deploy"
  104. fi
  105. _savedomainconf Le_Deploy_ssh_backup_path "$Le_Deploy_ssh_backup_path"
  106. # MULTI_CALL is optional. If not provided then default to previously saved
  107. # value (which may be undefined... equivalent to "no").
  108. _getdeployconf DEPLOY_SSH_MULTI_CALL
  109. _debug2 DEPLOY_SSH_MULTI_CALL "$DEPLOY_SSH_MULTI_CALL"
  110. if [ "$DEPLOY_SSH_MULTI_CALL" = "yes" ]; then
  111. Le_Deploy_ssh_multi_call="yes"
  112. _savedomainconf Le_Deploy_ssh_multi_call "$Le_Deploy_ssh_multi_call"
  113. elif [ "$DEPLOY_SSH_MULTI_CALL" = "no" ]; then
  114. Le_Deploy_ssh_multi_call=""
  115. _cleardomainconf Le_Deploy_ssh_multi_call
  116. fi
  117. # USE_SCP is optional. If not provided then default to previously saved
  118. # value (which may be undefined... equivalent to "no").
  119. if [ "$DEPLOY_SSH_USE_SCP" = "yes" ]; then
  120. Le_Deploy_ssh_use_scp="yes"
  121. _savedomainconf Le_Deploy_ssh_use_scp "$Le_Deploy_ssh_use_scp"
  122. Le_Deploy_ssh_multi_call="yes"
  123. _savedomainconf Le_Deploy_ssh_multi_call "$Le_Deploy_ssh_multi_call"
  124. elif [ "$DEPLOY_SSH_USE_SCP" = "no" ]; then
  125. Le_Deploy_ssh_use_scp=""
  126. _cleardomainconf Le_Deploy_ssh_use_scp
  127. fi
  128. # SCP_CMD is optional. If not provided then use scp
  129. if [ -n "$DEPLOY_SSH_SCP_CMD" ]; then
  130. Le_Deploy_ssh_scp_cmd="$DEPLOY_SSH_SCP_CMD"
  131. _savedomainconf Le_Deploy_ssh_scp_cmd "$Le_Deploy_ssh_scp_cmd"
  132. elif [ -z "$Le_Deploy_ssh_scp_cmd" ]; then
  133. Le_Deploy_ssh_scp_cmd="scp -T -q "
  134. fi
  135. _deploy_ssh_servers=$Le_Deploy_ssh_server
  136. for Le_Deploy_ssh_server in $_deploy_ssh_servers; do
  137. _ssh_deploy
  138. done
  139. }
  140. _ssh_deploy() {
  141. _err_code=0
  142. _cmdstr=""
  143. _backupprefix=""
  144. _backupdir=""
  145. _local_cert_file=""
  146. _local_ca_file=""
  147. _local_full_file=""
  148. _info "Deploy certificates to remote server $Le_Deploy_ssh_user@$Le_Deploy_ssh_server"
  149. if [ "$Le_Deploy_ssh_use_scp" = "yes" ]; then
  150. _info "Using scp as alternate method for copying files. Multicall Mode is implicit"
  151. Le_Deploy_ssh_multi_call="yes"
  152. _savedomainconf Le_Deploy_ssh_multi_call "$Le_Deploy_ssh_multi_call"
  153. fi
  154. if [ "$Le_Deploy_ssh_multi_call" = "yes" ]; then
  155. _info "Using MULTI_CALL mode... Required commands sent in multiple calls to remote host"
  156. else
  157. _info "Required commands batched and sent in single call to remote host"
  158. fi
  159. if [ "$Le_Deploy_ssh_backup" = "yes" ]; then
  160. _backupprefix="$Le_Deploy_ssh_backup_path/$_cdomain-backup"
  161. _backupdir="$_backupprefix-$(_utc_date | tr ' ' '-')"
  162. # run cleanup on the backup directory, erase all older
  163. # than 180 days (15552000 seconds).
