@ -21,6 +21,7 @@
# export DEPLOY_SSH_FULLCHAIN=""
# export DEPLOY_SSH_FULLCHAIN=""
# export DEPLOY_SSH_REMOTE_CMD="/etc/init.d/stunnel.sh restart"
# export DEPLOY_SSH_REMOTE_CMD="/etc/init.d/stunnel.sh restart"
# export DEPLOY_SSH_BACKUP="" # yes or no, default to yes
# export DEPLOY_SSH_BACKUP="" # yes or no, default to yes
# export DEPLOY_SSH_BATCH_MODE="yes" # yes or no, default to yes
#
#
######## Public functions #####################
######## Public functions #####################
@ -83,7 +84,20 @@ ssh_deploy() {
fi
fi
_savedomainconf Le_Deploy_ssh_backup " $Le_Deploy_ssh_backup "
_savedomainconf Le_Deploy_ssh_backup " $Le_Deploy_ssh_backup "
# BATCH_MODE is optional. If not provided then default to yes
if [ " $DEPLOY_SSH_BATCH_MODE " = "no" ] ; then
Le_Deploy_ssh_batch_mode = "no"
elif [ -z " $Le_Deploy_ssh_batch_mode " ] ; then
Le_Deploy_ssh_batch_mode = "yes"
fi
_savedomainconf Le_Deploy_ssh_batch_mode " $Le_Deploy_ssh_batch_mode "
_info " Deploy certificates to remote server $Le_Deploy_ssh_user @ $Le_Deploy_ssh_server "
_info " Deploy certificates to remote server $Le_Deploy_ssh_user @ $Le_Deploy_ssh_server "
if [ " $Le_Deploy_ssh_batch_mode " = "yes" ] ; then
_info "Using BATCH MODE... Multiple commands sent in single call to remote host"
else
_info "Commands sent individually in multiple calls to remote host"
fi
if [ " $Le_Deploy_ssh_backup " = "yes" ] ; then
if [ " $Le_Deploy_ssh_backup " = "yes" ] ; then
# run cleanup on the backup directory, erase all older
# run cleanup on the backup directory, erase all older
@ -96,6 +110,12 @@ then rm -rf \"\$fn\"; echo \"Backup \$fn deleted as older than 180 days\"; fi; d
_cmdstr = " mkdir -p $_backupdir ; $_cmdstr "
_cmdstr = " mkdir -p $_backupdir ; $_cmdstr "
_info " Backup of old certificate files will be placed in remote directory $_backupdir "
_info " Backup of old certificate files will be placed in remote directory $_backupdir "
_info "Backup directories erased after 180 days."
_info "Backup directories erased after 180 days."
if [ " $Le_Deploy_ssh_batch_mode " = "no" ] ; then
if ! _ssh_remote_cmd " $_cmdstr " ; then
return $_err_code
fi
_cmdstr = ""
fi
fi
fi
# KEYFILE is optional.
# KEYFILE is optional.
@ -112,6 +132,12 @@ then rm -rf \"\$fn\"; echo \"Backup \$fn deleted as older than 180 days\"; fi; d
# copy new certificate into file.
# copy new certificate into file.
_cmdstr = " $_cmdstr echo \" $( cat " $_ckey " ) \" > $Le_Deploy_ssh_keyfile ; "
_cmdstr = " $_cmdstr echo \" $( cat " $_ckey " ) \" > $Le_Deploy_ssh_keyfile ; "
_info " will copy private key to remote file $Le_Deploy_ssh_keyfile "
_info " will copy private key to remote file $Le_Deploy_ssh_keyfile "
if [ " $Le_Deploy_ssh_batch_mode " = "no" ] ; then
if ! _ssh_remote_cmd " $_cmdstr " ; then
return $_err_code
fi
_cmdstr = ""
fi
fi
fi
# CERTFILE is optional.
# CERTFILE is optional.
@ -132,6 +158,12 @@ then rm -rf \"\$fn\"; echo \"Backup \$fn deleted as older than 180 days\"; fi; d
