Browse Source
Create ssh_cpanel
Create ssh_cpanel
Deploys to a remote cPanel server by using SSH to connect then calling UAPI functionspull/2025/head
Hambone68
6 years ago
committed by
GitHub
GitHub
No known key found for this signature in database
GPG Key ID: 4AEE18F83AFDEB23
1 changed files with 118 additions and 0 deletions
@ -0,0 +1,118 @@ |
|||||
|
#!/usr/bin/env sh |
||||
|
|
||||
|
# Script to deploy certificates to remote cPanel server by SSH |
||||
|
# This is a rough mashup of deploy/ssh.sh and deploy/cpanel_uapi.sh |
||||
|
# Note that SSH must be able to login to remote host without a password... |
||||
|
# SSH Keys must have been exchanged with the remote host. Validate and |
||||
|
# test that you can login to USER@SERVER from the host running acme.sh before |
||||
|
# using this script. |
||||
|
# |
||||
|
# The following variables exported from environment will be used. |
||||
|
# If not set then values previously saved in domain.conf file are used. |
||||
|
# |
||||
|
# Only a username is required. All others are optional. |
||||
|
# |
||||
|
# export DEPLOY_SSH_CPANEL_USER="admin" # required |
||||
|
# export DEPLOY_SSH_CPANEL_CMD="ssh -i /path/to/key" # defaults to ssh |
||||
|
# export DEPLOY_SSH_CPANEL_SERVER="server.example.com" # defaults to domain name |
||||
|
# export DEPLOY_SSH_CPANEL_UAPIUSER="cPanelUserName" # defaults to DEPLOY_SSH_CPANEL_USER |
||||
|
######## Public functions ##################### |
||||
|
|
||||
|
#domain keyfile certfile cafile fullchain |
||||
|
ssh_cpanel_deploy() { |
||||
|
_cdomain="$1" |
||||
|
_ckey="$2" |
||||
|
_ccert="$3" |
||||
|
_cca="$4" |
||||
|
_cfullchain="$5" |
||||
|
_cmdstr="" |
||||
|
|
||||
|
if [ -f "$DOMAIN_CONF" ]; then |
||||
|
# shellcheck disable=SC1090 |
||||
|
. "$DOMAIN_CONF" |
||||
|
fi |
||||
|
|
||||
|
_debug _cdomain "$_cdomain" |
||||
|
_debug _ckey "$_ckey" |
||||
|
_debug _ccert "$_ccert" |
||||
|
_debug _cca "$_cca" |
||||
|
_debug _cfullchain "$_cfullchain" |
||||
|
|
||||
|
# USER is required to login by SSH to remote host. |
||||
|
if [ -z "$DEPLOY_SSH_CPANEL_USER" ]; then |
||||
|
if [ -z "$Le_Deploy_ssh_cpanel_user" ]; then |
||||
|
_err "DEPLOY_SSH_CPANEL_USER not defined." |
||||
|
return 1 |
||||
|
fi |
||||
|
else |
||||
|
Le_Deploy_ssh_cpanel_user="$DEPLOY_SSH_CPANEL_USER" |
||||
|
_savedomainconf Le_Deploy_ssh_cpanel_user "$Le_Deploy_ssh_cpanel_user" |
||||
|
fi |
||||
|
|
||||
|
# UAPIUSER is optional. If not provided then use DEPLOY_SSH_CPANEL_USER |
||||
|
if [ -z "$DEPLOY_SSH_CPANEL_UAPIUSER" ]; then |
||||
|
if [ -z "$Le_Deploy_ssh_cpanel_uapiuser" ]; then |
||||
|
Le_Deploy_ssh_cpanel_uapiuser="$Le_Deploy_ssh_cpanel_user" |