  164. _cmdstr="{ now=\"\$(date -u +%s)\"; for fn in $_backupprefix*; \
  165. do if [ -d \"\$fn\" ] && [ \"\$(expr \$now - \$(date -ur \$fn +%s) )\" -ge \"15552000\" ]; \
  166. then rm -rf \"\$fn\"; echo \"Backup \$fn deleted as older than 180 days\"; fi; done; }; $_cmdstr"
  167. # Alternate version of above... _cmdstr="find $_backupprefix* -type d -mtime +180 2>/dev/null | xargs rm -rf; $_cmdstr"
  168. # Create our backup directory for overwritten cert files.
  169. _cmdstr="mkdir -p $_backupdir; $_cmdstr"
  170. _info "Backup of old certificate files will be placed in remote directory $_backupdir"
  171. _info "Backup directories erased after 180 days."
  172. if [ "$Le_Deploy_ssh_multi_call" = "yes" ]; then
  173. if ! _ssh_remote_cmd "$_cmdstr"; then
  174. return $_err_code
  175. fi
  176. _cmdstr=""
  177. fi
  178. fi
  179. # KEYFILE is optional.
  180. # If provided then private key will be copied to provided filename.
  181. _getdeployconf DEPLOY_SSH_KEYFILE
  182. _debug2 DEPLOY_SSH_KEYFILE "$DEPLOY_SSH_KEYFILE"
  183. if [ -n "$DEPLOY_SSH_KEYFILE" ]; then
  184. Le_Deploy_ssh_keyfile="$DEPLOY_SSH_KEYFILE"
  185. _savedomainconf Le_Deploy_ssh_keyfile "$Le_Deploy_ssh_keyfile"
  186. fi
  187. if [ -n "$Le_Deploy_ssh_keyfile" ]; then
  188. if [ "$Le_Deploy_ssh_backup" = "yes" ]; then
  189. # backup file we are about to overwrite.
  190. _cmdstr="$_cmdstr cp $Le_Deploy_ssh_keyfile $_backupdir >/dev/null;"
  191. if [ "$Le_Deploy_ssh_multi_call" = "yes" ]; then
  192. if ! _ssh_remote_cmd "$_cmdstr"; then
  193. return $_err_code
  194. fi
  195. _cmdstr=""
  196. fi
  197. fi
  198. # copy new key into file.
  199. if [ "$Le_Deploy_ssh_use_scp" = "yes" ]; then
  200. # scp the file
  201. if ! _scp_remote_cmd "$_ckey" "$Le_Deploy_ssh_keyfile"; then
  202. return $_err_code
  203. fi
  204. else
  205. _cmdstr="$_cmdstr echo \"$(cat "$_ckey")\" > $Le_Deploy_ssh_keyfile;"
  206. _info "will copy private key to remote file $Le_Deploy_ssh_keyfile"
  207. if [ "$Le_Deploy_ssh_multi_call" = "yes" ]; then
  208. if ! _ssh_remote_cmd "$_cmdstr"; then
  209. return $_err_code
  210. fi
  211. _cmdstr=""
  212. fi
  213. fi
  214. fi
  215. # CERTFILE is optional.
  216. # If provided then certificate will be copied or appended to provided filename.
  217. _getdeployconf DEPLOY_SSH_CERTFILE
  218. _debug2 DEPLOY_SSH_CERTFILE "$DEPLOY_SSH_CERTFILE"
  219. if [ -n "$DEPLOY_SSH_CERTFILE" ]; then
  220. Le_Deploy_ssh_certfile="$DEPLOY_SSH_CERTFILE"
  221. _savedomainconf Le_Deploy_ssh_certfile "$Le_Deploy_ssh_certfile"
  222. fi
  223. if [ -n "$Le_Deploy_ssh_certfile" ]; then
  224. _pipe=">"
  225. if [ "$Le_Deploy_ssh_certfile" = "$Le_Deploy_ssh_keyfile" ]; then
  226. # if filename is same as previous file then append.