# copy new certificate into file.
# copy new certificate into file.
_cmdstr = " $_cmdstr echo \" $( cat " $_ccert " ) \" $_pipe $Le_Deploy_ssh_certfile ; "
_cmdstr = " $_cmdstr echo \" $( cat " $_ccert " ) \" $_pipe $Le_Deploy_ssh_certfile ; "
_info " will copy certificate to remote file $Le_Deploy_ssh_certfile "
_info " will copy certificate to remote file $Le_Deploy_ssh_certfile "
if [ " $Le_Deploy_ssh_batch_mode " = "no" ] ; then
if ! _ssh_remote_cmd " $_cmdstr " ; then
return $_err_code
fi
_cmdstr = ""
fi
fi
fi
# CAFILE is optional.
# CAFILE is optional.
@ -153,6 +185,12 @@ then rm -rf \"\$fn\"; echo \"Backup \$fn deleted as older than 180 days\"; fi; d
# copy new certificate into file.
# copy new certificate into file.
_cmdstr = " $_cmdstr echo \" $( cat " $_cca " ) \" $_pipe $Le_Deploy_ssh_cafile ; "
_cmdstr = " $_cmdstr echo \" $( cat " $_cca " ) \" $_pipe $Le_Deploy_ssh_cafile ; "
_info " will copy CA file to remote file $Le_Deploy_ssh_cafile "
_info " will copy CA file to remote file $Le_Deploy_ssh_cafile "
if [ " $Le_Deploy_ssh_batch_mode " = "no" ] ; then
if ! _ssh_remote_cmd " $_cmdstr " ; then
return $_err_code
fi
_cmdstr = ""
fi
fi
fi
# FULLCHAIN is optional.
# FULLCHAIN is optional.
@ -175,6 +213,12 @@ then rm -rf \"\$fn\"; echo \"Backup \$fn deleted as older than 180 days\"; fi; d
# copy new certificate into file.
# copy new certificate into file.
_cmdstr = " $_cmdstr echo \" $( cat " $_cfullchain " ) \" $_pipe $Le_Deploy_ssh_fullchain ; "
_cmdstr = " $_cmdstr echo \" $( cat " $_cfullchain " ) \" $_pipe $Le_Deploy_ssh_fullchain ; "
_info " will copy fullchain to remote file $Le_Deploy_ssh_fullchain "
_info " will copy fullchain to remote file $Le_Deploy_ssh_fullchain "
if [ " $Le_Deploy_ssh_batch_mode " = "no" ] ; then
if ! _ssh_remote_cmd " $_cmdstr " ; then
return $_err_code
fi
_cmdstr = ""
fi
fi
fi
# REMOTE_CMD is optional.
# REMOTE_CMD is optional.
@ -186,17 +230,20 @@ then rm -rf \"\$fn\"; echo \"Backup \$fn deleted as older than 180 days\"; fi; d
if [ -n " $Le_Deploy_ssh_remote_cmd " ] ; then
if [ -n " $Le_Deploy_ssh_remote_cmd " ] ; then
_cmdstr = " $_cmdstr $Le_Deploy_ssh_remote_cmd ; "
_cmdstr = " $_cmdstr $Le_Deploy_ssh_remote_cmd ; "
_info " Will execute remote command $Le_Deploy_ssh_remote_cmd "
_info " Will execute remote command $Le_Deploy_ssh_remote_cmd "
if [ " $Le_Deploy_ssh_batch_mode " = "no" ] ; then
if ! _ssh_remote_cmd " $_cmdstr " ; then
return $_err_code
fi
_cmdstr = ""
fi
fi
fi
if [ -z " $_cmdstr " ] ; then
_err "No remote commands to excute. Failed to deploy certificates to remote server"
return 1
fi
if ! _ssh_remote_cmd " $_cmdstr " ; then
return $_err_code
# if running as batch mode then all commands sent in a single SSH call now...
if [ -n " $_cmdstr " ] ; then
if ! _ssh_remote_cmd " $_cmdstr " ; then
return $_err_code
fi
fi
fi
return 0
return 0
}
}