||||
|
fi |
||||
|
else |
||||
|
Le_Deploy_ssh_cpanel_uapiuser="$DEPLOY_SSH_CPANEL_UAPIUSER" |
||||
|
_savedomainconf Le_Deploy_ssh_cpanel_uapiuser "$Le_Deploy_ssh_cpanel_uapiuser" |
||||
|
fi |
||||
|
|
||||
|
# SERVER is optional. If not provided then use _cdomain |
||||
|
if [ -n "$DEPLOY_SSH_CPANEL_SERVER" ]; then |
||||
|
Le_Deploy_ssh_cpanel_server="$DEPLOY_SSH_CPANEL_SERVER" |
||||
|
_savedomainconf Le_Deploy_ssh_cpanel_server "$Le_Deploy_ssh_cpanel_server" |
||||
|
elif [ -z "$Le_Deploy_ssh_cpanel_server" ]; then |
||||
|
Le_Deploy_ssh_cpanel_server="$_cdomain" |
||||
|
fi |
||||
|
|
||||
|
# CMD is optional. If not provided then use ssh |
||||
|
if [ -n "$DEPLOY_SSH_CPANEL_CMD" ]; then |
||||
|
Le_Deploy_ssh_cpanel_cmd="$DEPLOY_SSH_CPANEL_CMD" |
||||
|
_savedomainconf Le_Deploy_ssh_cpanel_cmd "$Le_Deploy_ssh_cpanel_cmd" |
||||
|
elif [ -z "$Le_Deploy_ssh_cpanel_cmd" ]; then |
||||
|
Le_Deploy_ssh_cpanel_cmd="ssh" |
||||
|
fi |
||||
|
|
||||
|
_info "Deploy certificates to remote server $Le_Deploy_ssh_cpanel_user@$Le_Deploy_ssh_cpanel_server" |
||||
|
|
||||
|
# read cert and key files and urlencode both |
||||
|
_info "URL Encode Certificate..." |
||||
|
_cert=$(_url_encode <"$_ccert") |
||||
|
|
||||
|
_info "URL Encode Key..." |
||||
|
_key=$(_url_encode <"$_ckey") |
||||
|
|
||||
|
_secure_debug _cert "$_cert" |
||||
|
_secure_debug _key "$_key" |
||||
|
|
||||
|
if [ "$Le_Deploy_ssh_cpanel_uapiuser" = "$Le_Deploy_ssh_cpanel_user" ]; then |
||||
|
_cmdstr="uapi SSL install_ssl domain=\"$_cdomain\" cert=\"$_cert\" key=\"$_key\"" |
||||
|
else |
||||
|
_cmdstr="uapi --user=\"$Le_Deploy_ssh_cpanel_uapiuser\" SSL install_ssl domain=\"$_cdomain\" cert=\"$_cert\" key=\"$_key\"" |
||||
|
fi |
||||
|
|
||||
|
_secure_debug "Remote commands to execute: " "$_cmdstr" |
||||
|
_info "Submitting sequence of commands to remote server by ssh" |
||||
|
# quotations in bash cmd below intended. Squash travis spellcheck error |
||||
|
# shellcheck disable=SC2029 |
||||
|
$Le_Deploy_ssh_cpanel_cmd -T "$Le_Deploy_ssh_cpanel_user@$Le_Deploy_ssh_cpanel_server" sh -c "'$_cmdstr'" |
||||
|
_ret="$?" |
||||
|
|
||||
|
if [ "$_ret" != "0" ]; then |
||||
|
_err "Error code $_ret returned from $Le_Deploy_ssh_cpanel_cmd" |
||||
|
fi |
||||
|
|
||||
|
_error_response="status: 0" |
||||
|
if test "${_ret#*$_error_response}" != "$_ret"; then |
||||
|
_err "Error in deploying certificate:" |
||||
|
_err "$_ret" |
||||
|
return 1 |
||||
|
fi |
||||
|
|
||||
|
_debug ret "$_ret" |
||||
|
_info "Certificate successfully deployed" |
||||
|
return 0 |
||||
|
} |
||||
|
|
||||
Write
Preview
Loading…
Cancel
Save
Reference in new issue