  227. _pipe=">>"
  228. _local_cert_file=$(_mktemp)
  229. cat "$_ckey" >"$_local_cert_file"
  230. cat "$_ccert" >>"$_local_cert_file"
  231. elif [ "$Le_Deploy_ssh_backup" = "yes" ]; then
  232. # backup file we are about to overwrite.
  233. _cmdstr="$_cmdstr cp $Le_Deploy_ssh_certfile $_backupdir >/dev/null;"
  234. if [ "$Le_Deploy_ssh_multi_call" = "yes" ]; then
  235. if ! _ssh_remote_cmd "$_cmdstr"; then
  236. return $_err_code
  237. fi
  238. _cmdstr=""
  239. fi
  240. fi
  241. if [ "$Le_Deploy_ssh_use_scp" = "yes" ]; then
  242. if [ -n "$_local_cert_file" ]; then
  243. if ! _scp_remote_cmd "$_local_cert_file" "$Le_Deploy_ssh_certfile"; then
  244. return $_err_code
  245. fi
  246. else
  247. if ! _scp_remote_cmd "$_ccert" "$Le_Deploy_ssh_certfile"; then
  248. return $_err_code
  249. fi
  250. fi
  251. else
  252. # copy new certificate into file.
  253. _cmdstr="$_cmdstr echo \"$(cat "$_ccert")\" $_pipe $Le_Deploy_ssh_certfile;"
  254. _info "will copy certificate to remote file $Le_Deploy_ssh_certfile"
  255. if [ "$Le_Deploy_ssh_multi_call" = "yes" ]; then
  256. if ! _ssh_remote_cmd "$_cmdstr"; then
  257. return $_err_code
  258. fi
  259. _cmdstr=""
  260. fi
  261. fi
  262. fi
  263. # CAFILE is optional.
  264. # If provided then CA intermediate certificate will be copied or appended to provided filename.
  265. _getdeployconf DEPLOY_SSH_CAFILE
  266. _debug2 DEPLOY_SSH_CAFILE "$DEPLOY_SSH_CAFILE"
  267. if [ -n "$DEPLOY_SSH_CAFILE" ]; then
  268. Le_Deploy_ssh_cafile="$DEPLOY_SSH_CAFILE"
  269. _savedomainconf Le_Deploy_ssh_cafile "$Le_Deploy_ssh_cafile"
  270. fi
  271. if [ -n "$Le_Deploy_ssh_cafile" ]; then
  272. _pipe=">"
  273. if [ "$Le_Deploy_ssh_cafile" = "$Le_Deploy_ssh_keyfile" ] ||
  274. [ "$Le_Deploy_ssh_cafile" = "$Le_Deploy_ssh_certfile" ]; then
  275. # if filename is same as previous file then append.
  276. _pipe=">>"
  277. _local_ca_file=$(_mktemp)
  278. if [ "$Le_Deploy_ssh_cafile" = "$Le_Deploy_ssh_keyfile" ]; then
  279. cat "$_ckey" >>"$_local_ca_file"
  280. fi
  281. if [ "$Le_Deploy_ssh_cafile" = "$Le_Deploy_ssh_certfile" ]; then
  282. cat "$_ccert" >>"$_local_ca_file"
  283. fi
  284. cat "$_cca" >>"$_local_ca_file"
  285. elif [ "$Le_Deploy_ssh_backup" = "yes" ]; then
  286. # backup file we are about to overwrite.
