yacloud/acme.sh
1
0
Fork 0
mirror of https://github.com/acmesh-official/acme.sh.git synced 2025-05-10 14:12:43 +00:00
Code Issues Packages Projects Releases Wiki Activity

Change cpanel deployment to use PHP

Browse Source
This commit is contained in:
Lincoln Ramsay 2018-06-09 10:27:34 +10:00
parent 4d1327789e
commit 656fc2dada
1 changed files with 46 additions and 97 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

143
deploy/cpanel.sh
View File

@ -25,113 +25,62 @@ cpanel_deploy() {
_debug _cfullchain "$_cfullchain" _debug _cfullchain "$_cfullchain"
export _ckey _ccert _cdomain export _ckey _ccert _cdomain
# Perl code taken from https://documentation.cpanel.net/display/SDK/Tutorial+-+Call+UAPI%27s+SSL%3A%3Ainstall_ssl+Function+in+Custom+Code # PHP code taken from https://documentation.cpanel.net/display/DD/Tutorial+-+Call+UAPI's+SSL::install_ssl+Function+in+Custom+Code
perl -f <<'END' php <<'END'
# Return errors if Perl experiences problems. <?php
use strict; // Log everything during development.
use warnings; // If you run this on the CLI, set 'display_errors = On' in php.ini.
# Allow my code to perform web requests. error_reporting(E_ALL);
use LWP::UserAgent;
use LWP::Protocol::https;
# Use the correct encoding to prevent wide character warnings.
use Encode;
use utf8;
# Properly decode JSON.
use JSON;
# Function properly with Base64 authentication headers.
use MIME::Base64;
# Authentication information. // Authentication information.
my $username = $ENV{'DEPLOY_CPANEL_USER'}; $username = getenv('DEPLOY_CPANEL_USER');
my $password = $ENV{'DEPLOY_CPANEL_PASSWORD'}; $password = getenv('DEPLOY_CPANEL_PASSWORD');
my $hostname = $ENV{'DEPLOY_CPANEL_HOSTNAME'}; $hostname = getenv('DEPLOY_CPANEL_HOSTNAME');
# The URL for the SSL::install_ssl UAPI function. // The URL for the SSL::install_ssl UAPI function.
my $request = "https://".$hostname."/execute/SSL/install_ssl"; $request = "https://".$hostname."/execute/SSL/install_ssl";
# Required to allow HTTPS connections to unsigned services. // Read in the SSL certificate and key file.
# Services on localhost are always unsigned. $cert = getenv('_ccert');
$ENV{PERL_LWP_SSL_VERIFY_HOSTNAME} = 0; $key = getenv('_ckey');
# Create a useragent object. // Set up the payload to send to the server.
my $ua = LWP::UserAgent->new(); $domain = getenv('_cdomain');
$payload = array(
# Add authentication headers. 'domain' => "$domain",
$ua->default_header( 'cert' => file_get_contents($cert),
'Authorization' => 'Basic ' . MIME::Base64::encode("$username:$password"), 'key' => file_get_contents($key)
); );
# Read in the SSL certificate and key file. // Set up the cURL request object.
my $cert = $ENV{'_ccert'}; $ch = curl_init( $request );
my $key = $ENV{'_ckey'}; curl_setopt( $ch, CURLOPT_HTTPAUTH, CURLAUTH_BASIC );
{ curl_setopt( $ch, CURLOPT_USERPWD, $username . ':' . $password );
local $/; curl_setopt( $ch, CURLOPT_SSL_VERIFYHOST, false );
open ( my $fh, '<', $cert ); curl_setopt( $ch, CURLOPT_SSL_VERIFYPEER, false );
$cert = <$fh>;
close $fh;
open ( $fh, '<', $key ); // Set up a POST request with the payload.
$key = <$fh>; curl_setopt( $ch, CURLOPT_POST, true );
close $fh; curl_setopt( $ch, CURLOPT_POSTFIELDS, $payload );
curl_setopt( $ch, CURLOPT_RETURNTRANSFER, true );
// Make the call, and then terminate the cURL caller object.
$curl_response = curl_exec( $ch );
curl_close( $ch );
// Decode and validate output.
$response = json_decode( $curl_response );
if( empty( $response ) ) {
echo "The cURL call did not return valid JSON:\n";
die( $response );
} elseif ( !$response->status ) {
echo "The cURL call returned valid JSON, but reported errors:\n";
die( $response->errors[0] . "\n" );
} }
my $domain = $ENV{'_cdomain'}; // Print and exit.
die( print_r( $response ) );
# Make the call.
my $response = $ua->post($request,
Content_Type => 'form-data',
Content => [
domain => $domain,
cert => $cert,
key => $key,
],
);
# Create an object to decode the JSON.
# Sorted by keys and pretty-printed.
my $json_printer = JSON->new->pretty->canonical(1);
# UTF-8 encode before decoding to avoid wide character warnings.
my $content = JSON::decode_json(Encode::encode_utf8($response->decoded_content));
# Print output, UTF-8 encoded to avoid wide character warnings.
print Encode::encode_utf8($json_printer->encode($content));
=pod
{
"data" : {
"action" : "none",
"aliases" : [
"mail.example.com"
],
"cert_id" : "example_com_xxx_yyy_zzzzzzzzzzzzzzzzzz",
"domain" : "example.com",
"extra_certificate_domains" : [],
"html" : "<br /><b>This certificate was already installed on this host. The system made no changes.</b><br />\n",
"ip" : "127.0.0.1",
"key_id" : "xxx_yyy_zzzzzzzzzzzzzzzz",
"message" : "This certificate was already installed on this host. The system made no changes.",
"servername" : "example.com",
"status" : 1,
"statusmsg" : "This certificate was already installed on this host. The system made no changes.",
"user" : "username",
"warning_domains" : [
"mail.example.com"
],
"working_domains" : [
"example.com"
]
},
"errors" : null,
"messages" : [
"The certificate was successfully installed on the domain “example.com”."
],
"metadata" : {},
"status" : 1
}
=cut
END END
} }