  287. _cmdstr="$_cmdstr cp $Le_Deploy_ssh_cafile $_backupdir >/dev/null;"
  288. if [ "$Le_Deploy_ssh_multi_call" = "yes" ]; then
  289. if ! _ssh_remote_cmd "$_cmdstr"; then
  290. return $_err_code
  291. fi
  292. _cmdstr=""
  293. fi
  294. fi
  295. if [ "$Le_Deploy_ssh_use_scp" = "yes" ]; then
  296. if [ -n "$_local_ca_file" ]; then
  297. if ! _scp_remote_cmd "$_local_ca_file" "$Le_Deploy_ssh_cafile"; then
  298. return $_err_code
  299. fi
  300. else
  301. if ! _scp_remote_cmd "$_cca" "$Le_Deploy_ssh_cafile"; then
  302. return $_err_code
  303. fi
  304. fi
  305. else
  306. # copy new certificate into file.
  307. _cmdstr="$_cmdstr echo \"$(cat "$_cca")\" $_pipe $Le_Deploy_ssh_cafile;"
  308. _info "will copy CA file to remote file $Le_Deploy_ssh_cafile"
  309. if [ "$Le_Deploy_ssh_multi_call" = "yes" ]; then
  310. if ! _ssh_remote_cmd "$_cmdstr"; then
  311. return $_err_code
  312. fi
  313. _cmdstr=""
  314. fi
  315. fi
  316. fi
  317. # FULLCHAIN is optional.
  318. # If provided then fullchain certificate will be copied or appended to provided filename.
  319. _getdeployconf DEPLOY_SSH_FULLCHAIN
  320. _debug2 DEPLOY_SSH_FULLCHAIN "$DEPLOY_SSH_FULLCHAIN"
  321. if [ -n "$DEPLOY_SSH_FULLCHAIN" ]; then
  322. Le_Deploy_ssh_fullchain="$DEPLOY_SSH_FULLCHAIN"
  323. _savedomainconf Le_Deploy_ssh_fullchain "$Le_Deploy_ssh_fullchain"
  324. fi
  325. if [ -n "$Le_Deploy_ssh_fullchain" ]; then
  326. _pipe=">"
  327. if [ "$Le_Deploy_ssh_fullchain" = "$Le_Deploy_ssh_keyfile" ] ||
  328. [ "$Le_Deploy_ssh_fullchain" = "$Le_Deploy_ssh_certfile" ] ||
  329. [ "$Le_Deploy_ssh_fullchain" = "$Le_Deploy_ssh_cafile" ]; then
  330. # if filename is same as previous file then append.
  331. _pipe=">>"
  332. _local_full_file=$(_mktemp)
  333. if [ "$Le_Deploy_ssh_fullchain" = "$Le_Deploy_ssh_keyfile" ]; then
  334. cat "$_ckey" >>"$_local_full_file"
  335. fi
  336. if [ "$Le_Deploy_ssh_fullchain" = "$Le_Deploy_ssh_certfile" ]; then
  337. cat "$_ccert" >>"$_local_full_file"
  338. fi
  339. if [ "$Le_Deploy_ssh_fullchain" = "$Le_Deploy_ssh_cafile" ]; then
  340. cat "$_cca" >>"$_local_full_file"
  341. fi
  342. cat "$_cfullchain" >>"$_local_full_file"
  343. elif [ "$Le_Deploy_ssh_backup" = "yes" ]; then
  344. # backup file we are about to overwrite.
  345. _cmdstr="$_cmdstr cp $Le_Deploy_ssh_fullchain $_backupdir >/dev/null;"
  346. if [ "$Le_Deploy_ssh_multi_call" = "yes" ]; then
  347. if ! _ssh_remote_cmd "$_cmdstr"; then
  348. return $_err_code
  349. fi
  350. _cmdstr=""
  351. fi
  352. fi
  353. if [ "$Le_Deploy_ssh_use_scp" = "yes" ]; then
  354. if [ -n "$_local_full_file" ]; then
  355. if ! _scp_remote_cmd "$_local_full_file" "$Le_Deploy_ssh_fullchain"; then
  356. return $_err_code
  357. fi
  358. else
  359. if ! _scp_remote_cmd "$_cfullchain" "$Le_Deploy_ssh_fullchain"; then
  360. return $_err_code
  361. fi
  362. fi
  363. else
  364. # copy new certificate into file.
  365. _cmdstr="$_cmdstr echo \"$(cat "$_cfullchain")\" $_pipe $Le_Deploy_ssh_fullchain;"
  366. _info "will copy fullchain to remote file $Le_Deploy_ssh_fullchain"
  367. if [ "$Le_Deploy_ssh_multi_call" = "yes" ]; then
  368. if ! _ssh_remote_cmd "$_cmdstr"; then
  369. return $_err_code
  370. fi
  371. _cmdstr=""
  372. fi
  373. fi
  374. fi
  375. # cleanup local files if any
  376. if [ -n "$_local_cert_file" ]; then
  377. rm "$_local_cert_file" >/dev/null 1>&2
  378. fi
  379. if [ -n "$_local_ca_file" ]; then
  380. rm "$_local_ca_file" >/dev/null 1>&2
  381. fi
  382. if [ -n "$_local_full_file" ]; then
  383. rm "$_local_full_file" >/dev/null 1>&2
  384. fi
  385. # REMOTE_CMD is optional.
  386. # If provided then this command will be executed on remote host.
  387. _getdeployconf DEPLOY_SSH_REMOTE_CMD
  388. _debug2 DEPLOY_SSH_REMOTE_CMD "$DEPLOY_SSH_REMOTE_CMD"
  389. if [ -n "$DEPLOY_SSH_REMOTE_CMD" ]; then
  390. Le_Deploy_ssh_remote_cmd="$DEPLOY_SSH_REMOTE_CMD"
  391. _savedomainconf Le_Deploy_ssh_remote_cmd "$Le_Deploy_ssh_remote_cmd"
  392. fi
  393. if [ -n "$Le_Deploy_ssh_remote_cmd" ]; then
  394. _cmdstr="$_cmdstr $Le_Deploy_ssh_remote_cmd;"
  395. _info "Will execute remote command $Le_Deploy_ssh_remote_cmd"
  396. if [ "$Le_Deploy_ssh_multi_call" = "yes" ]; then
  397. if ! _ssh_remote_cmd "$_cmdstr"; then
  398. return $_err_code
  399. fi
  400. _cmdstr=""
  401. fi
  402. fi
  403. # if commands not all sent in multiple calls then all commands sent in a single SSH call now...
  404. if [ -n "$_cmdstr" ]; then
  405. if ! _ssh_remote_cmd "$_cmdstr"; then
  406. return $_err_code
  407. fi
  408. fi
  409. # cleanup in case all is ok
  410. return 0
  411. }
  412. #cmd
  413. _ssh_remote_cmd() {
  414. _cmd="$1"
  415. _secure_debug "Remote commands to execute: $_cmd"
  416. _info "Submitting sequence of commands to remote server by ssh"
  417. # quotations in bash cmd below intended. Squash travis spellcheck error
  418. # shellcheck disable=SC2029
  419. $Le_Deploy_ssh_cmd "$Le_Deploy_ssh_user@$Le_Deploy_ssh_server" sh -c "'$_cmd'"
  420. _err_code="$?"
  421. if [ "$_err_code" != "0" ]; then
  422. _err "Error code $_err_code returned from ssh"
  423. fi
  424. return $_err_code
  425. }
  426. # cmd scp
  427. _scp_remote_cmd() {
  428. _secure_debug "Remote scp source $1 and destination $2 using : $Le_Deploy_ssh_scp_cmd"
  429. _info "Submitting secure copy command : $Le_Deploy_ssh_scp_cmd"
  430. $Le_Deploy_ssh_scp_cmd "$1" "$Le_Deploy_ssh_user"@"$Le_Deploy_ssh_server":"$2"
  431. _err_code="$?"
  432. if [ "$_err_code" != "0" ]; then
  433. _err "Error code $_err_code returned from scp"
  434. fi
  435. return $_err_code
  436. }